class WebAuthn::AttestationStatement::FidoU2f
Constants
- VALID_ATTESTATION_CERTIFICATE_ALGORITHM
- VALID_ATTESTATION_CERTIFICATE_COUNT
- VALID_ATTESTATION_CERTIFICATE_KEY_CURVE
Public Instance Methods
valid?(authenticator_data, client_data_hash)
click to toggle source
# File lib/webauthn/attestation_statement/fido_u2f.rb, line 15 def valid?(authenticator_data, client_data_hash) valid_format? && valid_certificate_public_key? && valid_credential_public_key?(authenticator_data.credential.public_key) && valid_aaguid?(authenticator_data.attested_credential_data.raw_aaguid) && valid_signature?(authenticator_data, client_data_hash) && trustworthy?(attestation_certificate_key_id: attestation_certificate_key_id) && [attestation_type, attestation_trust_path] end
Private Instance Methods
algorithm()
click to toggle source
# File lib/webauthn/attestation_statement/fido_u2f.rb, line 50 def algorithm VALID_ATTESTATION_CERTIFICATE_ALGORITHM.id end
attestation_type()
click to toggle source
# File lib/webauthn/attestation_statement/fido_u2f.rb, line 66 def attestation_type WebAuthn::AttestationStatement::ATTESTATION_TYPE_BASIC_OR_ATTCA end
certificate_public_key()
click to toggle source
# File lib/webauthn/attestation_statement/fido_u2f.rb, line 42 def certificate_public_key attestation_certificate.public_key end
public_key_u2f(cose_key_data)
click to toggle source
# File lib/webauthn/attestation_statement/fido_u2f.rb, line 62 def public_key_u2f(cose_key_data) PublicKey.new(cose_key_data) end
valid_aaguid?(attested_credential_data_aaguid)
click to toggle source
# File lib/webauthn/attestation_statement/fido_u2f.rb, line 46 def valid_aaguid?(attested_credential_data_aaguid) attested_credential_data_aaguid == WebAuthn::AuthenticatorData::AttestedCredentialData::ZEROED_AAGUID end
valid_certificate_public_key?()
click to toggle source
# File lib/webauthn/attestation_statement/fido_u2f.rb, line 32 def valid_certificate_public_key? certificate_public_key.is_a?(OpenSSL::PKey::EC) && certificate_public_key.group.curve_name == VALID_ATTESTATION_CERTIFICATE_KEY_CURVE.pkey_name && certificate_public_key.check_key end
valid_credential_public_key?(public_key_bytes)
click to toggle source
# File lib/webauthn/attestation_statement/fido_u2f.rb, line 38 def valid_credential_public_key?(public_key_bytes) public_key_u2f(public_key_bytes).valid? end
valid_format?()
click to toggle source
# File lib/webauthn/attestation_statement/fido_u2f.rb, line 27 def valid_format? !!(raw_certificates && signature) && raw_certificates.length == VALID_ATTESTATION_CERTIFICATE_COUNT end
verification_data(authenticator_data, client_data_hash)
click to toggle source
# File lib/webauthn/attestation_statement/fido_u2f.rb, line 54 def verification_data(authenticator_data, client_data_hash) "\x00" + authenticator_data.rp_id_hash + client_data_hash + authenticator_data.credential.id + public_key_u2f(authenticator_data.credential.public_key).to_uncompressed_point end