summaryrefslogtreecommitdiffhomepage
path: root/packages/server/src
diff options
context:
space:
mode:
Diffstat (limited to 'packages/server/src')
-rw-r--r--packages/server/src/helpers/convertCOSEtoPKCS.test.ts6
-rw-r--r--packages/server/src/helpers/convertCOSEtoPKCS.ts10
-rw-r--r--packages/server/src/helpers/decodeCredentialPublicKey.ts4
-rw-r--r--packages/server/src/helpers/verifySignature.ts14
4 files changed, 17 insertions, 17 deletions
diff --git a/packages/server/src/helpers/convertCOSEtoPKCS.test.ts b/packages/server/src/helpers/convertCOSEtoPKCS.test.ts
index de2d10f..d5d269e 100644
--- a/packages/server/src/helpers/convertCOSEtoPKCS.test.ts
+++ b/packages/server/src/helpers/convertCOSEtoPKCS.test.ts
@@ -1,4 +1,4 @@
-import * as esmDecodeCbor from './decodeCbor';
+import * as esmDecodeCbor from './cbor';
import { convertCOSEtoPKCS, COSEKEYS } from './convertCOSEtoPKCS';
@@ -7,7 +7,7 @@ test('should throw an error curve if, somehow, curve coordinate x is missing', (
mockCOSEKey.set(COSEKEYS.y, 1);
- jest.spyOn(esmDecodeCbor, 'decodeCborFirst').mockReturnValue(mockCOSEKey);
+ jest.spyOn(esmDecodeCbor, 'decodeFirst').mockReturnValue(mockCOSEKey);
expect(() => {
convertCOSEtoPKCS(Buffer.from('123', 'ascii'));
@@ -19,7 +19,7 @@ test('should throw an error curve if, somehow, curve coordinate y is missing', (
mockCOSEKey.set(COSEKEYS.x, 1);
- jest.spyOn(esmDecodeCbor, 'decodeCborFirst').mockReturnValue(mockCOSEKey);
+ jest.spyOn(esmDecodeCbor, 'decodeFirst').mockReturnValue(mockCOSEKey);
expect(() => {
convertCOSEtoPKCS(Buffer.from('123', 'ascii'));
diff --git a/packages/server/src/helpers/convertCOSEtoPKCS.ts b/packages/server/src/helpers/convertCOSEtoPKCS.ts
index 70016df..93140b6 100644
--- a/packages/server/src/helpers/convertCOSEtoPKCS.ts
+++ b/packages/server/src/helpers/convertCOSEtoPKCS.ts
@@ -1,16 +1,16 @@
import { COSEAlgorithmIdentifier } from '@simplewebauthn/typescript-types';
-import { decodeCborFirst } from './decodeCbor';
+import * as cbor from './cbor';
import * as uint8Array from './uint8Array';
/**
* Takes COSE-encoded public key and converts it to PKCS key
*/
export function convertCOSEtoPKCS(cosePublicKey: Uint8Array): Uint8Array {
- const struct: COSEPublicKey = decodeCborFirst(cosePublicKey);
+ const struct = cbor.decodeFirst<COSEPublicKey>(cosePublicKey);
const tag = Uint8Array.from([0x04]);
- const x = struct[COSEKEYS.x];
- const y = struct[COSEKEYS.y];
+ const x = struct.get(COSEKEYS.x);
+ const y = struct.get(COSEKEYS.y);
if (!x) {
throw new Error('COSE public key was missing x');
@@ -23,7 +23,7 @@ export function convertCOSEtoPKCS(cosePublicKey: Uint8Array): Uint8Array {
return uint8Array.concat([tag, x as Uint8Array]);
}
-export type COSEPublicKey = { [key: COSEAlgorithmIdentifier]: number | Uint8Array};
+export type COSEPublicKey = Map<COSEAlgorithmIdentifier, number | Uint8Array>;
export enum COSEKEYS {
kty = 1,
diff --git a/packages/server/src/helpers/decodeCredentialPublicKey.ts b/packages/server/src/helpers/decodeCredentialPublicKey.ts
index f0c30ef..ec9ecd1 100644
--- a/packages/server/src/helpers/decodeCredentialPublicKey.ts
+++ b/packages/server/src/helpers/decodeCredentialPublicKey.ts
@@ -1,6 +1,6 @@
import { COSEPublicKey } from './convertCOSEtoPKCS';
-import { decodeCborFirst } from './decodeCbor';
+import * as cbor from './cbor';
export function decodeCredentialPublicKey(publicKey: Uint8Array): COSEPublicKey {
- return decodeCborFirst(publicKey);
+ return cbor.decodeFirst<COSEPublicKey>(publicKey);
}
diff --git a/packages/server/src/helpers/verifySignature.ts b/packages/server/src/helpers/verifySignature.ts
index 72e5688..97bef50 100644
--- a/packages/server/src/helpers/verifySignature.ts
+++ b/packages/server/src/helpers/verifySignature.ts
@@ -1,10 +1,10 @@
import crypto from 'crypto';
import { verify as ed25519Verify } from '@noble/ed25519';
-import { COSEKEYS, COSEKTY } from './convertCOSEtoPKCS';
+import { COSEKEYS, COSEKTY, COSEPublicKey } from './convertCOSEtoPKCS';
import { convertCertBufferToPEM } from './convertCertBufferToPEM';
import { convertPublicKeyToPEM } from './convertPublicKeyToPEM';
-import { decodeCborFirst } from './decodeCbor';
+import * as cbor from './cbor';
type VerifySignatureOptsLeafCert = {
signature: Uint8Array;
@@ -24,7 +24,7 @@ type VerifySignatureOptsCredentialPublicKey = {
* Verify an authenticator's signature
*
* @param signature attStmt.sig
- * @param signatureBase Output from Buffer.concat()
+ * @param signatureBase Bytes that were signed over
* @param publicKey Authenticator's public key as a PEM certificate
* @param algo Which algorithm to use to verify the signature (default: `'sha256'`)
*/
@@ -51,13 +51,13 @@ export async function verifySignature(
// Decode CBOR to COSE
let struct;
try {
- struct = decodeCborFirst(credentialPublicKey);
+ struct = cbor.decodeFirst<COSEPublicKey>(credentialPublicKey);
} catch (err) {
const _err = err as Error;
throw new Error(`Error decoding public key while converting to PEM: ${_err.message}`);
}
- const kty = struct[COSEKEYS.kty];
+ const kty = struct.get(COSEKEYS.kty);
if (!kty) {
throw new Error('Public key was missing kty');
@@ -66,13 +66,13 @@ export async function verifySignature(
// Check key type
if (kty === COSEKTY.OKP) {
// Verify Ed25519 slightly differently
- const x = struct[COSEKEYS.x];
+ const x = struct.get(COSEKEYS.x);
if (!x) {
throw new Error('Public key was missing x (OKP)');
}
- return ed25519Verify(signature, signatureBase, x);
+ return ed25519Verify(signature, signatureBase, (x as Uint8Array));
} else {
// Convert pubKey to PEM for ECC and RSA
publicKeyPEM = convertPublicKeyToPEM(credentialPublicKey);
generated by cgit v1.2.3 (git 2.39.1) at 2025-04-22 14:16:53 +0000