blob: 00ada70e810366005f098c13b4e6779237a70455 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
|
import { COSEALG, COSEPublicKey } from './cose';
import { isoCrypto } from './iso';
import { decodeCredentialPublicKey } from './decodeCredentialPublicKey';
import { convertX509PublicKeyToCOSE } from './convertX509PublicKeyToCOSE';
/**
* Verify an authenticator's signature
*/
export async function verifySignature(opts: {
signature: Uint8Array;
data: Uint8Array;
credentialPublicKey?: Uint8Array;
x509Certificate?: Uint8Array;
hashAlgorithm?: COSEALG;
}): Promise<boolean> {
const { signature, data, credentialPublicKey, x509Certificate, hashAlgorithm } = opts;
if (!x509Certificate && !credentialPublicKey) {
throw new Error('Must declare either "leafCert" or "credentialPublicKey"');
}
if (x509Certificate && credentialPublicKey) {
throw new Error('Must not declare both "leafCert" and "credentialPublicKey"');
}
let cosePublicKey: COSEPublicKey = new Map();
if (credentialPublicKey) {
cosePublicKey = decodeCredentialPublicKey(credentialPublicKey);
} else if (x509Certificate) {
cosePublicKey = convertX509PublicKeyToCOSE(x509Certificate);
}
return isoCrypto.verify({
cosePublicKey,
signature,
data,
shaHashOverride: hashAlgorithm,
});
}
|
