diff --git a/src/server/api/2fa.ts b/src/server/api/2fa.ts index bc5f6e6d7d..3bc4627a62 100644 --- a/src/server/api/2fa.ts +++ b/src/server/api/2fa.ts @@ -63,15 +63,15 @@ function verifyCertificateChain(certificates: string[]) { const CACert = i + 1 >= certificates.length ? Cert : certificates[i + 1]; - const certStruct = jsrsasign.ASN1HEX.getTLVbyList(certificate.hex, 0, [0]); + const certStruct = jsrsasign.ASN1HEX.getTLVbyList(certificate.hex!, 0, [0]); const algorithm = certificate.getSignatureAlgorithmField(); const signatureHex = certificate.getSignatureValueHex(); // Verify against CA - const Signature = new jsrsasign.crypto.Signature({alg: algorithm}); + const Signature = new jsrsasign.KJUR.crypto.Signature({alg: algorithm}); Signature.init(CACert); Signature.updateHex(certStruct); - valid = valid && Signature.verify(signatureHex); // true if CA signed the certificate + valid = valid && !!Signature.verify(signatureHex); // true if CA signed the certificate } return valid; @@ -260,7 +260,7 @@ export const procedures = { } const certificateChain = header.x5c - .map(key => PEMString(key)) + .map((key: any) => PEMString(key)) .concat([GSR2]); if (getCertSubject(certificateChain[0]).CN != 'attest.android.com') { diff --git a/src/server/api/endpoints/i/2fa/key-done.ts b/src/server/api/endpoints/i/2fa/key-done.ts index 074ab22bf0..d751dabc41 100644 --- a/src/server/api/endpoints/i/2fa/key-done.ts +++ b/src/server/api/endpoints/i/2fa/key-done.ts @@ -14,7 +14,7 @@ import config from '../../../../../config'; import { procedures, hash } from '../../../2fa'; import { publishMainStream } from '../../../../../services/stream'; -const cborDecodeFirst = promisify(cbor.decodeFirst); +const cborDecodeFirst = promisify(cbor.decodeFirst) as any; export const meta = { requireCredential: true, @@ -90,11 +90,11 @@ export default define(meta, async (ps, user) => { throw new Error('alg mismatch'); } - if (!procedures[attestation.fmt]) { + if (!(procedures as any)[attestation.fmt]) { throw new Error('unsupported fmt'); } - const verificationData = procedures[attestation.fmt].verify({ + const verificationData = (procedures as any)[attestation.fmt].verify({ attStmt: attestation.attStmt, authenticatorData: authData, clientDataHash: clientDataJSONHash,