Interop result with WebAuthnKit and WebAuthnLite. parameters is from https://github.com/lyokato/WebAuthnKit/blob/develop/utils/interop/go_koesie10_webauthn/main.go
iex(1)> origin = "https://example.org"
"https://example.org"
iex(2)> challenge = "rtnHiVQ7"
"rtnHiVQ7"
iex(3)> encoded_registration_client_data_json = "eyJ0eXBlIjoid2ViYXV0aG4uY3JlYXRlIiwiY2hhbGxlbmdlIjoicnRuSGlWUTciLCJvcmlnaW4iOiJodHRwczpcL1wvZXhhbXBsZS5vcmcifQ"
"eyJ0eXBlIjoid2ViYXV0aG4uY3JlYXRlIiwiY2hhbGxlbmdlIjoicnRuSGlWUTciLCJvcmlnaW4iOiJodHRwczpcL1wvZXhhbXBsZS5vcmcifQ"
iex(4)> {:ok, client_data_json} = WebAuthnLite.Operation.Register.validate_client_data_json(%{client_data_json: encoded_registration_client_data_json, origin: origin, challenge: challenge})
{:ok,
%WebAuthnLite.ClientDataJSON{
challenge: "rtnHiVQ7",
hash: <<185, 60, 53, 7, 106, 184, 49, 119, 233, 3, 2, 86, 166, 204, 159, 44,
213, 166, 244, 209, 118, 252, 77, 182, 205, 107, 217, 196, 255, 31, 155,
207>>,
origin: "https://example.org",
raw: "{\"type\":\"webauthn.create\",\"challenge\":\"rtnHiVQ7\",\"origin\":\"https:\\/\\/example.org\"}",
type: "webauthn.create"
}}
iex(5)> encoded_attestation_object = "o2hhdXRoRGF0YViUUNepBeMEa4hjg2LMNKMaGuU0dmylXjqjl5Ue_mU7BitBAAAAAAAAAAAAAAAAAAAAAAAAAAAAELkR__xkcUGHv0OXAkpYGLqlAQIDJiABIVggcveTEqCmGOGZz_4cFwd3HoBdzk4IF7E0xEpLHk0aBN8iWCC_fRoVhaVW1r_73coq6pR1Eybvp7o2w8puhRtejsut82NmbXRmcGFja2VkZ2F0dFN0bXSiY2FsZyZjc2lnWEYwRAIgbrC6c2l6VcttVxNLeOd3q-Og4nlnTMxo33TrnoX2ki8CIDgFh5YlhPSEw-h2joSrfD4eiBYplFw_izUI2iQryqcu"
"o2hhdXRoRGF0YViUUNepBeMEa4hjg2LMNKMaGuU0dmylXjqjl5Ue_mU7BitBAAAAAAAAAAAAAAAAAAAAAAAAAAAAELkR__xkcUGHv0OXAkpYGLqlAQIDJiABIVggcveTEqCmGOGZz_4cFwd3HoBdzk4IF7E0xEpLHk0aBN8iWCC_fRoVhaVW1r_73coq6pR1Eybvp7o2w8puhRtejsut82NmbXRmcGFja2VkZ2F0dFN0bXSiY2FsZyZjc2lnWEYwRAIgbrC6c2l6VcttVxNLeOd3q-Og4nlnTMxo33TrnoX2ki8CIDgFh5YlhPSEw-h2joSrfD4eiBYplFw_izUI2iQryqcu"
iex(6)> # NOTE: This function doesn't verify attestation statement yet.
nil
iex(7)> {:ok, attestation_object} = WebAuthnLite.Operation.Register.validate_attestation_object(%{attestation_object: encoded_attestation_object, client_data_json: encoded_registration_client_data_json})
{:ok,
%WebAuthnLite.AttestationObject{
att_stmt: %{
"alg" => -7,
"sig" => <<48, 68, 2, 32, 110, 176, 186, 115, 105, 122, 85, 203, 109, 87,
19, 75, 120, 231, 119, 171, 227, 160, 226, 121, 103, 76, 204, 104, 223,
116, 235, 158, 133, 246, 146, 47, 2, 32, 56, 5, 135, 150, 37, 132, 244,
...>>
},
auth_data: %WebAuthnLite.AuthenticatorData{
attested_credential_data: %WebAuthnLite.AttestedCredentialData{
aaguid: "AAAAAAAAAAAAAAAAAAAAAA",
credential_id: "uRH__GRxQYe_Q5cCSlgYug",
credential_public_key: %WebAuthnLite.CredentialPublicKey.ES256{
digest_type: :sha256,
json: "{\"crv\":\"P-256\",\"kty\":\"EC\",\"x\":\"cveTEqCmGOGZz/4cFwd3HoBdzk4IF7E0xEpLHk0aBN8\",\"y\":\"v30aFYWlVta/+93KKuqUdRMm76e6NsPKboUbXo7LrfM\"}",
key: {{:ECPoint,
<<4, 114, 247, 147, 18, 160, 166, 24, 225, 153, 207, 254, 28, 23, 7,
119, 30, 128, 93, 206, 78, 8, 23, 177, 52, 196, 74, 75, 30, 77, 26,
4, 223, 191, 125, 26, ...>>},
{:namedCurve, {1, 2, 840, 10045, 3, 1, 7}}},
map: %{
"crv" => "P-256",
"kty" => "EC",
"x" => "cveTEqCmGOGZz/4cFwd3HoBdzk4IF7E0xEpLHk0aBN8",
"y" => "v30aFYWlVta/+93KKuqUdRMm76e6NsPKboUbXo7LrfM"
}
},
raw: <<0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 16, 185, 17,
255, 252, 100, 113, 65, 135, 191, 67, 151, 2, 74, 88, 24, 186, 165, 1,
2, 3, 38, 32, 1, ...>>
},
extensions: nil,
flags: %WebAuthnLite.AuthenticatorData.Flags{
at: true,
ed: false,
flags: "A",
up: true,
uv: false
},
raw: <<80, 215, 169, 5, 227, 4, 107, 136, 99, 131, 98, 204, 52, 163, 26,
26, 229, 52, 118, 108, 165, 94, 58, 163, 151, 149, 30, 254, 101, 59, 6,
43, 65, 0, 0, 0, 0, 0, 0, 0, 0, 0, ...>>,
rp_id_hash: "UNepBeMEa4hjg2LMNKMaGuU0dmylXjqjl5Ue_mU7Bis",
sign_count: 0
},
fmt: "packed",
raw: <<163, 104, 97, 117, 116, 104, 68, 97, 116, 97, 88, 148, 80, 215, 169,
5, 227, 4, 107, 136, 99, 131, 98, 204, 52, 163, 26, 26, 229, 52, 118, 108,
165, 94, 58, 163, 151, 149, 30, 254, 101, 59, 6, 43, ...>>
}}
iex(8)> public_key = attestation_object.auth_data.attested_credential_data.credential_public_key
%WebAuthnLite.CredentialPublicKey.ES256{
digest_type: :sha256,
json: "{\"crv\":\"P-256\",\"kty\":\"EC\",\"x\":\"cveTEqCmGOGZz/4cFwd3HoBdzk4IF7E0xEpLHk0aBN8\",\"y\":\"v30aFYWlVta/+93KKuqUdRMm76e6NsPKboUbXo7LrfM\"}",
key: {{:ECPoint,
<<4, 114, 247, 147, 18, 160, 166, 24, 225, 153, 207, 254, 28, 23, 7, 119,
30, 128, 93, 206, 78, 8, 23, 177, 52, 196, 74, 75, 30, 77, 26, 4, 223,
191, 125, 26, 21, 133, 165, 86, 214, 191, 251, 221, ...>>},
{:namedCurve, {1, 2, 840, 10045, 3, 1, 7}}},
map: %{
"crv" => "P-256",
"kty" => "EC",
"x" => "cveTEqCmGOGZz/4cFwd3HoBdzk4IF7E0xEpLHk0aBN8",
"y" => "v30aFYWlVta/+93KKuqUdRMm76e6NsPKboUbXo7LrfM"
}
}
iex(9)> encoded_assertion_client_data_json = "eyJ0eXBlIjoid2ViYXV0aG4uZ2V0IiwiY2hhbGxlbmdlIjoicnRuSGlWUTciLCJvcmlnaW4iOiJodHRwczpcL1wvZXhhbXBsZS5vcmcifQ"
"eyJ0eXBlIjoid2ViYXV0aG4uZ2V0IiwiY2hhbGxlbmdlIjoicnRuSGlWUTciLCJvcmlnaW4iOiJodHRwczpcL1wvZXhhbXBsZS5vcmcifQ"
iex(10)> encoded_assertion_authenticator_data = "UNepBeMEa4hjg2LMNKMaGuU0dmylXjqjl5Ue_mU7BisBAAAAAQ"
"UNepBeMEa4hjg2LMNKMaGuU0dmylXjqjl5Ue_mU7BisBAAAAAQ"
iex(11)> encoded_assertion_signature = "MEUCIQDHv3C_QjqX_0UerM3sB0NbusD5RMp3QpK5OqGyk-6U-wIgBLEGrtF64i3N2S6q9x_JRLjCcAguwjoZ_SbCp2g2F08"
"MEUCIQDHv3C_QjqX_0UerM3sB0NbusD5RMp3QpK5OqGyk-6U-wIgBLEGrtF64i3N2S6q9x_JRLjCcAguwjoZ_SbCp2g2F08"
iex(12)> {:ok, authenticator_data} = WebAuthnLite.Operation.Authenticate.validate_authenticator_assertion(%{signature: encoded_assertion_signature, authenticator_data: encoded_assertion_authenticator_data, client_data_json: encoded_assertion_client_data_json, public_key: public_key})
{:ok,
%WebAuthnLite.AuthenticatorData{
attested_credential_data: nil,
extensions: nil,
flags: %WebAuthnLite.AuthenticatorData.Flags{
at: false,
ed: false,
flags: <<1>>,
up: true,
uv: false
},
raw: <<80, 215, 169, 5, 227, 4, 107, 136, 99, 131, 98, 204, 52, 163, 26, 26,
229, 52, 118, 108, 165, 94, 58, 163, 151, 149, 30, 254, 101, 59, 6, 43, 1,
0, 0, 0, 1>>,
rp_id_hash: "UNepBeMEa4hjg2LMNKMaGuU0dmylXjqjl5Ue_mU7Bis",
sign_count: 1
}}