Class: WebAuthn::AttestationStatement::TPM

Inherits:

Base

• Object
• Base
• WebAuthn::AttestationStatement::TPM

Defined in:

lib/webauthn/attestation_statement/tpm.rb

Constant Summary

TPM_V2 =

"2.0"

COSE_ALG_TO_TPM =

{
  "RS1" => { signature: ::TPM::ALG_RSASSA, hash: ::TPM::ALG_SHA1 },
  "RS256" => { signature: ::TPM::ALG_RSASSA, hash: ::TPM::ALG_SHA256 },
  "PS256" => { signature: ::TPM::ALG_RSAPSS, hash: ::TPM::ALG_SHA256 },
  "ES256" => { signature: ::TPM::ALG_ECDSA, hash: ::TPM::ALG_SHA256 },
}.freeze

Constants inherited from Base

Base::AAGUID_EXTENSION_OID

Instance Method Summary

• #valid?(authenticator_data, client_data_hash) ⇒ Boolean

Methods inherited from Base

#attestation_certificate, #attestation_certificate_key_id, #format, #initialize

Constructor Details

This class inherits a constructor from WebAuthn::AttestationStatement::Base

Instance Method Details

#valid?(authenticator_data, client_data_hash) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/webauthn/attestation_statement/tpm.rb', line 20

def valid?(authenticator_data, client_data_hash)
  attestation_type == ATTESTATION_TYPE_ATTCA &&
    ver == TPM_V2 &&
    valid_key_attestation?(
      authenticator_data.data + client_data_hash,
      authenticator_data.credential.public_key_object,
      authenticator_data.aaguid
    ) &&
    matching_aaguid?(authenticator_data.attested_credential_data.raw_aaguid) &&
    trustworthy?(aaguid: authenticator_data.aaguid) &&
    [attestation_type, attestation_trust_path]
end