search

mozilla / authenticator-rs

Rust library to interact with Security Keys, used by Firefox
https://crates.io/crates/authenticator
Mozilla Public License 2.0
273 stars 70 forks source link

Add der_spki() methods for all supported key types #309

Closed jschanck closed 12 months ago

jschanck commented 1 year ago

The getPublicKey() method in WebAuthn Level 3 outputs a DER encoded SubjectPublicKeyInfo, and it has the following requirement:

User agents MUST be able to return a non-null value for getPublicKey() when the credential public key has a COSEAlgorithmIdentifier value of:

-7 (ES256), where kty is 2 (with uncompressed points) and crv is 1 (P-256). -257 (RS256). -8 (EdDSA), where crv is 6 (Ed25519).

This PR adds der_spki() methods for RS256 and Ed25519 and improves the serialization tests for all key types.

It turns out that #292 did not resolve all of the issues with the CBOR encoding of OKP keys (see also: Firefox Bug 1852812 and references therein), so I've included a patch for that as well.