mirror of
https://github.com/discourse/discourse.git
synced 2024-11-26 06:40:23 +08:00
166 lines
8.5 KiB
Ruby
166 lines
8.5 KiB
Ruby
# frozen_string_literal: true
|
||
require "cbor"
|
||
require "cose"
|
||
|
||
module DiscourseWebauthn
|
||
class SecurityKeyRegistrationService < SecurityKeyBaseValidationService
|
||
##
|
||
# See https://w3c.github.io/webauthn/#sctn-registering-a-new-credential for
|
||
# the registration steps followed here. Memoized methods are called in their
|
||
# place in the step flow to make the process clearer.
|
||
def register_second_factor_security_key
|
||
# 4. Verify that the value of C.type is webauthn.create.
|
||
validate_webauthn_type(::DiscourseWebauthn::ACCEPTABLE_REGISTRATION_TYPE)
|
||
|
||
# 5. Verify that the value of C.challenge equals the base64url encoding of options.challenge.
|
||
validate_challenge
|
||
|
||
# 6. Verify that the value of C.origin matches the Relying Party's origin.
|
||
validate_origin
|
||
|
||
# 7. Verify that the value of C.tokenBinding.status matches the state of Token Binding for the TLS
|
||
# connection over which the assertion was obtained. If Token Binding was used on that TLS connection,
|
||
# also verify that C.tokenBinding.id matches the base64url encoding of the Token Binding ID for the connection.
|
||
# Not using this right now.
|
||
|
||
# 8. Let hash be the result of computing a hash over response.clientDataJSON using SHA-256.
|
||
client_data_hash
|
||
|
||
# 9. Perform CBOR decoding on the attestationObject field of the AuthenticatorAttestationResponse
|
||
# structure to obtain the attestation statement format fmt, the authenticator data authData,
|
||
# and the attestation statement attStmt.
|
||
attestation
|
||
|
||
# 10. Verify that the rpIdHash in authData is the SHA-256 hash of the RP ID expected by the Relying Party.
|
||
# check the SHA256 hash of the rpId is the same as the authData bytes 0..31
|
||
validate_rp_id_hash
|
||
|
||
# 11. Verify that the User Present bit of the flags in authData is set.
|
||
# https://blog.bigbinary.com/2011/07/20/ruby-pack-unpack.html
|
||
#
|
||
# bit 0 is the least significant bit - LSB first
|
||
#
|
||
# 12. If user verification is required for this registration, verify that
|
||
# the User Verified bit of the flags in authData is set.
|
||
validate_user_verification
|
||
|
||
# 13. Verify that the "alg" parameter in the credential public key in authData matches the alg
|
||
# attribute of one of the items in options.pubKeyCredParams.
|
||
# https://w3c.github.io/webauthn/#table-attestedCredentialData
|
||
# See https://www.iana.org/assignments/cose/cose.xhtml#algorithms for supported algorithm
|
||
# codes.
|
||
credential_public_key, credential_public_key_bytes, credential_id =
|
||
extract_public_key_and_credential_from_attestation(auth_data)
|
||
if ::DiscourseWebauthn::SUPPORTED_ALGORITHMS.exclude?(credential_public_key.alg)
|
||
raise(
|
||
UnsupportedPublicKeyAlgorithmError,
|
||
I18n.t("webauthn.validation.unsupported_public_key_algorithm_error"),
|
||
)
|
||
end
|
||
|
||
# 14. Verify that the values of the client extension outputs in clientExtensionResults and the authenticator
|
||
# extension outputs in the extensions in authData are as expected, considering the client extension input
|
||
# values that were given in options.extensions. In particular, any extension identifier values in the
|
||
# clientExtensionResults and the extensions in authData MUST also be present as extension identifier values
|
||
# in options.extensions, i.e., no extensions are present that were not requested. In the general case, the
|
||
# meaning of "are as expected" is specific to the Relying Party and which extensions are in use.
|
||
# Not using this right now.
|
||
|
||
# 15. Determine the attestation statement format by performing a USASCII case-sensitive match on fmt against the
|
||
# set of supported WebAuthn Attestation Statement Format Identifier values. An up-to-date list of registered
|
||
# WebAuthn Attestation Statement Format Identifier values is maintained in the IANA registry of the same
|
||
# name [WebAuthn-Registries].
|
||
# 16. Verify that attStmt is a correct attestation statement, conveying a valid attestation signature,
|
||
# by using the attestation statement format fmt’s verification procedure given attStmt, authData and hash.
|
||
if ::DiscourseWebauthn::VALID_ATTESTATION_FORMATS.exclude?(attestation["fmt"]) ||
|
||
attestation["fmt"] != "none"
|
||
raise(
|
||
UnsupportedAttestationFormatError,
|
||
I18n.t("webauthn.validation.unsupported_attestation_format_error"),
|
||
)
|
||
end
|
||
|
||
#==================================================
|
||
# ONLY APPLIES IF fmt !== none, this is all to do with
|
||
# verifying attestation. May want to come back to this at
|
||
# some point for additional security.
|
||
#==================================================
|
||
#
|
||
# 17. If validation is successful, obtain a list of acceptable trust anchors (attestation root certificates or
|
||
# ECDAA-Issuer public keys) for that attestation type and attestation statement format fmt, from a trusted
|
||
# source or from policy. For example, the FIDO Metadata Service [FIDOMetadataService] provides one way
|
||
# to obtain such information, using the aaguid in the attestedCredentialData in authData.
|
||
#
|
||
# 18. Assess the attestation trustworthiness using the outputs of the verification procedure in step 16, as follows:
|
||
# If no attestation was provided, verify that None attestation is acceptable under Relying Party policy.
|
||
#==================================================
|
||
|
||
# 19. Check that the credentialId is not yet registered to any other user. If registration
|
||
# is requested for a credential that is already registered to a different user,
|
||
# the Relying Party SHOULD fail this registration ceremony, or it MAY decide to accept
|
||
# the registration, e.g. while deleting the older registration.
|
||
encoded_credential_id = Base64.strict_encode64(credential_id)
|
||
endcoded_public_key = Base64.strict_encode64(credential_public_key_bytes)
|
||
if UserSecurityKey.exists?(credential_id: encoded_credential_id)
|
||
raise(CredentialIdInUseError, I18n.t("webauthn.validation.credential_id_in_use_error"))
|
||
end
|
||
|
||
# 20. If the attestation statement attStmt verified successfully and is found to be trustworthy,
|
||
# then register the new credential with the account that was denoted in options.user, by
|
||
# associating it with the credentialId and credentialPublicKey in the attestedCredentialData
|
||
# in authData, as appropriate for the Relying Party's system.
|
||
UserSecurityKey.create(
|
||
user: @current_user,
|
||
credential_id: encoded_credential_id,
|
||
public_key: endcoded_public_key,
|
||
name: @params[:name],
|
||
factor_type: UserSecurityKey.factor_types[:second_factor],
|
||
)
|
||
rescue CBOR::UnpackError, CBOR::TypeError, CBOR::MalformedFormatError, CBOR::StackError
|
||
raise MalformedAttestationError, I18n.t("webauthn.validation.malformed_attestation_error")
|
||
end
|
||
|
||
private
|
||
|
||
def attestation
|
||
@attestation ||= CBOR.decode(Base64.decode64(@params[:attestation]))
|
||
end
|
||
|
||
def auth_data
|
||
@auth_data ||= attestation["authData"]
|
||
end
|
||
|
||
def extract_public_key_and_credential_from_attestation(auth_data)
|
||
# see https://w3c.github.io/webauthn/#authenticator-data for lengths
|
||
# of authdata for extraction
|
||
rp_id_length = 32
|
||
flags_length = 1
|
||
sign_count_length = 4
|
||
|
||
attested_credential_data_start_position = rp_id_length + flags_length + sign_count_length # 37
|
||
attested_credential_data_length = auth_data.size - attested_credential_data_start_position
|
||
attested_credential_data =
|
||
auth_data[
|
||
attested_credential_data_start_position..(
|
||
attested_credential_data_start_position + attested_credential_data_length - 1
|
||
)
|
||
]
|
||
|
||
# see https://w3c.github.io/webauthn/#attested-credential-data for lengths
|
||
# of data for extraction
|
||
aa_guid = attested_credential_data[0..15]
|
||
credential_id_length = attested_credential_data[16..17].unpack("n*")[0]
|
||
credential_id = attested_credential_data[18..(18 + credential_id_length - 1)]
|
||
|
||
public_key_start_position = 18 + credential_id_length
|
||
public_key_bytes =
|
||
attested_credential_data[
|
||
public_key_start_position..(public_key_start_position + attested_credential_data.size - 1)
|
||
]
|
||
public_key = COSE::Key.deserialize(public_key_bytes)
|
||
|
||
[public_key, public_key_bytes, credential_id]
|
||
end
|
||
end
|
||
end
|