Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
<html>
<head>
<meta charset="utf-8"/>
</head>
<body>
<script>
const ykNanoCredentialId = new Uint8Array([
177, 125, 44, 11, 125, 20, 124, 221, 117, 42, 171, 163, 91, 125, 150, 85,
217, 150, 76, 209, 3, 91, 109, 115, 21, 100, 42, 36, 107, 73, 20, 120,
89, 105, 217, 25, 21, 110, 37, 3, 53, 8, 38, 248, 239, 42, 100, 95,
22, 54, 88, 115, 215, 4, 183, 244, 81, 136, 182, 168, 53, 35, 106, 82,
]);
const ykNeoCredentialId = new Uint8Array([
133, 6, 134, 172, 221, 253, 163, 88, 223, 172, 77, 255, 146, 249, 161, 86,
52, 210, 217, 165, 76, 197, 0, 240, 79, 134, 156, 227, 74, 186, 221, 72,
157, 143, 51, 0, 234, 186, 95, 95, 135, 243, 136, 210, 18, 30, 115, 172,
77, 166, 101, 212, 93, 217, 61, 24, 147, 227, 131, 108, 42, 173, 149, 73,
]);
const fakeCredentialId = new Uint8Array([ 1, 2, 3, 4 ]);
function createCredential() {
return navigator.credentials.create({
publicKey: {
challenge: new Uint8Array([1, 2, 3, 4]),
rp: { id: 'localhost', },
user: { id: 'foo', },
parameters: [
{
algorithm: 'ES256',
type: 'public-key',
},
],
},
});
}
function getAssertion(allowList) {
console.log('Getting assertion for allowList:', allowList);
return navigator.credentials.get({
publicKey: {
challenge: new Uint8Array([1, 2, 3, 4]),
allowList,
},
});
}
function repeatAssertions({ allowList, times, numSuccess, numFail }) {
if (times > 0) {
return getAssertion(allowList)
.then(v => {
console.log('Successfully got assertion:', v);
return repeatAssertions({ allowList, times: times - 1, numSuccess: numSuccess + 1, numFail });
})
.catch(e => {
console.error('Assertion failed:', e);
return repeatAssertions({ allowList, times: times - 1, numSuccess, numFail: numFail + 1 });
})
;
} else {
return { allowList, times, numSuccess, numFail };
}
}
function test({ times, allowList }) {
return repeatAssertions({ allowList, times, numSuccess: 0, numFail: 0 })
.then(({ numSuccess, numFail }) =>
console.log(`Tries: ${times} - succeeded: ${numSuccess}, failed: ${numFail}`)
);
}
function run () {
console.log('Creating credential');
createCredential()
.catch(err =>
console.error('fail', err)
)
.then(v => {
console.log('Created credential:', v);
console.log('Credential ID:', v.rawId);
console.log('Trying assertion', 10, 'times with only the good credential...');
test({
times: 10,
allowList: [ { id: v.rawId, type: 'public-key' } ],
})
.then(() => {
console.log('Trying assertion', 20, 'times with the good credential and an alien credential...');
test({
times: 20,
allowList: [
{ id: ykNanoCredentialId, type: 'public-key' },
{ id: v.rawId, type: 'public-key' },
],
});
})
;
})
;
}
run();
</script>
</body>
</html>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.