summaryrefslogtreecommitdiffhomepage
path: root/packages/server/src
diff options
context:
space:
mode:
Diffstat (limited to 'packages/server/src')
-rw-r--r--packages/server/src/helpers/convertPublicKeyToPEM.test.ts4
-rw-r--r--packages/server/src/helpers/convertPublicKeyToPEM.ts3
-rw-r--r--packages/server/src/helpers/decodeCbor.ts14
-rw-r--r--packages/server/src/metadata/verifyAttestationWithMetadata.ts3
-rw-r--r--packages/server/src/registration/verifications/tpm/verifyTPM.ts6
-rw-r--r--packages/server/src/registration/verifications/verifyAndroidKey.ts6
-rw-r--r--packages/server/src/registration/verifications/verifyAndroidSafetyNet.ts6
-rw-r--r--packages/server/src/registration/verifications/verifyApple.ts3
-rw-r--r--packages/server/src/registration/verifications/verifyFIDOU2F.ts3
-rw-r--r--packages/server/src/registration/verifications/verifyPacked.ts6
10 files changed, 38 insertions, 16 deletions
diff --git a/packages/server/src/helpers/convertPublicKeyToPEM.test.ts b/packages/server/src/helpers/convertPublicKeyToPEM.test.ts
index b67299b..1e8edd2 100644
--- a/packages/server/src/helpers/convertPublicKeyToPEM.test.ts
+++ b/packages/server/src/helpers/convertPublicKeyToPEM.test.ts
@@ -61,7 +61,7 @@ test('should return pem when input is base64URLString', () => {
try {
convertPublicKeyToPEM(input);
} catch(err) {
- expect(err.message).toEqual("Public key was missing kty");
+ expect((err as Error).message).toEqual("Public key was missing kty");
}
});
@@ -76,6 +76,6 @@ test('should return pem when input is base64URLString', () => {
try {
convertPublicKeyToPEM(input);
} catch(err) {
- expect(err.message).toEqual("Could not convert public key type 1 to PEM");
+ expect((err as Error).message).toEqual("Could not convert public key type 1 to PEM");
}
});
diff --git a/packages/server/src/helpers/convertPublicKeyToPEM.ts b/packages/server/src/helpers/convertPublicKeyToPEM.ts
index 9be1e0a..091f68e 100644
--- a/packages/server/src/helpers/convertPublicKeyToPEM.ts
+++ b/packages/server/src/helpers/convertPublicKeyToPEM.ts
@@ -8,7 +8,8 @@ export default function convertPublicKeyToPEM(publicKey: Buffer): string {
try {
struct = cbor.decodeAllSync(publicKey)[0];
} catch (err) {
- throw new Error(`Error decoding public key while converting to PEM: ${err.message}`);
+ const _err = err as Error;
+ throw new Error(`Error decoding public key while converting to PEM: ${_err.message}`);
}
const kty = struct.get(COSEKEYS.kty);
diff --git a/packages/server/src/helpers/decodeCbor.ts b/packages/server/src/helpers/decodeCbor.ts
index aa489e8..37e8ab2 100644
--- a/packages/server/src/helpers/decodeCbor.ts
+++ b/packages/server/src/helpers/decodeCbor.ts
@@ -5,10 +5,20 @@ export function decodeCborFirst(input: string | Buffer | ArrayBufferView): any {
// throws if there are extra bytes
return cbor.decodeFirstSync(input);
} catch (err) {
+ const _err = err as CborDecoderError;
// if the error was due to extra bytes, return the unpacked value
- if (err.value) {
- return err.value;
+ if (_err.value) {
+ return _err.value;
}
throw err;
}
}
+
+/**
+ * Intuited from a quick scan of `cbor.decodeFirstSync()` here:
+ *
+ * https://github.com/hildjj/node-cbor/blob/v5.1.0/lib/decoder.js#L189
+ */
+class CborDecoderError extends Error {
+ value: any;
+}
diff --git a/packages/server/src/metadata/verifyAttestationWithMetadata.ts b/packages/server/src/metadata/verifyAttestationWithMetadata.ts
index f0dcf83..5a4a0bb 100644
--- a/packages/server/src/metadata/verifyAttestationWithMetadata.ts
+++ b/packages/server/src/metadata/verifyAttestationWithMetadata.ts
@@ -75,7 +75,8 @@ export default async function verifyAttestationWithMetadata(
statement.attestationRootCertificates.map(convertCertBufferToPEM),
);
} catch (err) {
- throw new Error(`Could not validate certificate path with any metadata root certificates: ${err.message}`);
+ const _err = err as Error;
+ throw new Error(`Could not validate certificate path with any metadata root certificates: ${_err.message}`);
}
return true;
diff --git a/packages/server/src/registration/verifications/tpm/verifyTPM.ts b/packages/server/src/registration/verifications/tpm/verifyTPM.ts
index 57563e8..1a4582d 100644
--- a/packages/server/src/registration/verifications/tpm/verifyTPM.ts
+++ b/packages/server/src/registration/verifications/tpm/verifyTPM.ts
@@ -263,14 +263,16 @@ export default async function verifyTPM(options: AttestationFormatVerifierOpts):
try {
await verifyAttestationWithMetadata(statement, credentialPublicKey, x5c);
} catch (err) {
- throw new Error(`${err.message} (TPM)`);
+ const _err = err as Error;
+ throw new Error(`${_err.message} (TPM)`);
}
} else {
try {
// Try validating the certificate path using the root certificates set via SettingsService
await validateCertificatePath(x5c.map(convertCertBufferToPEM), rootCertificates);
} catch (err) {
- throw new Error(`${err.message} (TPM)`);
+ const _err = err as Error;
+ throw new Error(`${_err.message} (TPM)`);
}
}
diff --git a/packages/server/src/registration/verifications/verifyAndroidKey.ts b/packages/server/src/registration/verifications/verifyAndroidKey.ts
index a8a2b58..8198203 100644
--- a/packages/server/src/registration/verifications/verifyAndroidKey.ts
+++ b/packages/server/src/registration/verifications/verifyAndroidKey.ts
@@ -80,14 +80,16 @@ export default async function verifyAttestationAndroidKey(
try {
await verifyAttestationWithMetadata(statement, credentialPublicKey, x5c);
} catch (err) {
- throw new Error(`${err.message} (AndroidKey)`);
+ const _err = err as Error;
+ throw new Error(`${_err.message} (AndroidKey)`);
}
} else {
try {
// Try validating the certificate path using the root certificates set via SettingsService
await validateCertificatePath(x5c.map(convertCertBufferToPEM), rootCertificates);
} catch (err) {
- throw new Error(`${err.message} (AndroidKey)`);
+ const _err = err as Error;
+ throw new Error(`${_err.message} (AndroidKey)`);
}
}
diff --git a/packages/server/src/registration/verifications/verifyAndroidSafetyNet.ts b/packages/server/src/registration/verifications/verifyAndroidSafetyNet.ts
index e2ef4a8..a61311a 100644
--- a/packages/server/src/registration/verifications/verifyAndroidSafetyNet.ts
+++ b/packages/server/src/registration/verifications/verifyAndroidSafetyNet.ts
@@ -97,14 +97,16 @@ export default async function verifyAttestationAndroidSafetyNet(
try {
await verifyAttestationWithMetadata(statement, credentialPublicKey, HEADER.x5c);
} catch (err) {
- throw new Error(`${err.message} (SafetyNet)`);
+ const _err = err as Error;
+ throw new Error(`${_err.message} (SafetyNet)`);
}
} else {
try {
// Try validating the certificate path using the root certificates set via SettingsService
await validateCertificatePath(HEADER.x5c.map(convertCertBufferToPEM), rootCertificates);
} catch (err) {
- throw new Error(`${err.message} (SafetyNet)`);
+ const _err = err as Error;
+ throw new Error(`${_err.message} (SafetyNet)`);
}
}
/**
diff --git a/packages/server/src/registration/verifications/verifyApple.ts b/packages/server/src/registration/verifications/verifyApple.ts
index 00b21ff..cbf8527 100644
--- a/packages/server/src/registration/verifications/verifyApple.ts
+++ b/packages/server/src/registration/verifications/verifyApple.ts
@@ -24,7 +24,8 @@ export default async function verifyApple(
try {
await validateCertificatePath(x5c.map(convertCertBufferToPEM), rootCertificates);
} catch (err) {
- throw new Error(`${err.message} (Apple)`);
+ const _err = err as Error;
+ throw new Error(`${_err.message} (Apple)`);
}
/**
diff --git a/packages/server/src/registration/verifications/verifyFIDOU2F.ts b/packages/server/src/registration/verifications/verifyFIDOU2F.ts
index f11a1c9..d1d67b5 100644
--- a/packages/server/src/registration/verifications/verifyFIDOU2F.ts
+++ b/packages/server/src/registration/verifications/verifyFIDOU2F.ts
@@ -52,7 +52,8 @@ export default async function verifyAttestationFIDOU2F(
// Try validating the certificate path using the root certificates set via SettingsService
await validateCertificatePath(x5c.map(convertCertBufferToPEM), rootCertificates);
} catch (err) {
- throw new Error(`${err.message} (FIDOU2F)`);
+ const _err = err as Error;
+ throw new Error(`${_err.message} (FIDOU2F)`);
}
const leafCertPEM = convertCertBufferToPEM(x5c[0]);
diff --git a/packages/server/src/registration/verifications/verifyPacked.ts b/packages/server/src/registration/verifications/verifyPacked.ts
index 730bef3..76f6b59 100644
--- a/packages/server/src/registration/verifications/verifyPacked.ts
+++ b/packages/server/src/registration/verifications/verifyPacked.ts
@@ -100,14 +100,16 @@ export default async function verifyAttestationPacked(
try {
await verifyAttestationWithMetadata(statement, credentialPublicKey, x5c);
} catch (err) {
- throw new Error(`${err.message} (Packed|Full)`);
+ const _err = err as Error;
+ throw new Error(`${_err.message} (Packed|Full)`);
}
} else {
try {
// Try validating the certificate path using the root certificates set via SettingsService
await validateCertificatePath(x5c.map(convertCertBufferToPEM), rootCertificates);
} catch (err) {
- throw new Error(`${err.message} (Packed|Full)`);
+ const _err = err as Error;
+ throw new Error(`${_err.message} (Packed|Full)`);
}
}
generated by cgit v1.2.3 (git 2.39.1) at 2025-04-24 10:19:36 +0000