Adam Powers apowers313
apowers313
/ ASN.1 DER Encoded ECC Public Key
Last active
April 16, 2016 20:47
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 0x30, 0x82, 0x01, 0x4B, // sequence(2) | |
| 0x30, 0x82, 0x01, 0x03, // sequence(2) | |
| 0x06, 0x07, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x02, 0x01, // OID 1.2.840.10045.2.1 = EC Public Key | |
| 0x30, 0x81, 0xF7, // sequence(6) | |
| 0x02, 0x01, 0x01, // integer 1 | |
| 0x30, 0x2C, // sequence(2) | |
| 0x06, 0x07, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x01, 0x01, // OID 1.2.840.10045.1.1 = id-prime-Field | |
| 0x02, 0x21, 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0x00, // integer(256 bit) = prime | |
| 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, // ... | |
| 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xFF, // ... |
apowers313
/ CTAP makeCredential Response
Last active
April 19, 2016 19:43
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 0xa2, // map(2) | |
| 0x01, // integer 1 = param 1 | |
| 0xA2, // map(2) | |
| 0x64, // text(4) | |
| 0x74, 0x79, 0x70, 0x65, // "type" | |
| 0x64, // text(4) | |
| 0x46, 0x49, 0x44, 0x4F, // "FIDO" | |
| 0x62, // text(2) | |
| 0x69, 0x64, // "id" | |
| 0x78, 0x24, // text(36) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| var chars = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_"; | |
| // Use a lookup table to find the index. | |
| var lookup = new Uint8Array(256); | |
| for (var i = 0; i < chars.length; i++) { | |
| lookup[chars.charCodeAt(i)] = i; | |
| } | |
| // stolen from: | |
| // https://github.com/niklasvh/base64-arraybuffer/blob/master/lib/base64-arraybuffer.js |
apowers313
/ gist:5f484fd85da7a885b31c7dceecb7dd13
Created
February 28, 2017 06:06
Self-Signed Packed Attestation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ====================================================================== | |
| Packed Attestation Object (S5.3.4, S7.2) | |
| ====================================================================== | |
| A3 // map(3) | |
| 63 // key(3) | |
| 66 6D 74 // "alg" | |
| 66 // text(5) | |
| 70 61 63 6B 65 64 // "packed" | |
| 68 // key(8) | |
| 61 75 74 68 44 61 74 61 // "authData" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| ## Copyright 2016, W3C | |
| set -ev | |
| STATUS=`git log -1 --pretty=oneline` | |
| # build output path | |
| rm -rf "" out | |
| OUTPUT_PATH=out | |
| if [ "$TRAVIS_PULL_REQUEST" != "" ]; then | |
| echo "Adding $TRAVIS_PULL_REQUEST to output path" |
apowers313
/ WebAuthnPrintOutput.js
Last active
March 9, 2018 23:31
Prints output from WebAuthn calls
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function printHex(msg, buf) { | |
| // if the buffer was a TypedArray (e.g. Uint8Array), grab its buffer and use that | |
| if (ArrayBuffer.isView(buf) && buf.buffer instanceof ArrayBuffer) { | |
| buf = buf.buffer; | |
| } | |
| // check the arguments | |
| if ((typeof msg != "string") || | |
| (typeof buf != "object")) { | |
| console.log("Bad args to printHex"); |
apowers313
/ pkijs_fido_u2f.js
Created
March 16, 2018 19:23
Attempting to validate U2F attestation against Yubico root cert
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| require("babel-polyfill"); | |
| var asn1js = require("asn1js"); | |
| var pkijs = require("pkijs"); | |
| const WebCrypto = require("node-webcrypto-ossl"); | |
| const webcrypto = new WebCrypto(); | |
| const { | |
| CryptoEngine, | |
| Certificate | |
| } = pkijs; | |
| pkijs.setEngine("newEngine", webcrypto, new CryptoEngine({ |
apowers313
/ tpm-attestation-parser.js
Created
May 16, 2018 15:12
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| var challengeResponseAttestationTpmB64UrlMsg = { | |
| "fmt": "tpm", | |
| "authData": "ACH1_AuFzSLmBiO819HKSJSJCSSbR3brUVFU5XtmrhJFAAAAAAiYcFjK3EuBtuEw3lDcvpYAICichPudWAHSGBGutbra6sponHJq46QSqYSTvuECv9TypAEDAzkBACBZAQDIy_NkHfALX9bo4IcTFhfTYqiN5oTA6fLeYWSdYuRDl0Kc36xJlsmUn7684N-H1LiUjc2ikyVKQOEvcXWt_M_8m3hf9hnPF5srGVb9PJy7Hu_Al5c0AKvDW8MvuWQtLdoyqyjc_K2zufHb-p3JAwas-ASJmBNTKC5N5I372SUk4h_POnUIBcS2ILeANcrz1IMKwkMpPVbWviOoZBOmJlpHW-gmGStCgXNZkipAwIf_iyf3O9psN8aNY-2xq6iwBBkoK5RejNcJu29Hd5boCIpWN2eGrYb77EVI_tdpmgftwqdUkeF4f8eUIIB9EIF8bsCAAHQETDVoWaMVezcfwmsDIUMBAAE", | |
| "attStmt": { | |
| "ver": "2.0", | |
| "alg": -262, | |
| "sig": "ZJhH97wfhLNjAspXDakD_cW5ciDRPmKQf58PBSCAusj02nD49gRdDJVCk0-oDZ-z0yYSXL0Odyl2pTsAaIPyobFuN4LX4-WzoZzp1P93xQhE5IsRSTuk4R2K7FBu6VRQ10oc0GkEk_vniHtDkfssxjcolicVxHTrB2Ozs4GkJeiyz2I6H1apfZaUFJRJS8PbUTdEtSTEbKUGV9ZoxOgwTj0yeP0MxlZaA_xnrZEF3LH4XeOgTge1T4HRjkb0_68nFmnI7icqVe9YTdb2ItV2C2-FDBdyfhPPsQ95MAciDcNOe9JSjG3Mb9Wkkl6u-9YGfXUwA8rioISXGyuS1kCXVA", | |
| "x5c": ["MIIEsjCCA5qgAwIBAgIQ |
apowers313
/ packed-attestation-data-example.js
Last active
June 3, 2018 14:49
Parsing packed attestation object
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| const attestationObjectCbor = [ | |
| 0xA3, 0x63, 0x66, 0x6D, 0x74, 0x66, 0x70, 0x61, 0x63, 0x6B, 0x65, 0x64, 0x67, 0x61, 0x74, 0x74, | |
| 0x53, 0x74, 0x6D, 0x74, 0xA3, 0x63, 0x61, 0x6C, 0x67, 0x26, 0x63, 0x73, 0x69, 0x67, 0x58, 0x48, | |
| 0x30, 0x46, 0x02, 0x21, 0x00, 0x8B, 0x0A, 0xD1, 0x6A, 0xFD, 0xB6, 0x6B, 0x9D, 0xFB, 0x06, 0x88, | |
| 0x62, 0x84, 0x30, 0xDB, 0x45, 0x16, 0x8B, 0xB0, 0xCB, 0xFE, 0x00, 0xF1, 0xFC, 0xF3, 0x46, 0xDC, | |
| 0xF0, 0x79, 0xED, 0xE1, 0xCB, 0x02, 0x21, 0x00, 0xB5, 0x1C, 0x9D, 0xFB, 0x82, 0x48, 0xDA, 0x90, | |
| 0x95, 0x5F, 0xE7, 0x43, 0xCF, 0x89, 0x9B, 0x1D, 0xCF, 0xC0, 0x92, 0xF0, 0xB7, 0x77, 0xFE, 0x2A, | |
| 0x9C, 0x10, 0x5A, 0xDE, 0x7D, 0x88, 0xFE, 0x15, 0x63, 0x78, 0x35, 0x63, 0x83, 0x59, 0x02, 0x45, | |
| 0x30, 0x82, 0x02, 0x41, 0x30, 0x82, 0x01, 0xE8, 0xA0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x10, 0x15, | |
| 0x9F, 0x7B, 0xC2, 0xCD, 0x89, 0x18, 0xF1, 0x28, 0x6B, 0x93, 0x48, 0xFA, 0x9F, 0x33, 0xE2, 0x30, |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| "use strict"; | |
| const { Issuer, Strategy } = require("openid-client"); | |
| const passport = require("passport"); | |
| const express = require("express"); | |
| const session = require("express-session"); | |
| const app = express(); | |
| // passport setup | |
| passport.serializeUser(function(user, done) { |
OlderNewer