| [ Index ] |
PHP Cross Reference of Joomla 4.2.2 documentation |
[Summary view] [Print] [Text view]
1 <?php 2 3 declare(strict_types=1); 4 5 /* 6 * The MIT License (MIT) 7 * 8 * Copyright (c) 2014-2019 Spomky-Labs 9 * 10 * This software may be modified and distributed under the terms 11 * of the MIT license. See the LICENSE file for details. 12 */ 13 14 namespace Webauthn\AttestationStatement; 15 16 use Assert\Assertion; 17 use Base64Url\Base64Url; 18 use CBOR\Decoder; 19 use CBOR\MapObject; 20 use CBOR\OtherObject\OtherObjectManager; 21 use CBOR\Tag\TagObjectManager; 22 use Ramsey\Uuid\Uuid; 23 use Webauthn\AttestedCredentialData; 24 use Webauthn\AuthenticationExtensions\AuthenticationExtensionsClientOutputsLoader; 25 use Webauthn\AuthenticatorData; 26 use Webauthn\StringStream; 27 28 class AttestationObjectLoader 29 { 30 private const FLAG_AT = 0b01000000; 31 private const FLAG_ED = 0b10000000; 32 33 /** 34 * @var Decoder 35 */ 36 private $decoder; 37 38 /** 39 * @var AttestationStatementSupportManager 40 */ 41 private $attestationStatementSupportManager; 42 43 public function __construct(AttestationStatementSupportManager $attestationStatementSupportManager, ?Decoder $decoder = null) 44 { 45 if (null !== $decoder) { 46 @trigger_error('The argument "$decoder" is deprecated since 2.1 and will be removed in v3.0. Set null instead', E_USER_DEPRECATED); 47 } 48 $this->decoder = $decoder ?? new Decoder(new TagObjectManager(), new OtherObjectManager()); 49 $this->attestationStatementSupportManager = $attestationStatementSupportManager; 50 } 51 52 public function load(string $data): AttestationObject 53 { 54 $decodedData = Base64Url::decode($data); 55 $stream = new StringStream($decodedData); 56 $parsed = $this->decoder->decode($stream); 57 $attestationObject = $parsed->getNormalizedData(); 58 Assertion::true($stream->isEOF(), 'Invalid attestation object. Presence of extra bytes.'); 59 $stream->close(); 60 Assertion::isArray($attestationObject, 'Invalid attestation object'); 61 Assertion::keyExists($attestationObject, 'authData', 'Invalid attestation object'); 62 Assertion::keyExists($attestationObject, 'fmt', 'Invalid attestation object'); 63 Assertion::keyExists($attestationObject, 'attStmt', 'Invalid attestation object'); 64 $authData = $attestationObject['authData']; 65 66 $attestationStatementSupport = $this->attestationStatementSupportManager->get($attestationObject['fmt']); 67 $attestationStatement = $attestationStatementSupport->load($attestationObject); 68 69 $authDataStream = new StringStream($authData); 70 $rp_id_hash = $authDataStream->read(32); 71 $flags = $authDataStream->read(1); 72 $signCount = $authDataStream->read(4); 73 $signCount = unpack('N', $signCount)[1]; 74 75 $attestedCredentialData = null; 76 if (0 !== (\ord($flags) & self::FLAG_AT)) { 77 $aaguid = Uuid::fromBytes($authDataStream->read(16)); 78 $credentialLength = $authDataStream->read(2); 79 $credentialLength = unpack('n', $credentialLength)[1]; 80 $credentialId = $authDataStream->read($credentialLength); 81 $credentialPublicKey = $this->decoder->decode($authDataStream); 82 Assertion::isInstanceOf($credentialPublicKey, MapObject::class, 'The data does not contain a valid credential public key.'); 83 $attestedCredentialData = new AttestedCredentialData($aaguid, $credentialId, (string) $credentialPublicKey); 84 } 85 86 $extension = null; 87 if (0 !== (\ord($flags) & self::FLAG_ED)) { 88 $extension = $this->decoder->decode($authDataStream); 89 $extension = AuthenticationExtensionsClientOutputsLoader::load($extension); 90 } 91 Assertion::true($authDataStream->isEOF(), 'Invalid authentication data. Presence of extra bytes.'); 92 $authDataStream->close(); 93 94 $authenticatorData = new AuthenticatorData($authData, $rp_id_hash, $flags, $signCount, $attestedCredentialData, $extension); 95 96 return new AttestationObject($data, $attestationStatement, $authenticatorData); 97 } 98 }
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Wed Sep 7 05:41:13 2022 | Chilli.vc Blog - For Webmaster,Blog-Writer,System Admin and Domainer |