/
public_key.rb
49 lines (42 loc) · 1.47 KB
/
public_key.rb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
# frozen_string_literal: true
require "webauthn/attestation_statement/fido_u2f/public_key"
require "cose/key"
require "cose/algorithm"
module WebAuthn
class PublicKey
def self.deserialize(public_key)
cose_key =
if WebAuthn::AttestationStatement::FidoU2f::PublicKey.uncompressed_point?(public_key)
# Gem version v1.11.0 and lower, used to behave so that Credential#public_key
# returned an EC P-256 uncompressed point.
#
# Because of https://github.com/cedarcode/webauthn-ruby/issues/137 this was changed
# and Credential#public_key started returning the unchanged COSE_Key formatted
# credentialPublicKey (as in https://www.w3.org/TR/webauthn/#credentialpublickey).
#
# Given that the credential public key is expected to be stored long-term by the gem
# user and later be passed as the public_key argument in the
# AuthenticatorAssertionResponse.verify call, we then need to support the two formats.
COSE::Key::EC2.new(
alg: COSE::Algorithm.by_name("ES256").id,
crv: 1,
x: public_key[1..32],
y: public_key[33..-1]
)
else
COSE::Key.deserialize(public_key)
end
new(cose_key: cose_key)
end
attr_reader :cose_key
def initialize(cose_key:)
@cose_key = cose_key
end
def pkey
@cose_key.to_pkey
end
def alg
@cose_key.alg
end
end
end