Class: U2F::SignResponse

Inherits:

Object

• Object
• U2F::SignResponse

Defined in:

lib/u2f/sign_response.rb

Constant Summary

USER_PRESENCE_MASK =

Bit 0 being set to 1 indicates that the user is present. A different value of Bit 0, as well as Bits 1 through 7, are reserved for future use.

0b00000001

Instance Attribute Summary

• #client_data ⇒ Object

  Returns the value of attribute client_data.

• #client_data_json ⇒ Object

  Returns the value of attribute client_data_json.

• #key_handle ⇒ Object

  Returns the value of attribute key_handle.

• #signature_data ⇒ Object

  Returns the value of attribute signature_data.

Class Method Summary

• .load_from_json(json) ⇒ Object

Instance Method Summary

• #counter ⇒ Object

  Counter value that the U2F token increments every time it performs an authentication operation.

• #signature ⇒ Object

  signature is to be verified using the public key obtained during registration.

• #user_present? ⇒ Boolean

  If user presence was verified.

• #verify(app_id, public_key_pem) ⇒ Object

  Verifies the response against an app id and the public key of the registered device.

Instance Attribute Details

#client_data ⇒ Object

Returns the value of attribute client_data.

# File 'lib/u2f/sign_response.rb', line 3

def client_data
  @client_data
end

#client_data_json ⇒ Object

Returns the value of attribute client_data_json.

# File 'lib/u2f/sign_response.rb', line 3

def client_data_json
  @client_data_json
end

#key_handle ⇒ Object

Returns the value of attribute key_handle.

# File 'lib/u2f/sign_response.rb', line 3

def key_handle
  @key_handle
end

#signature_data ⇒ Object

Returns the value of attribute signature_data.

# File 'lib/u2f/sign_response.rb', line 3

def signature_data
  @signature_data
end

Class Method Details

.load_from_json(json) ⇒ Object

# File 'lib/u2f/sign_response.rb', line 5

def self.load_from_json(json)
  data = ::JSON.parse(json)
  instance = new
  instance.client_data_json =
    ::U2F.urlsafe_decode64(data['clientData'])
  instance.client_data =
    ClientData.load_from_json(instance.client_data_json)
  instance.key_handle = data['keyHandle']
  instance.signature_data =
    ::U2F.urlsafe_decode64(data['signatureData'])
  instance
end

Instance Method Details

#counter ⇒ Object

Counter value that the U2F token increments every time it performs an authentication operation

# File 'lib/u2f/sign_response.rb', line 21

def counter
  signature_data.byteslice(1, 4).unpack('N').first
end

#signature ⇒ Object

signature is to be verified using the public key obtained during registration.

# File 'lib/u2f/sign_response.rb', line 28

def signature
  signature_data.byteslice(5..-1)
end

#user_present? ⇒ Boolean

If user presence was verified

Returns:

• (Boolean)

# File 'lib/u2f/sign_response.rb', line 38

def user_present?
  byte = signature_data.byteslice(0).unpack('C').first
  byte & USER_PRESENCE_MASK == 1
end

#verify(app_id, public_key_pem) ⇒ Object

Verifies the response against an app id and the public key of the registered device

# File 'lib/u2f/sign_response.rb', line 46

def verify(app_id, public_key_pem)
  data = [
    ::U2F::DIGEST.digest(app_id),
    signature_data.byteslice(0, 5),
    ::U2F::DIGEST.digest(client_data_json)
  ].join

  public_key = OpenSSL::PKey.read(public_key_pem)

  begin
    public_key.verify(::U2F::DIGEST.new, signature, data)
  rescue OpenSSL::PKey::PKeyError
    false
  end
end