From 34ebc0800808e2e39fd8f569050aac7b1d0c678e Mon Sep 17 00:00:00 2001 From: James Elliott Date: Thu, 29 Aug 2024 21:25:11 +1000 Subject: [PATCH] fix(webauthn): expose cred params functions This exposes useful functions for generating credential properties. --- webauthn/registration.go | 70 ++++++++++++++++++++++++++++++++++++++-- 1 file changed, 68 insertions(+), 2 deletions(-) diff --git a/webauthn/registration.go b/webauthn/registration.go index 79590da..22a42ff 100644 --- a/webauthn/registration.go +++ b/webauthn/registration.go @@ -53,7 +53,7 @@ func (webauthn *WebAuthn) BeginRegistration(user User, opts ...RegistrationOptio }, } - credentialParams := defaultRegistrationCredentialParameters() + credentialParams := CredentialParametersDefault() creation = &protocol.CredentialCreation{ Response: protocol.PublicKeyCredentialCreationOptions{ @@ -234,7 +234,8 @@ func (webauthn *WebAuthn) CreateCredential(user User, session SessionData, parse return NewCredential(clientDataHash, parsedResponse) } -func defaultRegistrationCredentialParameters() []protocol.CredentialParameter { +// CredentialParametersDefault is the default protocol.CredentialParameter list. +func CredentialParametersDefault() []protocol.CredentialParameter { return []protocol.CredentialParameter{ { Type: protocol.PublicKeyCredentialType, @@ -278,3 +279,68 @@ func defaultRegistrationCredentialParameters() []protocol.CredentialParameter { }, } } + +// CredentialParametersRecommendedL3 is explicitly the Level 3 recommended protocol.CredentialParameter list. +func CredentialParametersRecommendedL3() []protocol.CredentialParameter { + return []protocol.CredentialParameter{ + { + Type: protocol.PublicKeyCredentialType, + Algorithm: webauthncose.AlgEdDSA, + }, + { + Type: protocol.PublicKeyCredentialType, + Algorithm: webauthncose.AlgES256, + }, + { + Type: protocol.PublicKeyCredentialType, + Algorithm: webauthncose.AlgRS256, + }, + } +} + +// CredentialParametersExtendedL3 is the Level 3 recommended protocol.CredentialParameter list with all of the other +// parameters supported by the library. +func CredentialParametersExtendedL3() []protocol.CredentialParameter { + return []protocol.CredentialParameter{ + { + Type: protocol.PublicKeyCredentialType, + Algorithm: webauthncose.AlgEdDSA, + }, + { + Type: protocol.PublicKeyCredentialType, + Algorithm: webauthncose.AlgES256, + }, + { + Type: protocol.PublicKeyCredentialType, + Algorithm: webauthncose.AlgES384, + }, + { + Type: protocol.PublicKeyCredentialType, + Algorithm: webauthncose.AlgES512, + }, + { + Type: protocol.PublicKeyCredentialType, + Algorithm: webauthncose.AlgRS256, + }, + { + Type: protocol.PublicKeyCredentialType, + Algorithm: webauthncose.AlgRS384, + }, + { + Type: protocol.PublicKeyCredentialType, + Algorithm: webauthncose.AlgRS512, + }, + { + Type: protocol.PublicKeyCredentialType, + Algorithm: webauthncose.AlgPS256, + }, + { + Type: protocol.PublicKeyCredentialType, + Algorithm: webauthncose.AlgPS384, + }, + { + Type: protocol.PublicKeyCredentialType, + Algorithm: webauthncose.AlgPS512, + }, + } +}