Create LoginResponseInterface

Firehed · Firehed · May 30, 2019 · May 27, 2019 · May 27, 2019 · May 27, 2019
commit c3d7b3a79a1dccc25ada53e3aa48ee066fa6cc24
diff --git a/src/ChallengeProvider.php b/src/ChallengeProvider.php
@@ -5,6 +5,5 @@
 
 interface ChallengeProvider
 {
-
     public function getChallenge(): string;
 }
diff --git a/src/ClientData.php b/src/ClientData.php
@@ -28,6 +28,11 @@ public static function fromJson(string $json)
         return $ret;
     }
 
+    public function getApplicationParameter(): string
+    {
+        return hash('sha256', $this->origin, true);
+    }
+
     /**
      * Checks the 'typ' field against the allowed types in the U2F spec (sec.
      * 7.1)

diff --git a/src/LoginResponseInterface.php b/src/LoginResponseInterface.php
@@ -0,0 +1,17 @@
+<?php
+declare(strict_types=1);
+
+namespace Firehed\U2F;
+
+interface LoginResponseInterface
+{
+    public function getChallengeProvider(): ChallengeProvider;
+
+    public function getCounter(): int;
+
+    public function getKeyHandleBinary(): string;
+
+    public function getSignature(): string;
+
+    public function getSignedData(): string;
+}
diff --git a/src/ResponseTrait.php b/src/ResponseTrait.php
@@ -24,6 +24,11 @@ public function getClientData(): ClientData
         return $this->clientData;
     }
 
+    public function getChallengeProvider(): ChallengeProvider
+    {
+        return $this->clientData;
+    }
+
     protected function setSignature(string $signature): self
     {
         $this->signature = $signature;

diff --git a/src/Server.php b/src/Server.php
@@ -61,19 +61,19 @@ public function __construct()
         // @codeCoverageIgnoreEnd
     }
     /**
-     * This method authenticates a `SignResponse` against outstanding
+     * This method authenticates a `LoginResponseInterface` against outstanding
      * registrations and their corresponding `SignRequest`s. If the response's
      * signature validates and the counter hasn't done anything strange, the
      * registration will be returned with an updated counter value, which *must*
      * be persisted for the next authentication. If any verification component
      * fails, a `SE` will be thrown.
      *
-     * @param SignResponse $response the parsed response from the user
+     * @param LoginResponseInterface $response the parsed response from the user
      * @return RegistrationInterface if authentication succeeds
      * @throws SE if authentication fails
      * @throws BadMethodCallException if a precondition is not met
      */
-    public function authenticate(SignResponse $response): RegistrationInterface
+    public function authenticate(LoginResponseInterface $response): RegistrationInterface
     {
         if (!$this->registrations) {
             throw new BadMethodCallException(
@@ -117,28 +117,15 @@ public function authenticate(SignResponse $response): RegistrationInterface
         // match the one in the signing request, the client signed the
         // wrong thing. This could possibly be an attempt at a replay
         // attack.
-        $this->validateChallenge($response->getClientData(), $request);
+        $this->validateChallenge($response->getChallengeProvider(), $request);
 
         $pem = $registration->getPublicKeyPem();
 
-        // U2F Spec:
-        // https://fidoalliance.org/specs/fido-u2f-v1.0-nfc-bt-amendment-20150514/fido-u2f-raw-message-formats.html#authentication-response-message-success
-        $to_verify = sprintf(
-            '%s%s%s%s',
-            $request->getApplicationParameter(),
-            chr($response->getUserPresenceByte()),
-            pack('N', $response->getCounter()),
-            // Note: Spec says this should be from the request, but that's not
-            // actually available via the JS API. Because we assert the
-            // challenge *value* from the Client Data matches the trusted one
-            // from the SignRequest and that value is included in the Challenge
-            // Parameter, this is safe unless/until SHA-256 is broken.
-            $response->getClientData()->getChallengeParameter()
-        );
+        $toVerify = $response->getSignedData();
 
         // Signature must validate against
         $sig_check = openssl_verify(
-            $to_verify,
+            $toVerify,
             $response->getSignature(),
             $pem,
             \OPENSSL_ALGO_SHA256

diff --git a/src/SignResponse.php b/src/SignResponse.php
@@ -5,7 +5,7 @@
 
 use Firehed\U2F\InvalidDataException as IDE;
 
-class SignResponse
+class SignResponse implements LoginResponseInterface
 {
     use ResponseTrait;
 
@@ -17,11 +17,30 @@ public function getCounter(): int
     {
         return $this->counter;
     }
+
     public function getUserPresenceByte(): int
     {
         return $this->user_presence;
     }
 
+    public function getSignedData(): string
+    {
+        // U2F Spec:
+        // https://fidoalliance.org/specs/fido-u2f-v1.0-nfc-bt-amendment-20150514/fido-u2f-raw-message-formats.html#authentication-response-message-success
+        return sprintf(
+            '%s%s%s%s',
+            $this->getClientData()->getApplicationParameter(),
+            chr($this->getUserPresenceByte()),
+            pack('N', $this->getCounter()),
+            // Note: Spec says this should be from the request, but that's not
+            // actually available via the JS API. Because we assert the
+            // challenge *value* from the Client Data matches the trusted one
+            // from the SignRequest and that value is included in the Challenge
+            // Parameter, this is safe unless/until SHA-256 is broken.
+            $this->getClientData()->getChallengeParameter()
+        );
+    }
+
     protected function parseResponse(array $response): self
     {
         $this->validateKeyInArray('keyHandle', $response);