[EC-598] fix: properly convert credentials to guid raw format

libs/common/src/misc/utils.ts

@@ -618,7 +618,11 @@ export class Utils {
   }
 
   /** Convert raw 16 byte array to standard format (XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX) UUID. */
-  static guidToStandardFormat(arr: Uint8Array) {
+  static guidToStandardFormat(bufferSource: BufferSource) {
+    const arr =
+      bufferSource instanceof ArrayBuffer
+        ? new Uint8Array(bufferSource)
+        : new Uint8Array(bufferSource.buffer);
     // Note: Be careful editing this code!  It's been tuned for performance
     // and works in ways you may not expect. See https://github.com/uuidjs/uuid/pull/434
     const guid = (

libs/common/src/webauthn/services/fido2-authenticator.service.spec.ts

@@ -103,7 +103,7 @@ describe("FidoAuthenticatorService", () => {
         params = await createParams({
           excludeCredentialDescriptorList: [
             {
-              id: Fido2Utils.stringToBuffer(excludedCipherView.fido2Key.nonDiscoverableId),
+              id: Utils.guidToRawFormat(excludedCipherView.fido2Key.nonDiscoverableId),
               type: "public-key",
             },
           ],
@@ -161,7 +161,7 @@ describe("FidoAuthenticatorService", () => {
         excludedCipherView = await excludedCipher.decrypt();
         params = await createParams({
           excludeCredentialDescriptorList: [
-            { id: Fido2Utils.stringToBuffer(excludedCipher.id), type: "public-key" },
+            { id: Utils.guidToRawFormat(excludedCipher.id), type: "public-key" },
           ],
         });
         cipherService.get.mockImplementation(async (id) =>

libs/common/src/webauthn/services/fido2-authenticator.service.ts

@@ -53,13 +53,10 @@ export class Fido2AuthenticatorService implements Fido2AuthenticatorServiceAbstr
       throw new Fido2AutenticatorError(Fido2AutenticatorErrorCode.Constraint);
     }
 
-    const isExcluded = await this.vaultContainsId(
+    const isExcluded = await this.vaultContainsCredentials(params.excludeCredentialDescriptorList);
-      params.excludeCredentialDescriptorList.map((key) => Fido2Utils.bufferToString(key.id))
-    );
-
     if (isExcluded) {
       await this.userInterface.informExcludedCredential(
-        [Fido2Utils.bufferToString(params.excludeCredentialDescriptorList[0].id)],
+        [Utils.guidToStandardFormat(params.excludeCredentialDescriptorList[0].id)],
         {
           credentialName: params.rpEntity.name,
           userName: params.userEntity.name,
@@ -152,9 +149,23 @@ export class Fido2AuthenticatorService implements Fido2AuthenticatorServiceAbstr
     throw new Error("Not implemented");
   }
 
-  private async vaultContainsId(ids: string[]): Promise<boolean> {
+  private async vaultContainsCredentials(
-    const ciphers = await this.cipherService.getAllDecrypted();
+    credentials: PublicKeyCredentialDescriptor[]
+  ): Promise<boolean> {
+    const ids: string[] = [];
 
+    for (const credential of credentials) {
+      try {
+        ids.push(Utils.guidToStandardFormat(credential.id));
+        // eslint-disable-next-line no-empty
+      } catch {}
+    }
+
+    if (ids.length === 0) {
+      return false;
+    }
+
+    const ciphers = await this.cipherService.getAllDecrypted();
     return ciphers.some(
       (cipher) =>
         (cipher.type === CipherType.Fido2Key && ids.includes(cipher.id)) ||