From ad272345764eb759d93c98501201c54f8d65761c Mon Sep 17 00:00:00 2001 From: Andreas Coroiu Date: Mon, 27 Mar 2023 09:45:18 +0200 Subject: [PATCH] [EC-598] feat: tweak key data to contain separate type and algorithm --- .../src/webauthn/models/api/fido2-key.api.ts | 10 +++++++--- .../webauthn/models/data/fido2-key.data.ts | 10 +++++++--- .../src/webauthn/models/domain/fido2-key.ts | 20 +++++++++++++------ .../webauthn/models/view/fido2-key.view.ts | 7 +++++-- .../fido2-authenticator.service.spec.ts | 6 ++++-- .../services/fido2-authenticator.service.ts | 3 ++- 6 files changed, 39 insertions(+), 17 deletions(-) diff --git a/libs/common/src/webauthn/models/api/fido2-key.api.ts b/libs/common/src/webauthn/models/api/fido2-key.api.ts index 5850f65ce1..24e902f9ac 100644 --- a/libs/common/src/webauthn/models/api/fido2-key.api.ts +++ b/libs/common/src/webauthn/models/api/fido2-key.api.ts @@ -1,12 +1,15 @@ import { BaseResponse } from "../../../models/response/base.response"; export class Fido2KeyApi extends BaseResponse { - keyType: "ECDSA"; + keyType: "public-key"; + keyAlgorithm: "ECDSA"; keyCurve: "P-256"; keyValue: string; rpId: string; - rpName: string; userHandle: string; + + // Extras + rpName: string; userName: string; origin: string; @@ -17,12 +20,13 @@ export class Fido2KeyApi extends BaseResponse { } this.keyType = this.getResponseProperty("KeyType"); + this.keyAlgorithm = this.getResponseProperty("KeyType"); this.keyCurve = this.getResponseProperty("KeyCurve"); this.keyValue = this.getResponseProperty("keyValue"); this.rpId = this.getResponseProperty("RpId"); this.rpName = this.getResponseProperty("RpName"); - this.userHandle = this.getResponseProperty("UserHandle"); this.userName = this.getResponseProperty("UserName"); + this.userHandle = this.getResponseProperty("UserHandle"); this.origin = this.getResponseProperty("Origin"); } } diff --git a/libs/common/src/webauthn/models/data/fido2-key.data.ts b/libs/common/src/webauthn/models/data/fido2-key.data.ts index 8798ffb910..7f84c9f91e 100644 --- a/libs/common/src/webauthn/models/data/fido2-key.data.ts +++ b/libs/common/src/webauthn/models/data/fido2-key.data.ts @@ -1,12 +1,15 @@ import { Fido2KeyApi } from "../api/fido2-key.api"; export class Fido2KeyData { - keyType: "ECDSA"; + keyType: "public-key"; + keyAlgorithm: "ECDSA"; keyCurve: "P-256"; keyValue: string; rpId: string; - rpName: string; userHandle: string; + + // Extras + rpName: string; userName: string; origin: string; @@ -16,11 +19,12 @@ export class Fido2KeyData { } this.keyType = data.keyType; + this.keyAlgorithm = data.keyAlgorithm; this.keyCurve = data.keyCurve; this.keyValue = data.keyValue; this.rpId = data.rpId; - this.rpName = data.rpName; this.userHandle = data.userHandle; + this.rpName = data.rpName; this.userName = data.userName; this.origin = data.origin; } diff --git a/libs/common/src/webauthn/models/domain/fido2-key.ts b/libs/common/src/webauthn/models/domain/fido2-key.ts index 4df2fe5d01..e2334443a2 100644 --- a/libs/common/src/webauthn/models/domain/fido2-key.ts +++ b/libs/common/src/webauthn/models/domain/fido2-key.ts @@ -8,11 +8,14 @@ import { Fido2KeyView } from "../view/fido2-key.view"; export class Fido2Key extends Domain { keyType: EncString; + keyAlgorithm: EncString; keyCurve: EncString; keyValue: EncString; rpId: EncString; - rpName: EncString; userHandle: EncString; + + // Extras + rpName: EncString; userName: EncString; origin: EncString; @@ -27,11 +30,12 @@ export class Fido2Key extends Domain { obj, { keyType: null, + keyAlgorithm: null, keyCurve: null, keyValue: null, rpId: null, - rpName: null, userHandle: null, + rpName: null, userName: null, origin: null, }, @@ -44,11 +48,12 @@ export class Fido2Key extends Domain { new Fido2KeyView(), { keyType: null, + keyAlgorithm: null, keyCurve: null, keyValue: null, rpId: null, - rpName: null, userHandle: null, + rpName: null, userName: null, origin: null, }, @@ -61,11 +66,12 @@ export class Fido2Key extends Domain { const i = new Fido2KeyData(); this.buildDataModel(this, i, { keyType: null, + keyAlgorithm: null, keyCurve: null, keyValue: null, rpId: null, - rpName: null, userHandle: null, + rpName: null, userName: null, origin: null, }); @@ -78,21 +84,23 @@ export class Fido2Key extends Domain { } const keyType = EncString.fromJSON(obj.keyType); + const keyAlgorithm = EncString.fromJSON(obj.keyAlgorithm); const keyCurve = EncString.fromJSON(obj.keyCurve); const keyValue = EncString.fromJSON(obj.keyValue); const rpId = EncString.fromJSON(obj.rpId); - const rpName = EncString.fromJSON(obj.rpName); const userHandle = EncString.fromJSON(obj.userHandle); + const rpName = EncString.fromJSON(obj.rpName); const userName = EncString.fromJSON(obj.userName); const origin = EncString.fromJSON(obj.origin); return Object.assign(new Fido2Key(), obj, { keyType, + keyAlgorithm, keyCurve, keyValue, rpId, - rpName, userHandle, + rpName, userName, origin, }); diff --git a/libs/common/src/webauthn/models/view/fido2-key.view.ts b/libs/common/src/webauthn/models/view/fido2-key.view.ts index f69f09cc2f..7115fb2915 100644 --- a/libs/common/src/webauthn/models/view/fido2-key.view.ts +++ b/libs/common/src/webauthn/models/view/fido2-key.view.ts @@ -3,12 +3,15 @@ import { Jsonify } from "type-fest"; import { ItemView } from "../../../vault/models/view/item.view"; export class Fido2KeyView extends ItemView { - keyType: "ECDSA"; + keyType: "public-key"; + keyAlgorithm: "ECDSA"; keyCurve: "P-256"; keyValue: string; rpId: string; - rpName: string; userHandle: string; + + // Extras + rpName: string; userName: string; origin: string; diff --git a/libs/common/src/webauthn/services/fido2-authenticator.service.spec.ts b/libs/common/src/webauthn/services/fido2-authenticator.service.spec.ts index 405f8885c1..3ec3c43389 100644 --- a/libs/common/src/webauthn/services/fido2-authenticator.service.spec.ts +++ b/libs/common/src/webauthn/services/fido2-authenticator.service.spec.ts @@ -182,7 +182,8 @@ describe("FidoAuthenticatorService", () => { name: params.rpEntity.name, fido2Key: expect.objectContaining({ - keyType: "ECDSA", + keyType: "public-key", + keyAlgorithm: "ECDSA", keyCurve: "P-256", rpId: params.rpEntity.id, rpName: params.rpEntity.name, @@ -261,7 +262,8 @@ describe("FidoAuthenticatorService", () => { name: existingCipherView.name, fido2Key: expect.objectContaining({ - keyType: "ECDSA", + keyType: "public-key", + keyAlgorithm: "ECDSA", keyCurve: "P-256", rpId: params.rpEntity.id, rpName: params.rpEntity.name, diff --git a/libs/common/src/webauthn/services/fido2-authenticator.service.ts b/libs/common/src/webauthn/services/fido2-authenticator.service.ts index 26a73e42bd..54622a42cf 100644 --- a/libs/common/src/webauthn/services/fido2-authenticator.service.ts +++ b/libs/common/src/webauthn/services/fido2-authenticator.service.ts @@ -134,7 +134,8 @@ export class Fido2AuthenticatorService implements Fido2AuthenticatorServiceAbstr const pcks8Key = await crypto.subtle.exportKey("pkcs8", keyValue); const fido2Key = new Fido2KeyView(); - fido2Key.keyType = "ECDSA"; + fido2Key.keyType = "public-key"; + fido2Key.keyAlgorithm = "ECDSA"; fido2Key.keyCurve = "P-256"; fido2Key.keyValue = Fido2Utils.bufferToString(pcks8Key); fido2Key.rpId = params.rpEntity.id;