@simplewebauthn/server - npm Package Compare versions

Comparing version 5.4.1 to 5.4.2

dist/metadata/verifyAttestationWithMetadata.js

@@ -57,4 +57,15 @@ "use strict";
     if (!foundMatch) {
-        const debugAlgs = Array.from(keypairCOSEAlgs).join(', ');
-        throw new Error(`Public key algorithm ${publicKeyCOSEInfo} did not match any metadata algorithms [${debugAlgs}]`);
+        const debugMDSAlgs = Array.from(keypairCOSEAlgs);
+        // Construct some useful error output about the public key
+        const debugPubKeyAlgInfo = {
+            kty: publicKeyCOSEInfo.kty,
+            alg: publicKeyCOSEInfo.alg,
+        };
+        // Don't output a bunch of bytes for `crv` when the public key is an RSA key
+        if (publicKeyCOSEInfo.kty !== convertCOSEtoPKCS_1.COSEKTY.RSA) {
+            debugPubKeyAlgInfo.crv = publicKeyCOSEInfo.crv;
+        }
+        const strPubKeyAlg = JSON.stringify(debugPubKeyAlgInfo);
+        const strMDSAlgs = JSON.stringify(debugMDSAlgs);
+        throw new Error(`Public key algorithm ${strPubKeyAlg} did not match any metadata algorithms ${strMDSAlgs}`);
     }
@@ -73,2 +84,5 @@ try {
  * Convert ALG_SIGN values to COSE info
+ *
+ * Values pulled from `ALG_KEY_COSE` definitions in the FIDO Registry of Predefined Values
+ *
  * https://fidoalliance.org/specs/common-specs/fido-registry-v2.1-ps-20191217.html#authentication-algorithms
@@ -86,3 +100,3 @@ */
         case 'secp256k1_ecdsa_sha256_der':
-            return { kty: 2, alg: -7, crv: 8 };
+            return { kty: 2, alg: 7, crv: 8 };
         case 'rsassa_pss_sha384_raw':
@@ -104,8 +118,8 @@ return { kty: 3, alg: -38 };
             return { kty: 1, alg: -8, crv: 6 };
-        // TODO: COSE info in FIDO Registry v2.1 isn't readily available for these, these seem rare...
+        case 'rsa_emsa_pkcs1_sha256_raw':
+        case 'rsa_emsa_pkcs1_sha256_der':
+            return { kty: 3, alg: -257 };
+        // TODO: COSE info wasn't readily available for these, these seem rare...
         // case 'sm2_sm3_raw':
         //   return {};
-        // case 'rsa_emsa_pkcs1_sha256_raw':
-        // case 'rsa_emsa_pkcs1_sha256_der':
-        //   return {};
         default:
@@ -112,0 +126,0 @@ return undefined;

package.json

 {
   "name": "@simplewebauthn/server",
-  "version": "5.4.1",
+  "version": "5.4.2",
   "description": "SimpleWebAuthn for Servers",
@@ -62,3 +62,3 @@ "main": "dist/index.js",
   },
-  "gitHead": "3a673b2cf940133ed8d3a68e80a95f198b1e6f9e",
+  "gitHead": "a79e3d35f30970439b3bab01d7039b535cacf9ab",
   "devDependencies": {
@@ -65,0 +65,0 @@ "@types/cbor": "^5.0.1",

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

257725

increased by0.39%

Lines of code

3999

increased by0.35%

No dependency changes