summaryrefslogtreecommitdiffhomepage
path: root/packages/server/src
diff options
context:
space:
mode:
Diffstat (limited to 'packages/server/src')
-rw-r--r--packages/server/src/authentication/generateAuthenticationOptions.ts2
-rw-r--r--packages/server/src/helpers/convertAAGUIDToString.ts2
-rw-r--r--packages/server/src/helpers/convertCOSEtoPKCS.ts2
-rw-r--r--packages/server/src/helpers/convertCertBufferToPEM.ts2
-rw-r--r--packages/server/src/helpers/convertPublicKeyToPEM.ts2
-rw-r--r--packages/server/src/helpers/decodeAuthenticatorExtensions.ts10
-rw-r--r--packages/server/src/helpers/decodeCredentialPublicKey.ts2
-rw-r--r--packages/server/src/helpers/generateChallenge.ts2
-rw-r--r--packages/server/src/helpers/parseAuthenticatorData.ts16
-rw-r--r--packages/server/src/helpers/toHash.ts2
-rw-r--r--packages/server/src/helpers/verifySignature.ts12
-rw-r--r--packages/server/src/metadata/verifyAttestationWithMetadata.ts2
-rw-r--r--packages/server/src/registration/generateRegistrationOptions.ts2
-rw-r--r--packages/server/src/registration/verifications/verifyAttestationAndroidSafetyNet.test.ts12
-rw-r--r--packages/server/src/registration/verifyRegistrationResponse.ts18
-rw-r--r--packages/server/src/services/metadataService.ts4
16 files changed, 46 insertions, 46 deletions
diff --git a/packages/server/src/authentication/generateAuthenticationOptions.ts b/packages/server/src/authentication/generateAuthenticationOptions.ts
index b80473e..3561b28 100644
--- a/packages/server/src/authentication/generateAuthenticationOptions.ts
+++ b/packages/server/src/authentication/generateAuthenticationOptions.ts
@@ -10,7 +10,7 @@ import { generateChallenge } from '../helpers/generateChallenge';
export type GenerateAuthenticationOptionsOpts = {
allowCredentials?: PublicKeyCredentialDescriptorFuture[];
- challenge?: string | Buffer;
+ challenge?: string | Uint8Array;
timeout?: number;
userVerification?: UserVerificationRequirement;
extensions?: AuthenticationExtensionsClientInputs;
diff --git a/packages/server/src/helpers/convertAAGUIDToString.ts b/packages/server/src/helpers/convertAAGUIDToString.ts
index 0fb8356..3dc837c 100644
--- a/packages/server/src/helpers/convertAAGUIDToString.ts
+++ b/packages/server/src/helpers/convertAAGUIDToString.ts
@@ -1,7 +1,7 @@
/**
* Convert the aaguid buffer in authData into a UUID string
*/
-export function convertAAGUIDToString(aaguid: Buffer): string {
+export function convertAAGUIDToString(aaguid: Uint8Array): string {
// Raw Hex: adce000235bcc60a648b0b25f1f05503
const hex = aaguid.toString('hex');
diff --git a/packages/server/src/helpers/convertCOSEtoPKCS.ts b/packages/server/src/helpers/convertCOSEtoPKCS.ts
index 618a0dc..158fb36 100644
--- a/packages/server/src/helpers/convertCOSEtoPKCS.ts
+++ b/packages/server/src/helpers/convertCOSEtoPKCS.ts
@@ -4,7 +4,7 @@ import { decodeCborFirst } from './decodeCbor';
/**
* Takes COSE-encoded public key and converts it to PKCS key
*/
-export function convertCOSEtoPKCS(cosePublicKey: Buffer): Buffer {
+export function convertCOSEtoPKCS(cosePublicKey: Uint8Array): Uint8Array {
const struct: COSEPublicKey = decodeCborFirst(cosePublicKey);
const tag = Buffer.from([0x04]);
diff --git a/packages/server/src/helpers/convertCertBufferToPEM.ts b/packages/server/src/helpers/convertCertBufferToPEM.ts
index b6949c4..53398e5 100644
--- a/packages/server/src/helpers/convertCertBufferToPEM.ts
+++ b/packages/server/src/helpers/convertCertBufferToPEM.ts
@@ -4,7 +4,7 @@ import type { Base64URLString } from '@simplewebauthn/typescript-types';
/**
* Convert buffer to an OpenSSL-compatible PEM text format.
*/
-export function convertCertBufferToPEM(certBuffer: Buffer | Base64URLString): string {
+export function convertCertBufferToPEM(certBuffer: Uint8Array | Base64URLString): string {
let b64cert: string;
/**
diff --git a/packages/server/src/helpers/convertPublicKeyToPEM.ts b/packages/server/src/helpers/convertPublicKeyToPEM.ts
index 5c0e39a..1775801 100644
--- a/packages/server/src/helpers/convertPublicKeyToPEM.ts
+++ b/packages/server/src/helpers/convertPublicKeyToPEM.ts
@@ -3,7 +3,7 @@ import jwkToPem from 'jwk-to-pem';
import { COSEKEYS, COSEKTY, COSECRV } from './convertCOSEtoPKCS';
-export function convertPublicKeyToPEM(publicKey: Buffer): string {
+export function convertPublicKeyToPEM(publicKey: Uint8Array): string {
let struct;
try {
struct = cbor.decodeAllSync(publicKey)[0];
diff --git a/packages/server/src/helpers/decodeAuthenticatorExtensions.ts b/packages/server/src/helpers/decodeAuthenticatorExtensions.ts
index a889879..738fa37 100644
--- a/packages/server/src/helpers/decodeAuthenticatorExtensions.ts
+++ b/packages/server/src/helpers/decodeAuthenticatorExtensions.ts
@@ -6,7 +6,7 @@ import cbor from 'cbor';
* @param extensionData Authenticator Extension Data buffer
*/
export function decodeAuthenticatorExtensions(
- extensionData: Buffer,
+ extensionData: Uint8Array,
): AuthenticationExtensionsAuthenticatorOutputs | undefined {
let toCBOR: AuthenticationExtensionsAuthenticatorOutputs | undefined;
try {
@@ -24,14 +24,14 @@ export type AuthenticationExtensionsAuthenticatorOutputs = {
};
export type DevicePublicKeyAuthenticatorOutput = {
- dpk?: Buffer;
- scp?: Buffer;
+ dpk?: Uint8Array;
+ scp?: Uint8Array;
sig?: string;
- aaguid?: Buffer;
+ aaguid?: Uint8Array;
};
// TODO: Need to verify this format
// https://w3c.github.io/webauthn/#sctn-uvm-extension.
export type UVMAuthenticatorOutput = {
- uvm?: Buffer[];
+ uvm?: Uint8Array[];
};
diff --git a/packages/server/src/helpers/decodeCredentialPublicKey.ts b/packages/server/src/helpers/decodeCredentialPublicKey.ts
index cd7a4a2..f0c30ef 100644
--- a/packages/server/src/helpers/decodeCredentialPublicKey.ts
+++ b/packages/server/src/helpers/decodeCredentialPublicKey.ts
@@ -1,6 +1,6 @@
import { COSEPublicKey } from './convertCOSEtoPKCS';
import { decodeCborFirst } from './decodeCbor';
-export function decodeCredentialPublicKey(publicKey: Buffer): COSEPublicKey {
+export function decodeCredentialPublicKey(publicKey: Uint8Array): COSEPublicKey {
return decodeCborFirst(publicKey);
}
diff --git a/packages/server/src/helpers/generateChallenge.ts b/packages/server/src/helpers/generateChallenge.ts
index 4acecf3..ff54321 100644
--- a/packages/server/src/helpers/generateChallenge.ts
+++ b/packages/server/src/helpers/generateChallenge.ts
@@ -3,7 +3,7 @@ import crypto from 'crypto';
/**
* Generate a suitably random value to be used as an attestation or assertion challenge
*/
-export function generateChallenge(): Buffer {
+export function generateChallenge(): Uint8Array {
/**
* WebAuthn spec says that 16 bytes is a good minimum:
*
diff --git a/packages/server/src/helpers/parseAuthenticatorData.ts b/packages/server/src/helpers/parseAuthenticatorData.ts
index c2128e0..9391135 100644
--- a/packages/server/src/helpers/parseAuthenticatorData.ts
+++ b/packages/server/src/helpers/parseAuthenticatorData.ts
@@ -8,7 +8,7 @@ import {
/**
* Make sense of the authData buffer contained in an Attestation
*/
-export function parseAuthenticatorData(authData: Buffer): ParsedAuthenticatorData {
+export function parseAuthenticatorData(authData: Uint8Array): ParsedAuthenticatorData {
if (authData.byteLength < 37) {
throw new Error(
`Authenticator data was ${authData.byteLength} bytes, expected at least 37 bytes`,
@@ -87,8 +87,8 @@ export function parseAuthenticatorData(authData: Buffer): ParsedAuthenticatorDat
}
export type ParsedAuthenticatorData = {
- rpIdHash: Buffer;
- flagsBuf: Buffer;
+ rpIdHash: Uint8Array;
+ flagsBuf: Uint8Array;
flags: {
up: boolean;
uv: boolean;
@@ -99,10 +99,10 @@ export type ParsedAuthenticatorData = {
flagsInt: number;
};
counter: number;
- counterBuf: Buffer;
- aaguid?: Buffer;
- credentialID?: Buffer;
- credentialPublicKey?: Buffer;
+ counterBuf: Uint8Array;
+ aaguid?: Uint8Array;
+ credentialID?: Uint8Array;
+ credentialPublicKey?: Uint8Array;
extensionsData?: AuthenticationExtensionsAuthenticatorOutputs;
- extensionsDataBuffer?: Buffer;
+ extensionsDataBuffer?: Uint8Array;
};
diff --git a/packages/server/src/helpers/toHash.ts b/packages/server/src/helpers/toHash.ts
index 007b1ab..e599a4d 100644
--- a/packages/server/src/helpers/toHash.ts
+++ b/packages/server/src/helpers/toHash.ts
@@ -5,6 +5,6 @@ import crypto from 'crypto';
* @param data Data to hash
* @return The hash
*/
-export function toHash(data: Buffer | string, algo = 'SHA256'): Buffer {
+export function toHash(data: Uint8Array | string, algo = 'SHA256'): Uint8Array {
return crypto.createHash(algo).update(data).digest();
}
diff --git a/packages/server/src/helpers/verifySignature.ts b/packages/server/src/helpers/verifySignature.ts
index de8a56e..627a711 100644
--- a/packages/server/src/helpers/verifySignature.ts
+++ b/packages/server/src/helpers/verifySignature.ts
@@ -7,16 +7,16 @@ import { convertCertBufferToPEM } from './convertCertBufferToPEM';
import { convertPublicKeyToPEM } from './convertPublicKeyToPEM';
type VerifySignatureOptsLeafCert = {
- signature: Buffer;
- signatureBase: Buffer;
- leafCert: Buffer;
+ signature: Uint8Array;
+ signatureBase: Uint8Array;
+ leafCert: Uint8Array;
hashAlgorithm?: string;
};
type VerifySignatureOptsCredentialPublicKey = {
- signature: Buffer;
- signatureBase: Buffer;
- credentialPublicKey: Buffer;
+ signature: Uint8Array;
+ signatureBase: Uint8Array;
+ credentialPublicKey: Uint8Array;
hashAlgorithm?: string;
};
diff --git a/packages/server/src/metadata/verifyAttestationWithMetadata.ts b/packages/server/src/metadata/verifyAttestationWithMetadata.ts
index 5193135..c779145 100644
--- a/packages/server/src/metadata/verifyAttestationWithMetadata.ts
+++ b/packages/server/src/metadata/verifyAttestationWithMetadata.ts
@@ -17,7 +17,7 @@ export async function verifyAttestationWithMetadata({
attestationStatementAlg,
}: {
statement: MetadataStatement;
- credentialPublicKey: Buffer;
+ credentialPublicKey: Uint8Array;
x5c: Buffer[] | Base64URLString[];
attestationStatementAlg?: number;
}): Promise<boolean> {
diff --git a/packages/server/src/registration/generateRegistrationOptions.ts b/packages/server/src/registration/generateRegistrationOptions.ts
index 20b3283..a2cc9cf 100644
--- a/packages/server/src/registration/generateRegistrationOptions.ts
+++ b/packages/server/src/registration/generateRegistrationOptions.ts
@@ -16,7 +16,7 @@ export type GenerateRegistrationOptionsOpts = {
rpID: string;
userID: string;
userName: string;
- challenge?: string | Buffer;
+ challenge?: string | Uint8Array;
userDisplayName?: string;
timeout?: number;
attestationType?: AttestationConveyancePreference;
diff --git a/packages/server/src/registration/verifications/verifyAttestationAndroidSafetyNet.test.ts b/packages/server/src/registration/verifications/verifyAttestationAndroidSafetyNet.test.ts
index 5df3bee..16f5bae 100644
--- a/packages/server/src/registration/verifications/verifyAttestationAndroidSafetyNet.test.ts
+++ b/packages/server/src/registration/verifications/verifyAttestationAndroidSafetyNet.test.ts
@@ -14,13 +14,13 @@ const rootCertificates = SettingsService.getRootCertificates({
identifier: 'android-safetynet',
});
-let authData: Buffer;
+let authData: Uint8Array;
let attStmt: AttestationStatement;
-let clientDataHash: Buffer;
-let aaguid: Buffer;
-let credentialID: Buffer;
-let credentialPublicKey: Buffer;
-let rpIdHash: Buffer;
+let clientDataHash: Uint8Array;
+let aaguid: Uint8Array;
+let credentialID: Uint8Array;
+let credentialPublicKey: Uint8Array;
+let rpIdHash: Uint8Array;
let spyDate: jest.SpyInstance;
beforeEach(() => {
diff --git a/packages/server/src/registration/verifyRegistrationResponse.ts b/packages/server/src/registration/verifyRegistrationResponse.ts
index 14c2110..efe7531 100644
--- a/packages/server/src/registration/verifyRegistrationResponse.ts
+++ b/packages/server/src/registration/verifyRegistrationResponse.ts
@@ -287,10 +287,10 @@ export type VerifiedRegistrationResponse = {
fmt: AttestationFormat;
counter: number;
aaguid: string;
- credentialID: Buffer;
- credentialPublicKey: Buffer;
+ credentialID: Uint8Array;
+ credentialPublicKey: Uint8Array;
credentialType: 'public-key';
- attestationObject: Buffer;
+ attestationObject: Uint8Array;
userVerified: boolean;
credentialDeviceType: CredentialDeviceType;
credentialBackedUp: boolean;
@@ -302,13 +302,13 @@ export type VerifiedRegistrationResponse = {
* Values passed to all attestation format verifiers, from which they are free to use as they please
*/
export type AttestationFormatVerifierOpts = {
- aaguid: Buffer;
+ aaguid: Uint8Array;
attStmt: AttestationStatement;
- authData: Buffer;
- clientDataHash: Buffer;
- credentialID: Buffer;
- credentialPublicKey: Buffer;
+ authData: Uint8Array;
+ clientDataHash: Uint8Array;
+ credentialID: Uint8Array;
+ credentialPublicKey: Uint8Array;
rootCertificates: string[];
- rpIdHash: Buffer;
+ rpIdHash: Uint8Array;
verifyTimestampMS?: boolean;
};
diff --git a/packages/server/src/services/metadataService.ts b/packages/server/src/services/metadataService.ts
index daed3cb..7bcbee8 100644
--- a/packages/server/src/services/metadataService.ts
+++ b/packages/server/src/services/metadataService.ts
@@ -139,7 +139,7 @@ export class BaseMetadataService {
* This method will coordinate updating the cache as per the `nextUpdate` property in the initial
* BLOB download.
*/
- async getStatement(aaguid: string | Buffer): Promise<MetadataStatement | undefined> {
+ async getStatement(aaguid: string | Uint8Array): Promise<MetadataStatement | undefined> {
if (this.state === SERVICE_STATE.DISABLED) {
return;
}
@@ -148,7 +148,7 @@ export class BaseMetadataService {
return;
}
- if (aaguid instanceof Buffer) {
+ if (aaguid instanceof Uint8Array) {
aaguid = convertAAGUIDToString(aaguid);
}
generated by cgit v1.2.3 (git 2.39.1) at 2025-04-27 09:10:35 +0000