diff options
| author | Matthew Miller <matthew@millerti.me> | 2021-08-20 08:43:23 -0700 |
|---|---|---|
| committer | Matthew Miller <matthew@millerti.me> | 2021-08-20 08:43:23 -0700 |
| commit | 76e8e3f014f82a6d241102438238b5b5e422824f (patch) | |
| tree | 4a568263c4130fc1bdabe74e2ea75a880e043d2d /packages/server/src | |
| parent | 6cf2fb2076301f9384be6b90e631604196f8295a (diff) | |
Update statement check in verifyPacked
Diffstat (limited to 'packages/server/src')
| -rw-r--r-- | packages/server/src/attestation/verifications/verifyPacked.ts | 6 | ||||
| -rw-r--r-- | packages/server/src/helpers/constants.ts | 15 |
2 files changed, 1 insertions, 20 deletions
diff --git a/packages/server/src/attestation/verifications/verifyPacked.ts b/packages/server/src/attestation/verifications/verifyPacked.ts index dd876c2..c285ec0 100644 --- a/packages/server/src/attestation/verifications/verifyPacked.ts +++ b/packages/server/src/attestation/verifications/verifyPacked.ts @@ -10,7 +10,6 @@ import convertCOSEtoPKCS, { COSEKTY, COSERSASCHEME, } from '../../helpers/convertCOSEtoPKCS'; -import { FIDO_METADATA_ATTESTATION_TYPES } from '../../helpers/constants'; import toHash from '../../helpers/toHash'; import convertCertBufferToPEM from '../../helpers/convertCertBufferToPEM'; import validateCertificatePath from '../../helpers/validateCertificatePath'; @@ -94,10 +93,7 @@ export default async function verifyAttestationPacked( if (statement) { // The presence of x5c means this is a full attestation. Check to see if attestationTypes // includes packed attestations. - if ( - statement.attestationTypes.indexOf(FIDO_METADATA_ATTESTATION_TYPES.ATTESTATION_BASIC_FULL) < - 0 - ) { + if (statement.attestationTypes.indexOf('basic_full') < 0) { throw new Error('Metadata does not indicate support for full attestations (Packed|Full)'); } diff --git a/packages/server/src/helpers/constants.ts b/packages/server/src/helpers/constants.ts index fbcb1bf..77f675e 100644 --- a/packages/server/src/helpers/constants.ts +++ b/packages/server/src/helpers/constants.ts @@ -37,18 +37,3 @@ export const FIDO_METADATA_AUTH_ALG_TO_COSE: { [algKey: number]: COSEInfo } = { // ALG_SIGN_SECP521R1_ECDSA_SHA512_RAW 18: { kty: 1, alg: -8, crv: 6 }, }; - -/** - * A map of ATTESTATION hex values (as unsigned shorts). Values should appear in a metadata - * statement's `attestationTypes` property. - * - * From https://fidoalliance.org/specs/fido-v2.0-rd-20180702/fido-registry-v2.0-rd-20180702.html - * FIDO Registry of Predefined Values - 3.6.3 Authenticator Attestation Types - */ -export enum FIDO_METADATA_ATTESTATION_TYPES { - ATTESTATION_BASIC_FULL = 15879, - // Self attestation - ATTESTATION_BASIC_SURROGATE = 15880, - ATTESTATION_ECDAA = 15881, - ATTESTATION_ATTCA = 15882, -} |