jsnbuchanan/crowd-funder-for-time-pwa
1
0
Fork 1
forked from trent_larson/crowd-funder-for-time-pwa
Code Issues Pull Requests Projects Releases Wiki Activity

fix: use challenge parameter in verifyJwtWebCrypto preimage

Browse Source 
- Remove unused client data hashing in verifyJwtWebCrypto
- Use challenge parameter directly in preimage construction
- Fix TS6133 error for unused challenge parameter
- Make verification logic consistent with verifyJwtP256

This change maintains the same verification logic while properly
utilizing the challenge parameter in the signature verification.
This commit is contained in:
Matthew Raymer
2025-05-28 10:28:57 +00:00
parent 81ef55b2bf
commit 2d548bce1c
1 changed files with 5 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
src/libs/crypto/vc/passkeyDidPeer.ts
View File

@@ -398,11 +398,12 @@ export async function verifyJwtWebCrypto(
const sigBuffer = Buffer.from(signature, "base64"); const sigBuffer = Buffer.from(signature, "base64");
const finalSigBuffer = unwrapEC2Signature(sigBuffer); const finalSigBuffer = unwrapEC2Signature(sigBuffer);
// Hash the client data // Use challenge in preimage construction
const hash = sha256(clientDataFromBase); const preimage = Buffer.concat([
authDataFromBase,
Buffer.from(challenge),
]);
// Construct the preimage
const preimage = Buffer.concat([authDataFromBase, hash]);
return verifyPeerSignature(preimage, issuerDid, finalSigBuffer); return verifyPeerSignature(preimage, issuerDid, finalSigBuffer);
} }