diff options
| author | Matthew Miller <matthew@millerti.me> | 2021-08-20 08:36:25 -0700 |
|---|---|---|
| committer | Matthew Miller <matthew@millerti.me> | 2021-08-20 08:36:25 -0700 |
| commit | caabb15b106abf7336d9577ddd5cbcf477f99fd4 (patch) | |
| tree | a3c9f8493699de4e4f592edea86cbfaf0b87c28b /packages/server/src | |
| parent | 52cff21978da7793094e3f0b3c84c4cb37f33a8b (diff) | |
Update SettingsService to handle MDS root cert
Diffstat (limited to 'packages/server/src')
| -rw-r--r-- | packages/server/src/services/settingsService.ts | 22 |
1 files changed, 12 insertions, 10 deletions
diff --git a/packages/server/src/services/settingsService.ts b/packages/server/src/services/settingsService.ts index 7f74223..e8cd9f9 100644 --- a/packages/server/src/services/settingsService.ts +++ b/packages/server/src/services/settingsService.ts @@ -10,7 +10,7 @@ import { Apple_WebAuthn_Root_CA } from './defaultRootCerts/apple'; class SettingsService { // Certificates are stored as PEM-formatted strings - private pemCertificates: Map<AttestationFormat, string[]>; + private pemCertificates: Map<RootCertIdentifier, string[]>; constructor() { this.pemCertificates = new Map(); @@ -24,10 +24,10 @@ class SettingsService { * `Buffer` is passed in it will be converted to PEM format. */ setRootCertificates(opts: { - attestationFormat: AttestationFormat; + identifier: RootCertIdentifier; certificates: (Buffer | string)[]; }): void { - const { attestationFormat, certificates } = opts; + const { identifier, certificates } = opts; const newCertificates: string[] = []; for (const cert of certificates) { @@ -38,15 +38,15 @@ class SettingsService { } } - this.pemCertificates.set(attestationFormat, newCertificates); + this.pemCertificates.set(identifier, newCertificates); } /** * Get any registered root certificates for the specified attestation format */ - getRootCertificates(opts: { attestationFormat: AttestationFormat }): string[] { - const { attestationFormat } = opts; - return this.pemCertificates.get(attestationFormat) ?? []; + getRootCertificates(opts: { identifier: RootCertIdentifier }): string[] { + const { identifier } = opts; + return this.pemCertificates.get(identifier) ?? []; } } @@ -54,18 +54,20 @@ const settingsService = new SettingsService(); // Initialize default certificates settingsService.setRootCertificates({ - attestationFormat: 'android-key', + identifier: 'android-key', certificates: [Google_Hardware_Attestation_Root_1, Google_Hardware_Attestation_Root_2], }); settingsService.setRootCertificates({ - attestationFormat: 'android-safetynet', + identifier: 'android-safetynet', certificates: [GlobalSign_R2, GlobalSign_Root_CA], }); settingsService.setRootCertificates({ - attestationFormat: 'apple', + identifier: 'apple', certificates: [Apple_WebAuthn_Root_CA], }); +type RootCertIdentifier = AttestationFormat | 'mds'; + export default settingsService; |