Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
if (pubKey.get(3) !== -7)
throw new Error('Public key is not ES256');
if (pubKey.get(-1) !== 1)
throw new Error('Public key has unsupported curve');
const x = pubKey.get(-2);
const y = pubKey.get(-3);
if (x.length !== 32 || y.length !== 32)
throw new Error('Public key has invalid X or Y size');
const ser = new Serialize.SerialBuffer({textEncoder: new util.TextEncoder(), textDecoder: new util.TextDecoder()});
ser.push((y[31] & 1) ? 3 : 2);
ser.pushArray(x);
ser.push(flagsToPresence(flags));
ser.pushString(k.rpid);
const compact = ser.asUint8Array();
const key = Numeric.publicKeyToString({
type: Numeric.KeyType.wa,
data: compact,
});
console.log({
flags: ('00' + flags.toString(16)).slice(-2),
signCount,
aaguid,
credentialIdLength,
credentialId: Serialize.arrayToHex(credentialId),
rpid: k.rpid,
presence: flagsToPresence(flags),
x: Serialize.arrayToHex(x),
y: Serialize.arrayToHex(y),
compact: Serialize.arrayToHex(compact),
key,
});
return {
const whatItReallySigned = new Serialize.SerialBuffer();
whatItReallySigned.pushArray(new Uint8Array(assertion.response.authenticatorData));
whatItReallySigned.pushArray(new Uint8Array(await crypto.subtle.digest('SHA-256', assertion.response.clientDataJSON)));
const hash = new Uint8Array(await crypto.subtle.digest('SHA-256', whatItReallySigned.asUint8Array().slice()));
const recid = e.getKeyRecoveryParam(hash, new Uint8Array(assertion.response.signature), pubKey);
const sigData = new Serialize.SerialBuffer();
sigData.push(recid + 27 + 4);
sigData.pushArray(r);
sigData.pushArray(s);
sigData.pushBytes(new Uint8Array(assertion.response.authenticatorData));
sigData.pushBytes(new Uint8Array(assertion.response.clientDataJSON));
const sig = Numeric.signatureToString({
type: Numeric.KeyType.wa,
data: sigData.asUint8Array().slice(),
});
signatures.push(sig);
}
return { signatures, serializedTransaction, serializedContextFreeData };
}
}