diff options
| author | Matthew Miller <matthew@millerti.me> | 2020-06-07 22:41:57 -0700 |
|---|---|---|
| committer | Matthew Miller <matthew@millerti.me> | 2020-06-07 22:41:57 -0700 |
| commit | 7515c3050803dabfdbf1dc94fc9ff31d791d7d20 (patch) | |
| tree | 81938847899686b95c5b8d5e6574bdeaa4b9ab67 /packages/server/src | |
| parent | 2f0c14cd340226c842dffb087fe5ce9f648fc5ad (diff) | |
Support more COSE algorithms
Diffstat (limited to 'packages/server/src')
| -rw-r--r-- | packages/server/src/attestation/generateAttestationOptions.ts | 15 | ||||
| -rw-r--r-- | packages/server/src/attestation/verifyAttestationResponse.ts | 6 |
2 files changed, 16 insertions, 5 deletions
diff --git a/packages/server/src/attestation/generateAttestationOptions.ts b/packages/server/src/attestation/generateAttestationOptions.ts index 39d6378..e80275f 100644 --- a/packages/server/src/attestation/generateAttestationOptions.ts +++ b/packages/server/src/attestation/generateAttestationOptions.ts @@ -20,7 +20,18 @@ type Options = { // Supported crypto algo identifiers // See https://w3c.github.io/webauthn/#sctn-alg-identifier -export const supportedCOSEAlgorithIdentifiers: COSEAlgorithmIdentifier[] = [-7, -35, -36, -8]; +export const supportedCOSEAlgorithmIdentifiers: COSEAlgorithmIdentifier[] = [ + -7, + -8, + -36, + -37, + -38, + -39, + -257, + -258, + -259, + -65535, +]; /** * Prepare a value to pass into navigator.credentials.create(...) for authenticator "registration" @@ -71,7 +82,7 @@ export default function generateAttestationOptions( name: userName, displayName: userDisplayName, }, - pubKeyCredParams: supportedCOSEAlgorithIdentifiers.map(id => ({ + pubKeyCredParams: supportedCOSEAlgorithmIdentifiers.map(id => ({ alg: id, type: 'public-key', })), diff --git a/packages/server/src/attestation/verifyAttestationResponse.ts b/packages/server/src/attestation/verifyAttestationResponse.ts index 2ebf8d5..40f5d08 100644 --- a/packages/server/src/attestation/verifyAttestationResponse.ts +++ b/packages/server/src/attestation/verifyAttestationResponse.ts @@ -8,7 +8,7 @@ import toHash from '../helpers/toHash'; import decodeCredentialPublicKey from '../helpers/decodeCredentialPublicKey'; import convertCOSEtoPKCS, { COSEKEYS } from '../helpers/convertCOSEtoPKCS'; -import { supportedCOSEAlgorithIdentifiers } from './generateAttestationOptions'; +import { supportedCOSEAlgorithmIdentifiers } from './generateAttestationOptions'; import verifyFIDOU2F from './verifications/verifyFIDOU2F'; import verifyPacked from './verifications/verifyPacked'; import verifyAndroidSafetynet from './verifications/verifyAndroidSafetyNet'; @@ -131,8 +131,8 @@ export default function verifyAttestationResponse(options: Options): VerifiedAtt } // Make sure the key algorithm is one we specified within the attestation options - if (!supportedCOSEAlgorithIdentifiers.includes(alg as number)) { - const supported = supportedCOSEAlgorithIdentifiers.join(', '); + if (!supportedCOSEAlgorithmIdentifiers.includes(alg as number)) { + const supported = supportedCOSEAlgorithmIdentifiers.join(', '); throw new Error(`Unexpected public key alg "${alg}", expected one of "${supported}"`); } |