Shorten list of default public key algs

author: Matthew Miller <matthew@millerti.me> 2023-02-16 09:06:03 -0800
committer: Matthew Miller <matthew@millerti.me> 2023-02-16 09:06:03 -0800
commit: ce123d40e6d0b2dbe4c955e1b9cc05212e24dbfe (patch)
tree: 84647ecda443549e5be0faaf5b66a2648200d6c5 /packages/server/src
parent: 7a70821c47fb958445d8b6735ef364c1ae5d9a61 (diff)
1 files changed, 5 insertions, 3 deletions
diff --git a/packages/server/src/registration/generateRegistrationOptions.ts b/packages/server/src/registration/generateRegistrationOptions.ts
index 71cd51f..d8e0967 100644
--- a/packages/server/src/registration/generateRegistrationOptions.ts
+++ b/packages/server/src/registration/generateRegistrationOptions.ts
@@ -67,10 +67,12 @@ const defaultAuthenticatorSelection: AuthenticatorSelectionCriteria = {
 };
 
 /**
- * Filter out known bad/deprecated/etc... algorithm ID's so they're not used for new attestations.
- * See https://www.iana.org/assignments/cose/cose.xhtml#algorithms
+ * Use the most commonly-supported algorithms
+ * See the following:
+ *   - https://www.iana.org/assignments/cose/cose.xhtml#algorithms
+ *   - https://w3c.github.io/webauthn/#dom-publickeycredentialcreationoptions-pubkeycredparams
  */
-const defaultSupportedAlgorithmIDs = supportedCOSEAlgorithmIdentifiers.filter(id => id !== -65535);
+const defaultSupportedAlgorithmIDs: COSEAlgorithmIdentifier[] = [-8, -7, -257];
 
 /**
  * Prepare a value to pass into navigator.credentials.create(...) for authenticator "registration"
author	Matthew Miller <matthew@millerti.me>	2023-02-16 09:06:03 -0800
committer	Matthew Miller <matthew@millerti.me>	2023-02-16 09:06:03 -0800
commit	ce123d40e6d0b2dbe4c955e1b9cc05212e24dbfe (patch)
tree	84647ecda443549e5be0faaf5b66a2648200d6c5 /packages/server/src
parent	7a70821c47fb958445d8b6735ef364c1ae5d9a61 (diff)