blob: 8277674b1491faa40dde37da6ef8169f9a577adc (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
|
import { isoCrypto } from './iso';
/**
* Generate a suitably random value to be used as an attestation or assertion challenge
*/
export function generateChallenge(): Uint8Array {
/**
* WebAuthn spec says that 16 bytes is a good minimum:
*
* "In order to prevent replay attacks, the challenges MUST contain enough entropy to make
* guessing them infeasible. Challenges SHOULD therefore be at least 16 bytes long."
*
* Just in case, let's double it
*/
const challenge = new Uint8Array(32);
isoCrypto.getRandomValues(challenge);
return challenge;
}
|
