I hereby claim:
- I am herrjemand on github.
- I am herrjemand (https://keybase.io/herrjemand) on keybase.
- I have a public key whose fingerprint is 6050 B0DE 350B 91AB B929 C717 F9E5 3ECE 85D1 7BAD
To claim this, I am signing this object:
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "description": "UNOFFICIAL Apple Anonymous Attestation WebAuthn FIDO2 Authenticator", | |
| "aaguid": "f24a8e70-d0d3-f82c-2937-32523cc4de5a", | |
| "protocolFamily": "fido2", | |
| "authenticatorVersion": 2, | |
| "upv": [ | |
| { | |
| "major": 1, | |
| "minor": 0 | |
| } |
herrjemand
/ platformAuthenticatorAvailable.js
Created
January 1, 2022 13:56
Check if WebAuthn API available, and if platform authenticator is supported
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| const isWebAuthnSupported = () => { | |
| return !!window.PublicKeyCredential | |
| } | |
| const isPlatformAuthenticatorSupported = () => { | |
| if (!isWebAuthnSupported()) { | |
| return Promise.reject(new Error("WebAuthn API is not available")) | |
| } | |
| if (!PublicKeyCredential.isUserVerifyingPlatformAuthenticatorAvailable) { |
herrjemand
/ verify.apple.attestation.js
Last active
October 14, 2023 18:01
Snippet code to verify apple anonymous attestation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| const crypto = require('crypto'); | |
| const base64url = require('base64url'); | |
| const cbor = require('cbor'); | |
| const asn1 = require('@lapo/asn1js'); | |
| const jsrsasign = require('jsrsasign'); | |
| /* Apple Webauthn Root | |
| * Original is here https://www.apple.com/certificateauthority/Apple_WebAuthn_Root_CA.pem | |
| */ | |
| let appleWebAuthnRoot = 'MIICEjCCAZmgAwIBAgIQaB0BbHo84wIlpQGUKEdXcTAKBggqhkjOPQQDAzBLMR8wHQYDVQQDDBZBcHBsZSBXZWJBdXRobiBSb290IENBMRMwEQYDVQQKDApBcHBsZSBJbmMuMRMwEQYDVQQIDApDYWxpZm9ybmlhMB4XDTIwMDMxODE4MjEzMloXDTQ1MDMxNTAwMDAwMFowSzEfMB0GA1UEAwwWQXBwbGUgV2ViQXV0aG4gUm9vdCBDQTETMBEGA1UECgwKQXBwbGUgSW5jLjETMBEGA1UECAwKQ2FsaWZvcm5pYTB2MBAGByqGSM49AgEGBSuBBAAiA2IABCJCQ2pTVhzjl4Wo6IhHtMSAzO2cv+H9DQKev3//fG59G11kxu9eI0/7o6V5uShBpe1u6l6mS19S1FEh6yGljnZAJ+2GNP1mi/YK2kSXIuTHjxA/pcoRf7XkOtO4o1qlcaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUJtdk2cV4wlpn0afeaxLQG2PxxtcwDgYDVR0PAQH/BAQDAgEGMAoGCCqGSM49BAMDA2cAMGQCMFrZ+9DsJ1PW9hfNdBywZDsWDbWFp28it1d/5w2RPkRX3Bbn/UbDTNLx7Jr3jAGGiQIwHFj+dJZYUJR786osByBelJYsVZd2GbHQu209b5 |
herrjemand
/ appleanonymousattestationnonce.extension.asn
Last active
January 1, 2021 17:04
Apple Anonymous Attestation ASN1 Schema
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| id-ce-AppleAnonymousAttestation OBJECT IDENTIFIER ::= {iso(1) member-body(2) us(840) apple(113635) appleDataSecurity(100) appleWebAuthnPolicies(8) 2} | |
| AppleAnonymousAttestation ::= SEQUENCE { | |
| nonce [1] OCTET STRING | |
| } |
herrjemand
/ WebAuthnRESTHelpers.js
Created
October 8, 2019 10:59
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| let performGetAssertion = (getAssertionRequest) => { | |
| getAssertionRequest.challenge = base64url.decode(getAssertionRequest.challenge); | |
| if(getAssertionRequest.allowCredentials) { //If RK scenario | |
| for(let allowCred of getAssertionRequest.allowCredentials) { | |
| allowCred.id = base64url.decode(allowCred.id); | |
| } | |
| } | |
| return getAssertionRequest |
herrjemand
/ keybase.md
Created
June 19, 2019 13:10
herrjemand
/ CODESAMPLES.LICENSE
Last active
January 31, 2019 09:44
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| The MIT License (MIT) | |
| Copyright (c) 2018-2019 Yuriy Ackermann | |
| Permission is hereby granted, free of charge, to any person obtaining a copy | |
| of this software and associated documentation files (the "Software"), to deal | |
| in the Software without restriction, including without limitation the rights | |
| to use, copy, modify, merge, publish, distribute, sublicense, and/or sell | |
| copies of the Software, and to permit persons to whom the Software is | |
| furnished to do so, subject to the following conditions: |
herrjemand
/ passwordless.MakeCredential.js
Last active
January 20, 2019 17:18
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| document.getElementById('register').addEventListener('submit', function(event) { | |
| event.preventDefault(); | |
| let username = this.username.value; | |
| let displayName = this.displayName.value; | |
| startPasswordlessEnrolment({username, displayName}) | |
| .then((serverResponse) => { | |
| if(serverResponse.status !== 'startFIDOEnrolmentPasswordless') | |
| throw new Error('Error registering user! Server returned: ' + serverResponse.errorMessage); |
herrjemand
/ usernameless.GetAssertion.js
Last active
January 20, 2019 17:23
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| document.getElementById('login').addEventListener('submit', function(event) { | |
| event.preventDefault(); | |
| return getGetAssertionChallenge() | |
| .then((getAssertionChallenge) => { | |
| /*{ | |
| "challenge": "Ld0vp5byLeFZBOpclgKP3BEc8AA4aBewYPlwbkgLh98", | |
| "status": "ok" | |
| }*/ | |
| getAssertionChallenge = preformatGetAssertReq(getAssertionChallenge); |
herrjemand
/ passwordless.GetAssertion.js
Last active
July 19, 2019 21:20
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| document.getElementById('login').addEventListener('submit', function(event) { | |
| event.preventDefault(); | |
| let username = this.username.value; | |
| startAuthenticationPasswordless({username}) | |
| .then((serverResponse) => { | |
| if(serverResponse.status !== 'startFIDOAuthentication') | |
| throw new Error('Error logging in! Server returned: ' + serverResponse.errorMessage); |
NewerOlder