Code Monkey home page Code Monkey logo

fido2-u2f-credentials's Introduction

fido2-u2f-credentials

WIP Create and and get FIDO U2F credentials

Installation

$ npm install fido2-u2f-credentials

Usage

const credentials = require('fido2-u2f-credentials')
const attestationResponse = await credentials.create({
  rp: {
    id: window.location.hostname,
    name: window.location.hostname,
  },

  user: {
    id: Buffer.from('[email protected]'),
    name: '[email protected]',
    displayName: 'Alice'
  },

  pubKeyCredParams: [{
    type: 'public-key',
    alg: credentials.constants.ES256
  }]
})
const credentials = require('fido2-u2f-credentials')
const assertionResponse = await credentials.get({
  allowCredentials: [{
    id: response.id,
    // providing the raw public key buffer
    // allows for client side verification
    publicKey: response.publicKey
  }]
})

TODO

  • Tests
  • Implement WebAuthn credentials interface using hid

API

creds = credentials.create(opts)

Creates a new FIDO U2F credential attestation where opts is everything defined for the PublicKeyCredentialCreationOptions interface

and opts.crypto is an optional object containing

{
  // hash buffer based on COSE algorithm type
  hash(algorithm, buffer),
  // verify data with signature and public key based on COSE algorithm type
  verify(algorithm, signature, data, publicKey)
}

creds = credentials.get(opts)

Creates a new FIDO U2F credential assertion where opts is everything defined for the PublicKeyCredentialRequestOptions interface

and opts.crypto is an optional object containing

{
  // hash buffer based on COSE algorithm type
  hash(algorithm, buffer),
  // verify data with signature and public key based on COSE algorithm type
  verify(algorithm, signature, data, publicKey)
}

credentials.attestation.Request

The internal attestation request class passed to navigator.credentials.create(request).

credentials.attestation.Response

The attestation response class that wraps the PublicKeyCredential returned from navigator.credentials.create(request).

response.request

A pointer back to the credentials.attestation.Request object that initiated the request.

response.verified

A boolean that indicates the response verified the signature from the attestation.

response.algorithm

The COSE algorithm type constant.

response.credential

The PublicKeyCredential returned from navigator.credentials.create().

response.attestationObject

The decoded CBOR attestation object from the response PublicKeyCredential.

response.signature

The attestation response signature buffer. If the attestation is 'none' then this will be null.

response.certificate

The attestation response certificate buffer. If the attestation is 'none' then this will be null.

response.certificatePEM

The attestation response certificate in PEM format. If the attestation is 'none' then this will be null.

response.format

The attestation response format.

response.auth

The parsed attestation authentication data from the PublicKeyCredential response.

response.publicKey

The PKCS representation of the COSE public key in the PublicKeyCredential response. This should be saved somewhere should you need assertions to be verified on the client or off device.

response.data

The parsed clientDataJSON from the PublicKeyCredential response.

response.id

The credential ID. This must be saved somewhere to reference the PublicKeyCredential on the device.

credentials.assertion.Request

The internal assertion request class passed to navigator.credentials.get(request).

credentials.assertion.Response

The assertion response class that wraps the PublicKeyCredential returned from navigator.credentials.get(request).

response.credential

The PublicKeyCredential returned from navigator.credentials.get().

response.data

The parsed clientDataJSON from the PublicKeyCredential response.

response.id

The credential ID. This must be saved somewhere to reference the PublicKeyCredential on the device.

response.signature

The assertion response signature buffer.

response.request

A pointer back to the credentials.assertion.Request object that initiated the request.

response.verified

A boolean that indicates the response verified the signature from the assertion on the client.

response.algorithm

The COSE algorithm type constant.

response.auth

The parsed assertion authentication data from the PublicKeyCredential response.

License

MIT

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.