Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Registration validation first steps #2

Merged
merged 5 commits into from
May 21, 2018
Merged

Registration validation first steps #2

Changes from 1 commit
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
6daed04
feat: .valid? method validates registration type
grzuy May 21, 2018
89355b0
feat: verifies challenge when registering new credential
grzuy May 21, 2018
3b54d5d
feat: validates authenticator data length when registering new creden…
grzuy May 21, 2018
0ac6c02
Merge branch 'master' into registration_validation
grzuy May 21, 2018
21eb3e6
feat: validates user present flag when registering new credential
grzuy May 21, 2018
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
feat: validates user present flag when registering new credential
  • Loading branch information
@grzuy
grzuy committed May 21, 2018
commit 21eb3e6a3a22488e73fd2a3430211a997d5a99ea
12 changes: 11 additions & 1 deletion lib/webauthn/validator.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@
module WebAuthn
class Validator
AUTHENTICATOR_DATA_MIN_LENGTH = 37.freeze
USER_PRESENT_BIT_POSITION = 0.freeze

def initialize(attestation_object:, client_data_bin:, original_challenge:)
@attestation_object = attestation_object
Expand All @@ -13,7 +14,8 @@ def initialize(attestation_object:, client_data_bin:, original_challenge:)
def valid?
valid_type? &&
valid_challenge? &&
valid_authenticator_data?
valid_authenticator_data? &&
user_present?
end

private
Expand All @@ -32,6 +34,14 @@ def valid_authenticator_data?
authenticator_data.length > AUTHENTICATOR_DATA_MIN_LENGTH
end

def user_present?
authenticator_data_flags[USER_PRESENT_BIT_POSITION] == "1"
end

def authenticator_data_flags
@authenticator_data_flags ||= authenticator_data[32].unpack("b*").first
end

def client_data
@client_data ||= JSON.parse(Base64.urlsafe_decode64(client_data_bin))
end
Expand Down