Fix use of wrong library for CBOR authentication object
This commit is contained in:
parent
c86b7eaa1d
commit
64b83ddb9f
3 changed files with 102 additions and 47 deletions
|
@ -51,6 +51,7 @@
|
|||
"blurhash": "2.0.5",
|
||||
"bull": "4.11.3",
|
||||
"cacheable-lookup": "TheEssem/cacheable-lookup",
|
||||
"cbor-x": "^1.5.4",
|
||||
"chalk": "5.3.0",
|
||||
"chalk-template": "0.4.0",
|
||||
"chokidar": "^3.5.3",
|
||||
|
@ -91,7 +92,7 @@
|
|||
"meilisearch": "0.34.1",
|
||||
"mfm-js": "0.23.3",
|
||||
"mime-types": "2.1.35",
|
||||
"msgpackr": "1.9.7",
|
||||
"msgpackr": "^1.9.9",
|
||||
"multer": "1.4.4-lts.1",
|
||||
"native-utils": "link:native-utils",
|
||||
"nested-property": "4.0.0",
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
import { decode } from "msgpackr";
|
||||
import { decode } from "cbor-x";
|
||||
import define from "../../../define.js";
|
||||
import {
|
||||
UserProfiles,
|
||||
|
@ -62,7 +62,7 @@ export default define(meta, paramDef, async (ps, user) => {
|
|||
|
||||
const clientDataJSONHash = hash(Buffer.from(ps.clientDataJSON, "utf-8"));
|
||||
|
||||
const attestation = decode(Buffer.from(ps.attestationObject, "utf-8"));
|
||||
const attestation = decode(Buffer.from(ps.attestationObject, "hex"));
|
||||
|
||||
const rpIdHash = attestation.authData.slice(0, 32);
|
||||
if (!rpIdHashReal.equals(rpIdHash)) {
|
||||
|
@ -79,7 +79,13 @@ export default define(meta, paramDef, async (ps, user) => {
|
|||
const credentialIdLength = authData.readUInt16BE(53);
|
||||
const credentialId = authData.slice(55, 55 + credentialIdLength);
|
||||
const publicKeyData = authData.slice(55 + credentialIdLength);
|
||||
const publicKey: Map<number, any> = decode(publicKeyData);
|
||||
const publicKey: Map<Number, any> = new Map(
|
||||
Object.entries(decode(publicKeyData)).map(([key, value]) => [
|
||||
Number(key),
|
||||
value,
|
||||
]),
|
||||
);
|
||||
|
||||
if (publicKey.get(3) !== -7) {
|
||||
throw new Error("alg mismatch");
|
||||
}
|
||||
|
|
134
pnpm-lock.yaml
134
pnpm-lock.yaml
|
@ -171,6 +171,9 @@ importers:
|
|||
cacheable-lookup:
|
||||
specifier: TheEssem/cacheable-lookup
|
||||
version: github.com/TheEssem/cacheable-lookup/dd2fb616366a3c68dcf321a57a67295967b204bf
|
||||
cbor-x:
|
||||
specifier: ^1.5.4
|
||||
version: 1.5.4
|
||||
chalk:
|
||||
specifier: 5.3.0
|
||||
version: 5.3.0
|
||||
|
@ -292,8 +295,8 @@ importers:
|
|||
specifier: 2.1.35
|
||||
version: 2.1.35
|
||||
msgpackr:
|
||||
specifier: 1.9.7
|
||||
version: 1.9.7
|
||||
specifier: ^1.9.9
|
||||
version: 1.9.9
|
||||
multer:
|
||||
specifier: 1.4.4-lts.1
|
||||
version: 1.4.4-lts.1
|
||||
|
@ -906,7 +909,7 @@ importers:
|
|||
devDependencies:
|
||||
'@swc/cli':
|
||||
specifier: ^0.1.62
|
||||
version: 0.1.62(@swc/core@1.3.78)
|
||||
version: 0.1.62(@swc/core@1.3.78)(chokidar@3.3.1)
|
||||
'@swc/core':
|
||||
specifier: 1.3.78
|
||||
version: 1.3.78
|
||||
|
@ -1140,7 +1143,7 @@ packages:
|
|||
'@babel/traverse': 7.22.10
|
||||
'@babel/types': 7.22.10
|
||||
convert-source-map: 1.9.0
|
||||
debug: 4.3.4
|
||||
debug: 4.3.4(supports-color@8.1.1)
|
||||
gensync: 1.0.0-beta.2
|
||||
json5: 2.2.3
|
||||
semver: 6.3.1
|
||||
|
@ -1162,7 +1165,7 @@ packages:
|
|||
'@babel/traverse': 7.23.2
|
||||
'@babel/types': 7.23.0
|
||||
convert-source-map: 2.0.0
|
||||
debug: 4.3.4
|
||||
debug: 4.3.4(supports-color@8.1.1)
|
||||
gensync: 1.0.0-beta.2
|
||||
json5: 2.2.3
|
||||
semver: 6.3.1
|
||||
|
@ -1581,7 +1584,7 @@ packages:
|
|||
'@babel/helper-split-export-declaration': 7.22.6
|
||||
'@babel/parser': 7.22.10
|
||||
'@babel/types': 7.22.10
|
||||
debug: 4.3.4
|
||||
debug: 4.3.4(supports-color@8.1.1)
|
||||
globals: 11.12.0
|
||||
transitivePeerDependencies:
|
||||
- supports-color
|
||||
|
@ -1598,7 +1601,7 @@ packages:
|
|||
'@babel/helper-split-export-declaration': 7.22.6
|
||||
'@babel/parser': 7.23.0
|
||||
'@babel/types': 7.23.0
|
||||
debug: 4.3.4
|
||||
debug: 4.3.4(supports-color@8.1.1)
|
||||
globals: 11.12.0
|
||||
transitivePeerDependencies:
|
||||
- supports-color
|
||||
|
@ -1804,6 +1807,54 @@ packages:
|
|||
'@bull-board/api': 5.8.0(@bull-board/ui@5.8.0)
|
||||
dev: false
|
||||
|
||||
/@cbor-extract/cbor-extract-darwin-arm64@2.1.1:
|
||||
resolution: {integrity: sha512-blVBy5MXz6m36Vx0DfLd7PChOQKEs8lK2bD1WJn/vVgG4FXZiZmZb2GECHFvVPA5T7OnODd9xZiL3nMCv6QUhA==}
|
||||
cpu: [arm64]
|
||||
os: [darwin]
|
||||
requiresBuild: true
|
||||
dev: false
|
||||
optional: true
|
||||
|
||||
/@cbor-extract/cbor-extract-darwin-x64@2.1.1:
|
||||
resolution: {integrity: sha512-h6KFOzqk8jXTvkOftyRIWGrd7sKQzQv2jVdTL9nKSf3D2drCvQB/LHUxAOpPXo3pv2clDtKs3xnHalpEh3rDsw==}
|
||||
cpu: [x64]
|
||||
os: [darwin]
|
||||
requiresBuild: true
|
||||
dev: false
|
||||
optional: true
|
||||
|
||||
/@cbor-extract/cbor-extract-linux-arm64@2.1.1:
|
||||
resolution: {integrity: sha512-SxAaRcYf8S0QHaMc7gvRSiTSr7nUYMqbUdErBEu+HYA4Q6UNydx1VwFE68hGcp1qvxcy9yT5U7gA+a5XikfwSQ==}
|
||||
cpu: [arm64]
|
||||
os: [linux]
|
||||
requiresBuild: true
|
||||
dev: false
|
||||
optional: true
|
||||
|
||||
/@cbor-extract/cbor-extract-linux-arm@2.1.1:
|
||||
resolution: {integrity: sha512-ds0uikdcIGUjPyraV4oJqyVE5gl/qYBpa/Wnh6l6xLE2lj/hwnjT2XcZCChdXwW/YFZ1LUHs6waoYN8PmK0nKQ==}
|
||||
cpu: [arm]
|
||||
os: [linux]
|
||||
requiresBuild: true
|
||||
dev: false
|
||||
optional: true
|
||||
|
||||
/@cbor-extract/cbor-extract-linux-x64@2.1.1:
|
||||
resolution: {integrity: sha512-GVK+8fNIE9lJQHAlhOROYiI0Yd4bAZ4u++C2ZjlkS3YmO6hi+FUxe6Dqm+OKWTcMpL/l71N6CQAmaRcb4zyJuA==}
|
||||
cpu: [x64]
|
||||
os: [linux]
|
||||
requiresBuild: true
|
||||
dev: false
|
||||
optional: true
|
||||
|
||||
/@cbor-extract/cbor-extract-win32-x64@2.1.1:
|
||||
resolution: {integrity: sha512-2Niq1C41dCRIDeD8LddiH+mxGlO7HJ612Ll3D/E73ZWBmycued+8ghTr/Ho3CMOWPUEr08XtyBMVXAjqF+TcKw==}
|
||||
cpu: [x64]
|
||||
os: [win32]
|
||||
requiresBuild: true
|
||||
dev: false
|
||||
optional: true
|
||||
|
||||
/@chainsafe/is-ip@2.0.2:
|
||||
resolution: {integrity: sha512-ndGqEMG1W5WkGagaqOZHpPU172AGdxr+LD15sv3WIUvT5oCFUrG1Y0CW/v2Egwj4JXEvSibaIIIqImsm98y1nA==}
|
||||
dev: false
|
||||
|
@ -3239,33 +3290,13 @@ packages:
|
|||
resolution: {integrity: sha512-Uy0+khmZqUrUGm5dmMqVlnvufZRSK0FbYzVgp0UMstm+F5+W2/jnEEQyc9vo1ZR/E5ZI/B1WjjoTqBqwJL6Krw==}
|
||||
dev: false
|
||||
|
||||
/@swc/cli@0.1.62(@swc/core@1.3.78):
|
||||
resolution: {integrity: sha512-kOFLjKY3XH1DWLfXL1/B5MizeNorHR8wHKEi92S/Zi9Md/AK17KSqR8MgyRJ6C1fhKHvbBCl8wboyKAFXStkYw==}
|
||||
engines: {node: '>= 12.13'}
|
||||
hasBin: true
|
||||
peerDependencies:
|
||||
'@swc/core': ^1.2.66
|
||||
chokidar: ^3.3.1
|
||||
peerDependenciesMeta:
|
||||
chokidar:
|
||||
optional: true
|
||||
dependencies:
|
||||
'@mole-inc/bin-wrapper': 8.0.1
|
||||
'@swc/core': 1.3.78
|
||||
commander: 7.2.0
|
||||
fast-glob: 3.3.1
|
||||
semver: 7.5.4
|
||||
slash: 3.0.0
|
||||
source-map: 0.7.4
|
||||
dev: true
|
||||
|
||||
/@swc/cli@0.1.62(@swc/core@1.3.78)(chokidar@3.3.1):
|
||||
resolution: {integrity: sha512-kOFLjKY3XH1DWLfXL1/B5MizeNorHR8wHKEi92S/Zi9Md/AK17KSqR8MgyRJ6C1fhKHvbBCl8wboyKAFXStkYw==}
|
||||
engines: {node: '>= 12.13'}
|
||||
hasBin: true
|
||||
peerDependencies:
|
||||
'@swc/core': ^1.2.66
|
||||
chokidar: ^3.3.1
|
||||
chokidar: ^3.5.1
|
||||
peerDependenciesMeta:
|
||||
chokidar:
|
||||
optional: true
|
||||
|
@ -6229,7 +6260,7 @@ packages:
|
|||
get-port: 5.1.1
|
||||
ioredis: 5.3.2
|
||||
lodash: 4.17.21
|
||||
msgpackr: 1.9.7
|
||||
msgpackr: 1.9.9
|
||||
semver: 7.5.4
|
||||
uuid: 8.3.2
|
||||
transitivePeerDependencies:
|
||||
|
@ -6401,6 +6432,28 @@ packages:
|
|||
/caseless@0.12.0:
|
||||
resolution: {integrity: sha512-4tYFyifaFfGacoiObjJegolkwSU4xQNGbVgUiNYVUxbQ2x2lUsFvY4hVgVzGiIe6WLOPqycWXA40l+PWsxthUw==}
|
||||
|
||||
/cbor-extract@2.1.1:
|
||||
resolution: {integrity: sha512-1UX977+L+zOJHsp0mWFG13GLwO6ucKgSmSW6JTl8B9GUvACvHeIVpFqhU92299Z6PfD09aTXDell5p+lp1rUFA==}
|
||||
hasBin: true
|
||||
requiresBuild: true
|
||||
dependencies:
|
||||
node-gyp-build-optional-packages: 5.0.3
|
||||
optionalDependencies:
|
||||
'@cbor-extract/cbor-extract-darwin-arm64': 2.1.1
|
||||
'@cbor-extract/cbor-extract-darwin-x64': 2.1.1
|
||||
'@cbor-extract/cbor-extract-linux-arm': 2.1.1
|
||||
'@cbor-extract/cbor-extract-linux-arm64': 2.1.1
|
||||
'@cbor-extract/cbor-extract-linux-x64': 2.1.1
|
||||
'@cbor-extract/cbor-extract-win32-x64': 2.1.1
|
||||
dev: false
|
||||
optional: true
|
||||
|
||||
/cbor-x@1.5.4:
|
||||
resolution: {integrity: sha512-PVKILDn+Rf6MRhhcyzGXi5eizn1i0i3F8Fe6UMMxXBnWkalq9+C5+VTmlIjAYM4iF2IYF2N+zToqAfYOp+3rfw==}
|
||||
optionalDependencies:
|
||||
cbor-extract: 2.1.1
|
||||
dev: false
|
||||
|
||||
/cbor@8.1.0:
|
||||
resolution: {integrity: sha512-DwGjNW9omn6EwP70aXsn7FQJx5kO12tX0bZkaTjzdVFM6/7nhA4t0EENocKGx6D2Bch9PE2KzCUf5SceBdeijg==}
|
||||
engines: {node: '>=12.19'}
|
||||
|
@ -7592,17 +7645,6 @@ packages:
|
|||
ms: 2.1.2
|
||||
dev: false
|
||||
|
||||
/debug@4.3.4:
|
||||
resolution: {integrity: sha512-PRWFHuSU3eDtQJPvnNY7Jcket1j0t5OuOsFzPPzsekD52Zl8qUfFIPEiswXqIvHWGVHOgX+7G/vCNNhehwxfkQ==}
|
||||
engines: {node: '>=6.0'}
|
||||
peerDependencies:
|
||||
supports-color: '*'
|
||||
peerDependenciesMeta:
|
||||
supports-color:
|
||||
optional: true
|
||||
dependencies:
|
||||
ms: 2.1.2
|
||||
|
||||
/debug@4.3.4(supports-color@8.1.1):
|
||||
resolution: {integrity: sha512-PRWFHuSU3eDtQJPvnNY7Jcket1j0t5OuOsFzPPzsekD52Zl8qUfFIPEiswXqIvHWGVHOgX+7G/vCNNhehwxfkQ==}
|
||||
engines: {node: '>=6.0'}
|
||||
|
@ -11475,7 +11517,7 @@ packages:
|
|||
resolution: {integrity: sha512-n3s8EwkdFIJCG3BPKBYvskgXGoy88ARzvegkitk60NxRdwltLOTaH7CUiMRXvwYorl0Q712iEjcWB+fK/MrWVw==}
|
||||
engines: {node: '>=10'}
|
||||
dependencies:
|
||||
debug: 4.3.4
|
||||
debug: 4.3.4(supports-color@8.1.1)
|
||||
istanbul-lib-coverage: 3.2.0
|
||||
source-map: 0.6.1
|
||||
transitivePeerDependencies:
|
||||
|
@ -13440,8 +13482,8 @@ packages:
|
|||
dev: false
|
||||
optional: true
|
||||
|
||||
/msgpackr@1.9.7:
|
||||
resolution: {integrity: sha512-baUNaLvKQvVhzfWTNO07njwbZK1Lxjtb0P1JL6/EhXdLTHzR57/mZqqJC39TtQKvOmkJA4pcejS4dbk7BDgLLA==}
|
||||
/msgpackr@1.9.9:
|
||||
resolution: {integrity: sha512-sbn6mioS2w0lq1O6PpGtsv6Gy8roWM+o3o4Sqjd6DudrL/nOugY+KyJUimoWzHnf9OkO0T6broHFnYE/R05t9A==}
|
||||
optionalDependencies:
|
||||
msgpackr-extract: 3.0.2
|
||||
dev: false
|
||||
|
@ -13629,6 +13671,12 @@ packages:
|
|||
fetch-blob: 3.2.0
|
||||
formdata-polyfill: 4.0.10
|
||||
|
||||
/node-gyp-build-optional-packages@5.0.3:
|
||||
resolution: {integrity: sha512-k75jcVzk5wnnc/FMxsf4udAoTEUv2jY3ycfdSd3yWu6Cnd1oee6/CfZJApyscA4FJOmdoixWwiwOyf16RzD5JA==}
|
||||
hasBin: true
|
||||
dev: false
|
||||
optional: true
|
||||
|
||||
/node-gyp-build-optional-packages@5.0.7:
|
||||
resolution: {integrity: sha512-YlCCc6Wffkx0kHkmam79GKvDQ6x+QZkMjFGrIMxgFNILFvGSbCp2fCBC55pGTT9gVaz8Na5CLmxt/urtzRv36w==}
|
||||
hasBin: true
|
||||
|
|
Loading…
Reference in a new issue