Class: WebAuthn::AttestationStatement::TPM

Inherits:
Base
  • Object
show all
Defined in:
lib/webauthn/attestation_statement/tpm.rb

Constant Summary collapse

TPM_V2 =
"2.0"
COSE_ALG_TO_TPM =
{
  "RS1" => { signature: ::TPM::ALG_RSASSA, hash: ::TPM::ALG_SHA1 },
  "RS256" => { signature: ::TPM::ALG_RSASSA, hash: ::TPM::ALG_SHA256 },
  "PS256" => { signature: ::TPM::ALG_RSAPSS, hash: ::TPM::ALG_SHA256 },
  "ES256" => { signature: ::TPM::ALG_ECDSA, hash: ::TPM::ALG_SHA256 },
}.freeze

Constants inherited from Base

Base::AAGUID_EXTENSION_OID

Instance Method Summary collapse

Methods inherited from Base

#attestation_certificate, #attestation_certificate_key_id, #format, #initialize

Constructor Details

This class inherits a constructor from WebAuthn::AttestationStatement::Base

Instance Method Details

#valid?(authenticator_data, client_data_hash) ⇒ Boolean

Returns:

  • (Boolean)

20
21
22
23
24
25
26
27
28
29
30
31
# File 'lib/webauthn/attestation_statement/tpm.rb', line 20

def valid?(authenticator_data, client_data_hash)
  attestation_type == ATTESTATION_TYPE_ATTCA &&
    ver == TPM_V2 &&
    valid_key_attestation?(
      authenticator_data.data + client_data_hash,
      authenticator_data.credential.public_key_object,
      authenticator_data.aaguid
    ) &&
    matching_aaguid?(authenticator_data.attested_credential_data.raw_aaguid) &&
    trustworthy?(aaguid: authenticator_data.aaguid) &&
    [attestation_type, attestation_trust_path]
end