Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Biometric module error handling #14

Open
wants to merge 3 commits into
base: master
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 5 additions & 0 deletions .changeset/cuddly-files-beam.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
---
"@near-js/biometric-ed25519": patch
---

Handle Fido2Lib init failure
3 changes: 2 additions & 1 deletion packages/biometric-ed25519/src/fido2.ts
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,8 @@ export class Fido2 {
rpName,
challengeSize: 128,
attestation: 'none',
cryptoParams: [-8, -7, -257],
// only ECDSA signatures are supported
cryptoParams: [-7],
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Let's add a comment that we only support ECDSA signatures above this line. Since we're going against the recommended implementation guidelines that we should at least support -7 and -257

authenticatorAttachment: 'platform',
authenticatorRequireResidentKey: true,
authenticatorUserVerification: 'preferred'
Expand Down
20 changes: 18 additions & 2 deletions packages/biometric-ed25519/src/index.ts
Original file line number Diff line number Diff line change
Expand Up @@ -47,7 +47,10 @@ export class PasskeyProcessCanceled extends Error {
export const createKey = async (username: string): Promise<KeyPair> => {
const cleanUserName = validateUsername(username);
if (!f2l.f2l) {
await init();
const available = await validateSupportForEC256Signing();
if (!available) {
throw new Error('WebAuthn is not supported by the current browser');
}
}

const id = base64.fromString(cleanUserName, true);
Expand Down Expand Up @@ -84,7 +87,10 @@ export const createKey = async (username: string): Promise<KeyPair> => {
export const getKeys = async (username: string): Promise<[KeyPair, KeyPair]> => {
const cleanUserName = validateUsername(username);
if (!f2l.f2l) {
await init();
const available = await validateSupportForEC256Signing();
if (!available) {
throw new Error('WebAuthn is not supported by the current browser');
}
}
const assertionOptions = await f2l.login();
const options = {
Expand Down Expand Up @@ -125,6 +131,16 @@ export const getKeys = async (username: string): Promise<[KeyPair, KeyPair]> =>
});
};

export const validateSupportForEC256Signing = async (): Promise<boolean> => {
try {
await init();
return true;
} catch (e) {
console.error('Failed to initialize WebAuthn: ', e.message);
return false;
}
};

// To check if current browser supports WebAuthn
export const isPassKeyAvailable = async (): Promise<boolean> => {
return window.PublicKeyCredential?.isUserVerifyingPlatformAuthenticatorAvailable?.() || false;
Expand Down
Loading