Commit b5aa969
committed
fix(webauthn): accept PRF evalByCredential member name and validate per-credential salts
The per-credential member deserialized as eval_by_credential instead of the spec name evalByCredential, so conformant JSON callers lost their per-credential salts and the spec validations never ran. Rename it via camelCase, and validate every key in prf_to_hmac_input so a later empty or non-base64url key is still rejected.1 parent 958894a commit b5aa969
2 files changed
Lines changed: 4 additions & 7 deletions
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
1246 | 1246 | | |
1247 | 1247 | | |
1248 | 1248 | | |
1249 | | - | |
1250 | | - | |
1251 | | - | |
1252 | | - | |
1253 | | - | |
1254 | | - | |
1255 | | - | |
| 1249 | + | |
| 1250 | + | |
| 1251 | + | |
1256 | 1252 | | |
1257 | 1253 | | |
1258 | 1254 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
67 | 67 | | |
68 | 68 | | |
69 | 69 | | |
| 70 | + | |
70 | 71 | | |
71 | 72 | | |
72 | 73 | | |
| |||
0 commit comments