Skip to content

Commit 2b69839

Browse files
committed
Add ML-DSA to RelyingParty(V2)AssertionSpec.scala
1 parent 9f1988f commit 2b69839

2 files changed

Lines changed: 111 additions & 0 deletions

File tree

webauthn-server-core/src/test/scala/com/yubico/webauthn/RelyingPartyAssertionSpec.scala

Lines changed: 57 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -72,6 +72,7 @@ import org.scalatestplus.scalacheck.ScalaCheckDrivenPropertyChecks
7272

7373
import java.io.IOException
7474
import java.nio.charset.Charset
75+
import java.security.KeyFactory
7576
import java.security.KeyPair
7677
import java.security.MessageDigest
7778
import java.security.interfaces.ECPublicKey
@@ -2925,6 +2926,62 @@ class RelyingPartyAssertionSpec
29252926
)
29262927
}
29272928

2929+
for { algName <- List("ML-DSA-44", "ML-DSA-65", "ML-DSA-87") } it(
2930+
s"a generated ${algName} key, when available."
2931+
) {
2932+
assume(Try(KeyFactory.getInstance(algName)).isSuccess)
2933+
2934+
val registrationTestData = algName match {
2935+
case "ML-DSA-44" =>
2936+
RegistrationTestData.Packed.BasicAttestationMlDsa44
2937+
case "ML-DSA-65" =>
2938+
RegistrationTestData.Packed.BasicAttestationMlDsa65
2939+
case "ML-DSA-87" =>
2940+
RegistrationTestData.Packed.BasicAttestationMlDsa87
2941+
}
2942+
val testData = registrationTestData.assertion.get
2943+
2944+
val rp = RelyingParty
2945+
.builder()
2946+
.identity(
2947+
RelyingPartyIdentity.builder().id("localhost").name("Test RP").build()
2948+
)
2949+
.credentialRepository(
2950+
Helpers.CredentialRepository.withUser(
2951+
registrationTestData.userId,
2952+
RegisteredCredential
2953+
.builder()
2954+
.credentialId(registrationTestData.response.getId)
2955+
.userHandle(registrationTestData.userId.getId)
2956+
.publicKeyCose(
2957+
registrationTestData.response.getResponse.getParsedAuthenticatorData.getAttestedCredentialData.get.getCredentialPublicKey
2958+
)
2959+
.signatureCount(0)
2960+
.build(),
2961+
)
2962+
)
2963+
.build()
2964+
2965+
val result = rp.finishAssertion(
2966+
FinishAssertionOptions
2967+
.builder()
2968+
.request(testData.request)
2969+
.response(testData.response)
2970+
.build()
2971+
)
2972+
2973+
result.isSuccess should be(true)
2974+
result.getCredential.getUserHandle should equal(
2975+
registrationTestData.userId.getId
2976+
)
2977+
result.getCredential.getCredentialId should equal(
2978+
registrationTestData.response.getId
2979+
)
2980+
result.getCredential.getCredentialId should equal(
2981+
testData.response.getId
2982+
)
2983+
}
2984+
29282985
describe("an RS1 key") {
29292986
def test(registrationTestData: RegistrationTestData): Unit = {
29302987
val testData = registrationTestData.assertion.get

webauthn-server-core/src/test/scala/com/yubico/webauthn/RelyingPartyV2AssertionSpec.scala

Lines changed: 54 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -72,6 +72,7 @@ import org.scalatestplus.scalacheck.ScalaCheckDrivenPropertyChecks
7272

7373
import java.io.IOException
7474
import java.nio.charset.Charset
75+
import java.security.KeyFactory
7576
import java.security.KeyPair
7677
import java.security.MessageDigest
7778
import java.security.interfaces.ECPublicKey
@@ -3119,6 +3120,59 @@ class RelyingPartyV2AssertionSpec
31193120
)
31203121
}
31213122

3123+
for { algName <- List("ML-DSA-44", "ML-DSA-65", "ML-DSA-87") } it(
3124+
s"a generated ${algName} key, when available."
3125+
) {
3126+
assume(Try(KeyFactory.getInstance(algName)).isSuccess)
3127+
3128+
val registrationTestData = algName match {
3129+
case "ML-DSA-44" =>
3130+
RegistrationTestData.Packed.BasicAttestationMlDsa44
3131+
case "ML-DSA-65" =>
3132+
RegistrationTestData.Packed.BasicAttestationMlDsa65
3133+
case "ML-DSA-87" =>
3134+
RegistrationTestData.Packed.BasicAttestationMlDsa87
3135+
}
3136+
val testData = registrationTestData.assertion.get
3137+
3138+
val rp = RelyingParty
3139+
.builder()
3140+
.identity(
3141+
RelyingPartyIdentity.builder().id("localhost").name("Test RP").build()
3142+
)
3143+
.credentialRepositoryV2(
3144+
Helpers.CredentialRepositoryV2.withUser(
3145+
registrationTestData.userId,
3146+
credentialId = registrationTestData.response.getId,
3147+
publicKeyCose =
3148+
registrationTestData.response.getResponse.getParsedAuthenticatorData.getAttestedCredentialData.get.getCredentialPublicKey,
3149+
)
3150+
)
3151+
.usernameRepository(
3152+
Helpers.UsernameRepository.withUsers(registrationTestData.userId)
3153+
)
3154+
.build()
3155+
3156+
val result = rp.finishAssertion(
3157+
FinishAssertionOptions
3158+
.builder()
3159+
.request(testData.request)
3160+
.response(testData.response)
3161+
.build()
3162+
)
3163+
3164+
result.isSuccess should be(true)
3165+
result.getCredential.getUserHandle should equal(
3166+
registrationTestData.userId.getId
3167+
)
3168+
result.getCredential.getCredentialId should equal(
3169+
registrationTestData.response.getId
3170+
)
3171+
result.getCredential.getCredentialId should equal(
3172+
testData.response.getId
3173+
)
3174+
}
3175+
31223176
describe("an RS1 key") {
31233177
def test(registrationTestData: RegistrationTestData): Unit = {
31243178
val testData = registrationTestData.assertion.get

0 commit comments

Comments
 (0)