diff options
| -rw-r--r-- | packages/server/src/attestation/verifyAttestationResponse.test.ts | 18 | ||||
| -rw-r--r-- | packages/server/src/attestation/verifyAttestationResponse.ts | 4 |
2 files changed, 12 insertions, 10 deletions
diff --git a/packages/server/src/attestation/verifyAttestationResponse.test.ts b/packages/server/src/attestation/verifyAttestationResponse.test.ts index 801db43..7c77e71 100644 --- a/packages/server/src/attestation/verifyAttestationResponse.test.ts +++ b/packages/server/src/attestation/verifyAttestationResponse.test.ts @@ -45,7 +45,7 @@ test('should verify FIDO U2F attestation', async () => { expect(verification.authenticatorInfo?.fmt).toEqual('fido-u2f'); expect(verification.authenticatorInfo?.counter).toEqual(0); expect(verification.authenticatorInfo?.base64PublicKey).toEqual( - 'BMiRyw5pUoMhBjCrcQND6lJPaRHA0f-XWcKBb5ZwWk1eFJu6aan4o7epl6qa9n9T-6KsIMvZE2PcTnLj8rN58is', + 'pQECAyYgASFYIMiRyw5pUoMhBjCrcQND6lJPaRHA0f-XWcKBb5ZwWk1eIlggFJu6aan4o7epl6qa9n9T-6KsIMvZE2PcTnLj8rN58is', ); expect(verification.authenticatorInfo?.base64CredentialID).toEqual( 'VHzbxaYaJu2P8m1Y2iHn2gRNHrgK0iYbn9E978L3Qi7Q-chFeicIHwYCRophz5lth2nCgEVKcgWirxlgidgbUQ', @@ -64,7 +64,7 @@ test('should verify Packed (EC2) attestation', async () => { expect(verification.authenticatorInfo?.fmt).toEqual('packed'); expect(verification.authenticatorInfo?.counter).toEqual(1589874425); expect(verification.authenticatorInfo?.base64PublicKey).toEqual( - 'BEoxVVqK-oIGmqoDEyO4KjmMx5R2HeMM4LQQXh8sE01PtzuuoMN5fWnAIuuXdlfshOGu1k3ApBUtDJ8eKiuo_6c', + 'pQECAyYgASFYIEoxVVqK-oIGmqoDEyO4KjmMx5R2HeMM4LQQXh8sE01PIlggtzuuoMN5fWnAIuuXdlfshOGu1k3ApBUtDJ8eKiuo_6c', ); expect(verification.authenticatorInfo?.base64CredentialID).toEqual( 'AYThY1csINY4JrbHyGmqTl1nL_F1zjAF3hSAIngz8kAcjugmAMNVvxZRwqpEH-bNHHAIv291OX5ko9eDf_5mu3U' + @@ -84,7 +84,7 @@ test('should verify Packed (X5C) attestation', async () => { expect(verification.authenticatorInfo?.fmt).toEqual('packed'); expect(verification.authenticatorInfo?.counter).toEqual(28); expect(verification.authenticatorInfo?.base64PublicKey).toEqual( - 'BGwlsYCNyRb4AD9cyTw6cH5VS-uzflmmO1UldGGe9eIavadzKD8p6wKLjgYfxRxldjCMGRV0YyM13osWbKIPrF8', + 'pQECAyYgASFYIGwlsYCNyRb4AD9cyTw6cH5VS-uzflmmO1UldGGe9eIaIlggvadzKD8p6wKLjgYfxRxldjCMGRV0YyM13osWbKIPrF8', ); expect(verification.authenticatorInfo?.base64CredentialID).toEqual( '4rrvMciHCkdLQ2HghazIp1sMc8TmV8W8RgoX-x8tqV_1AmlqWACqUK8mBGLandr-htduQKPzgb2yWxOFV56Tlg', @@ -103,7 +103,7 @@ test('should verify None attestation', async () => { expect(verification.authenticatorInfo?.fmt).toEqual('none'); expect(verification.authenticatorInfo?.counter).toEqual(0); expect(verification.authenticatorInfo?.base64PublicKey).toEqual( - 'BD5PQTZQQg6haZFQWFzqfAOyQ_ENsMH8xxQ4GRiNPsqrU8IVUOV8qpgk_Jh-OTaLuZL52KdX1fTht07X4DiQPow', + 'pQECAyYgASFYID5PQTZQQg6haZFQWFzqfAOyQ_ENsMH8xxQ4GRiNPsqrIlggU8IVUOV8qpgk_Jh-OTaLuZL52KdX1fTht07X4DiQPow', ); expect(verification.authenticatorInfo?.base64CredentialID).toEqual( 'AdKXJEch1aV5Wo7bj7qLHskVY4OoNaj9qu8TPdJ7kSAgUeRxWNngXlcNIGt4gexZGKVGcqZpqqWordXb_he1izY', @@ -340,7 +340,9 @@ test('should validate TPM RSA response (SHA256)', async () => { expect(verification.verified).toEqual(true); expect(verification.authenticatorInfo?.fmt).toEqual('tpm'); expect(verification.authenticatorInfo?.counter).toEqual(30); - expect(verification.authenticatorInfo?.base64PublicKey).toEqual('BAEAAQ'); + expect(verification.authenticatorInfo?.base64PublicKey).toEqual( + 'pAEDAzkBACBZAQCtxzw59Wsl8xWP97wPTu2TSDlushwshL8GedHAHO1R62m3nNy21hCLJlQabfLepRUQ_v9mq3PCmV81tBSqtRGU5_YlK0R2yeu756SnT39c6hKC3PBPt_xdjL_ccz4H_73DunfB63QZOtdeAsswV7WPLqMARofuM-LQ_LHnNguCypDcxhADuUqQtogfwZsknTVIPxzGcfqnQ7ERF9D9AOWIQ8YjOsTi_B2zS8SOySKIFUGwwYcPG7DiCE-QJcI-fpydRDnEq6UxbkYgB7XK4BlmPKlwuXkBDX9egl_Ma4B7W2WJvYbKevu6Z8Kc5y-OITpNVDYKbBK3qKyh4yIUpB1NIUMBAAE', + ); expect(verification.authenticatorInfo?.base64CredentialID).toEqual( 'lGkWHPe88VpnNYgVBxzon_MRR9-gmgODveQ16uM_bPM', ); @@ -368,7 +370,9 @@ test('should validate TPM RSA response (SHA1)', async () => { expect(verification.verified).toEqual(true); expect(verification.authenticatorInfo?.fmt).toEqual('tpm'); expect(verification.authenticatorInfo?.counter).toEqual(97); - expect(verification.authenticatorInfo?.base64PublicKey).toEqual('BAEAAQ'); + expect(verification.authenticatorInfo?.base64PublicKey).toEqual( + 'pAEDAzn__iBZAQCzl_wD24PZ5z-po2FrwoQVdd13got_CkL8p4B_NvJBC5OwAYKDilii_wj-0CA8ManbpSInx9Tdnz6t91OhudwUT0-W_BHSLK_MqFcjZWrR5LYVmVpz1EgH3DrOTra4AlogEq2D2CYktPrPe7joE-oT3vAYXK8vzQDLRyaxI_Z1qS4KLlLCdajW8PGpw1YRjMDw6s69GZU8mXkgNPMCUh1TZ1bnCvJTO9fnmLjDjqdQGRU4bWo8tFjCL8g1-2WD_2n0-twt6n-Uox5VnR1dQJG4awMlanBCkGGpOb3WBDQ8K10YJJ2evPhJKGJahBvu2Dxmq6pLCAXCv0ma3EHj-PmDIUMBAAE', + ); expect(verification.authenticatorInfo?.base64CredentialID).toEqual( 'oELnad0f6-g2BtzEn_78iLNoubarlq0xFtOtAMXnflU', ); @@ -397,7 +401,7 @@ test('should validate Android-Key response', async () => { expect(verification.authenticatorInfo?.fmt).toEqual('android-key'); expect(verification.authenticatorInfo?.counter).toEqual(108); expect(verification.authenticatorInfo?.base64PublicKey).toEqual( - 'BEjCq7woGNN_42rbaqMgJvz0nuKTWNRrR29lMX3J239o6IcAXqPJPIjSrClHDAmbJv_EShYhYq0R9-G3k744n7Y', + 'pQECAyYgASFYIEjCq7woGNN_42rbaqMgJvz0nuKTWNRrR29lMX3J239oIlgg6IcAXqPJPIjSrClHDAmbJv_EShYhYq0R9-G3k744n7Y', ); expect(verification.authenticatorInfo?.base64CredentialID).toEqual( 'PPa1spYTB680cQq5q6qBtFuPLLdG1FQ73EastkT8n0o', diff --git a/packages/server/src/attestation/verifyAttestationResponse.ts b/packages/server/src/attestation/verifyAttestationResponse.ts index 1fae041..65fe7f8 100644 --- a/packages/server/src/attestation/verifyAttestationResponse.ts +++ b/packages/server/src/attestation/verifyAttestationResponse.ts @@ -211,12 +211,10 @@ export default async function verifyAttestationResponse( if (toReturn.verified) { toReturn.userVerified = flags.uv; - const publicKey = convertCOSEtoPKCS(credentialPublicKey); - toReturn.authenticatorInfo = { fmt, counter, - base64PublicKey: base64url.encode(publicKey), + base64PublicKey: base64url.encode(credentialPublicKey), base64CredentialID: base64url.encode(credentialID), }; } |