Commit 70cb6a6
authored
feat(webauthn): emit SubjectPublicKeyInfo from getPublicKey() (#230)
WebAuthn L3 §5.2.1.1 says
`AuthenticatorAttestationResponse.getPublicKey()` returns DER-encoded
SubjectPublicKeyInfo for credentials using ES256, EdDSA Ed25519 and
RS256, and null for any algorithm the user agent does not implement.
libwebauthn was emitting raw COSE bytes there instead, which relying
parties could not feed into `SubtleCrypto` or standard X.509 parsers.
A new converter produces SPKI for the WebAuthn L3 floor plus ESP256,
which is equivalent to ES256 per RFC 9864. Algorithms outside the
supported set return null per spec. Malformed keys for understood
algorithms surface as an error.
The conversion uses the `spki` and `der` crates from RustCrypto, both
already in the transitive dependency tree via `p256`, so no new external
runtime crates land. Adding new algorithm support later is a small
per-algorithm addition.
Stacked on top of #229.1 parent 9e48445 commit 70cb6a6
4 files changed
Lines changed: 439 additions & 27 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
69 | 69 | | |
70 | 70 | | |
71 | 71 | | |
| 72 | + | |
| 73 | + | |
72 | 74 | | |
73 | 75 | | |
74 | 76 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
91 | 91 | | |
92 | 92 | | |
93 | 93 | | |
94 | | - | |
95 | | - | |
96 | | - | |
| 94 | + | |
| 95 | + | |
| 96 | + | |
| 97 | + | |
| 98 | + | |
| 99 | + | |
97 | 100 | | |
98 | 101 | | |
99 | 102 | | |
| |||
1161 | 1164 | | |
1162 | 1165 | | |
1163 | 1166 | | |
| 1167 | + | |
| 1168 | + | |
| 1169 | + | |
| 1170 | + | |
| 1171 | + | |
| 1172 | + | |
| 1173 | + | |
| 1174 | + | |
| 1175 | + | |
| 1176 | + | |
| 1177 | + | |
| 1178 | + | |
| 1179 | + | |
| 1180 | + | |
| 1181 | + | |
| 1182 | + | |
| 1183 | + | |
| 1184 | + | |
| 1185 | + | |
| 1186 | + | |
| 1187 | + | |
| 1188 | + | |
| 1189 | + | |
| 1190 | + | |
| 1191 | + | |
| 1192 | + | |
| 1193 | + | |
| 1194 | + | |
| 1195 | + | |
1164 | 1196 | | |
1165 | 1197 | | |
1166 | 1198 | | |
| |||
0 commit comments