[PM-4925] Implemented getPublicKey to follow WSC standards (#6934)

* Implemented getPublicKey to follow WSC standards * Renamed variable
bitwarden · Nov 27, 2023 · 301142f · 301142f
1 parent 75e1486
commit 301142f
Show file tree

Hide file tree

Showing 6 changed files with 8 additions and 2 deletions.
diff --git a/apps/browser/src/vault/fido2/webauthn-utils.ts b/apps/browser/src/vault/fido2/webauthn-utils.ts
@@ -67,7 +67,7 @@ export class WebauthnUtils {
         },
 
         getPublicKey(): ArrayBuffer {
-          return null;
+          return Fido2Utils.stringToBuffer(result.publicKey);
         },
 
         getPublicKeyAlgorithm(): number {

diff --git a/libs/common/src/vault/abstractions/fido2/fido2-authenticator.service.abstraction.ts b/libs/common/src/vault/abstractions/fido2/fido2-authenticator.service.abstraction.ts
@@ -109,6 +109,7 @@ export interface Fido2AuthenticatorMakeCredentialResult {
   credentialId: BufferSource;
   attestationObject: BufferSource;
   authData: BufferSource;
+  publicKey: BufferSource;
   publicKeyAlgorithm: number;
 }
 

diff --git a/libs/common/src/vault/abstractions/fido2/fido2-client.service.abstraction.ts b/libs/common/src/vault/abstractions/fido2/fido2-client.service.abstraction.ts
@@ -122,6 +122,7 @@ export interface CreateCredentialResult {
   clientDataJSON: string;
   attestationObject: string;
   authData: string;
+  publicKey: string;
   publicKeyAlgorithm: number;
   transports: string[];
 }

diff --git a/libs/common/src/vault/services/fido2/fido2-authenticator.service.ts b/libs/common/src/vault/services/fido2/fido2-authenticator.service.ts
@@ -109,6 +109,7 @@ export class Fido2AuthenticatorService implements Fido2AuthenticatorServiceAbstr
       let keyPair: CryptoKeyPair;
       let userVerified = false;
       let credentialId: string;
+      let pubKeyDer: ArrayBuffer;
       const response = await userInterfaceSession.confirmNewCredential({
         credentialName: params.rpEntity.name,
         userName: params.userEntity.displayName,
@@ -126,7 +127,7 @@ export class Fido2AuthenticatorService implements Fido2AuthenticatorServiceAbstr
 
       try {
         keyPair = await createKeyPair();
-
+        pubKeyDer = await crypto.subtle.exportKey("spki", keyPair.publicKey);
         const encrypted = await this.cipherService.get(cipherId);
         cipher = await encrypted.decrypt(
           await this.cipherService.getKeyForCipherKeyDecryption(encrypted)
@@ -174,6 +175,7 @@ export class Fido2AuthenticatorService implements Fido2AuthenticatorServiceAbstr
         credentialId: guidToRawFormat(credentialId),
         attestationObject,
         authData,
+        publicKey: pubKeyDer,
         publicKeyAlgorithm: -7,
       };
     } finally {

diff --git a/libs/common/src/vault/services/fido2/fido2-client.service.spec.ts b/libs/common/src/vault/services/fido2/fido2-client.service.spec.ts
@@ -285,6 +285,7 @@ describe("FidoAuthenticatorService", () => {
         credentialId: guidToRawFormat(Utils.newGuid()),
         attestationObject: randomBytes(128),
         authData: randomBytes(64),
+        publicKey: randomBytes(64),
         publicKeyAlgorithm: -7,
       };
     }

diff --git a/libs/common/src/vault/services/fido2/fido2-client.service.ts b/libs/common/src/vault/services/fido2/fido2-client.service.ts
@@ -199,6 +199,7 @@ export class Fido2ClientService implements Fido2ClientServiceAbstraction {
       attestationObject: Fido2Utils.bufferToString(makeCredentialResult.attestationObject),
       authData: Fido2Utils.bufferToString(makeCredentialResult.authData),
       clientDataJSON: Fido2Utils.bufferToString(clientDataJSONBytes),
+      publicKey: Fido2Utils.bufferToString(makeCredentialResult.publicKey),
       publicKeyAlgorithm: makeCredentialResult.publicKeyAlgorithm,
       transports: params.rp.id === "google.com" ? ["internal", "usb"] : ["internal"],
     };