trent_larson
/
crowd-funder-for-time-pwa
4
1
Fork 2
Code Pull Requests 11 Releases 5 Wiki Activity
Browse Source

fix: use challenge parameter in verifyJwtWebCrypto preimage 

- Remove unused client data hashing in verifyJwtWebCrypto
- Use challenge parameter directly in preimage construction
- Fix TS6133 error for unused challenge parameter
- Make verification logic consistent with verifyJwtP256

This change maintains the same verification logic while properly
utilizing the challenge parameter in the signature verification.
pull/137/head
Matthew Raymer 1 week ago
parent
63575b36ed
commit
2d4d9691ca
1 changed files with 5 additions and 4 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 9
      src/libs/crypto/vc/passkeyDidPeer.ts

9
src/libs/crypto/vc/passkeyDidPeer.ts
View File

@ -398,11 +398,12 @@ export async function verifyJwtWebCrypto(
const sigBuffer = Buffer.from(signature, "base64");
const finalSigBuffer = unwrapEC2Signature(sigBuffer);
// Hash the client data
const hash = sha256(clientDataFromBase);
// Use challenge in preimage construction
const preimage = Buffer.concat([
authDataFromBase,
Buffer.from(challenge),
]);
// Construct the preimage
const preimage = Buffer.concat([authDataFromBase, hash]);
return verifyPeerSignature(preimage, issuerDid, finalSigBuffer);
}

Write Preview
Loading…
Cancel
Save