use of com.webauthn4j.validator.exception.BadAlgorithmException in project webauthn4j by webauthn4j.
the class PackedAttestationStatementValidator method validateSelfAttestation.
@SuppressWarnings("SameReturnValue")
@NonNull
private AttestationType validateSelfAttestation(@NonNull CoreRegistrationObject registrationObject, @NonNull byte[] sig, @NonNull COSEAlgorithmIdentifier alg, @NonNull byte[] attrToBeSigned) {
// noinspection ConstantConditions as null check is already done in caller
COSEKey coseKey = registrationObject.getAttestationObject().getAuthenticatorData().getAttestedCredentialData().getCOSEKey();
// Validate that alg matches the algorithm of the coseKey in authenticatorData.
COSEAlgorithmIdentifier credentialPublicKeyAlgorithm = coseKey.getAlgorithm();
if (!alg.equals(credentialPublicKeyAlgorithm)) {
throw new BadAlgorithmException("`alg` in attestation statement doesn't match the algorithm of the coseKey in authenticatorData.");
}
// noinspection ConstantConditions as null check is already done in caller
if (!verifySignature(coseKey.getPublicKey(), alg, sig, attrToBeSigned)) {
throw new BadSignatureException("`sig` in attestation statement is not valid signature over the concatenation of authenticatorData and clientDataHash.");
}
// If successful, return attestation type Self and empty attestation trust path.
return AttestationType.SELF;
}
Aggregations