Skip to content

Commit

Permalink
fixup! feature(conformanceTests): use MDS v3
Browse files Browse the repository at this point in the history
  • Loading branch information
santiagorodriguez96 committed Mar 8, 2024
1 parent f133ae1 commit 6593ff5
Show file tree
Hide file tree
Showing 3 changed files with 47 additions and 24 deletions.
48 changes: 28 additions & 20 deletions spec/conformance/MDSROOT.crt
Original file line number Diff line number Diff line change
@@ -1,21 +1,29 @@
!!!!!DO NOT DYNAMICALLY FETCH THIS CERTIFICATE!!!!!
!!!!!ADD THIS CERTIFICATE DIRECTLY TO YOUR CERTIFICATE STORAGE OR SOURCE CODE!!!!!

FIDO Alliance Certification TEST Metadata Service Root Certificate
Expected page status: Valid
CN=FAKE Root FAKE
OU=FAKE Metadata 3 BLOB Signing FAKE
O=FIDO Alliance
C=US
Serial number=04 5A 1C 22 66 A1 4F 3F 1F 4D 29 55 12 23 15
Valid from=01 February 2017
Valid to=31 January 2045

Base64
-----BEGIN CERTIFICATE-----
MIIDXzCCAkegAwIBAgILBAAAAAABIVhTCKIwDQYJKoZIhvcNAQELBQAwTDEgMB4G
A1UECxMXR2xvYmFsU2lnbiBSb290IENBIC0gUjMxEzARBgNVBAoTCkdsb2JhbFNp
Z24xEzARBgNVBAMTCkdsb2JhbFNpZ24wHhcNMDkwMzE4MTAwMDAwWhcNMjkwMzE4
MTAwMDAwWjBMMSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMzETMBEG
A1UEChMKR2xvYmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjCCASIwDQYJKoZI
hvcNAQEBBQADggEPADCCAQoCggEBAMwldpB5BngiFvXAg7aEyiie/QV2EcWtiHL8
RgJDx7KKnQRfJMsuS+FggkbhUqsMgUdwbN1k0ev1LKMPgj0MK66X17YUhhB5uzsT
gHeMCOFJ0mpiLx9e+pZo34knlTifBtc+ycsmWQ1z3rDI6SYOgxXG71uL0gRgykmm
KPZpO/bLyCiR5Z2KYVc3rHQU3HTgOu5yLy6c+9C7v/U9AOEGM+iCK65TpjoWc4zd
QQ4gOsC0p6Hpsk+QLjJg6VfLuQSSaGjlOCZgdbKfd/+RFO+uIEn8rUAVSNECMWEZ
XriX7613t2Saer9fwRPvm2L7DWzgVGkWqQPabumDk3F2xmmFghcCAwEAAaNCMEAw
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFI/wS3+o
LkUkrk1Q+mOai97i3Ru8MA0GCSqGSIb3DQEBCwUAA4IBAQBLQNvAUKr+yAzv95ZU
RUm7lgAJQayzE4aGKAczymvmdLm6AC2upArT9fHxD4q/c2dKg8dEe3jgr25sbwMp
jjM5RcOO5LlXbKr8EpbsU8Yt5CRsuZRj+9xTaGdWPoO4zzUhw8lo/s7awlOqzJCK
6fBdRoyV3XpYKBovHd7NADdBj+1EbddTKJd+82cEHhXXipa0095MJ6RMG3NzdvQX
mcIfeg7jLQitChws/zyrVQ4PkX4268NXSb7hLi18YIvDQVETI53O9zJrlAGomecs
Mx86OyXShkDOOyyGeMlhLxS67ttVb9+E7gUJTb0o2HLO02JQZR7rkpeDMdmztcpH
WD9f
-----END CERTIFICATE-----
MIICaDCCAe6gAwIBAgIPBCqih0DiJLW7+UHXx/o1MAoGCCqGSM49BAMDMGcxCzAJ
BgNVBAYTAlVTMRYwFAYDVQQKDA1GSURPIEFsbGlhbmNlMScwJQYDVQQLDB5GQUtF
IE1ldGFkYXRhIDMgQkxPQiBST09UIEZBS0UxFzAVBgNVBAMMDkZBS0UgUm9vdCBG
QUtFMB4XDTE3MDIwMTAwMDAwMFoXDTQ1MDEzMTIzNTk1OVowZzELMAkGA1UEBhMC
VVMxFjAUBgNVBAoMDUZJRE8gQWxsaWFuY2UxJzAlBgNVBAsMHkZBS0UgTWV0YWRh
dGEgMyBCTE9CIFJPT1QgRkFLRTEXMBUGA1UEAwwORkFLRSBSb290IEZBS0UwdjAQ
BgcqhkjOPQIBBgUrgQQAIgNiAASKYiz3YltC6+lmxhPKwA1WFZlIqnX8yL5RybSL
TKFAPEQeTD9O6mOz+tg8wcSdnVxHzwnXiQKJwhrav70rKc2ierQi/4QUrdsPes8T
EirZOkCVJurpDFbXZOgs++pa4XmjYDBeMAsGA1UdDwQEAwIBBjAPBgNVHRMBAf8E
BTADAQH/MB0GA1UdDgQWBBQGcfeCs0Y8D+lh6U5B2xSrR74eHTAfBgNVHSMEGDAW
gBQGcfeCs0Y8D+lh6U5B2xSrR74eHTAKBggqhkjOPQQDAwNoADBlAjEA/xFsgri0
xubSa3y3v5ormpPqCwfqn9s0MLBAtzCIgxQ/zkzPKctkiwoPtDzI51KnAjAmeMyg
X2S5Ht8+e+EQnezLJBJXtnkRWY+Zt491wgt/AwSs5PHHMv5QgjELOuMxQBc=
-----END CERTIFICATE-----
21 changes: 18 additions & 3 deletions spec/conformance/conformance_cache_store.rb
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,6 @@

class ConformanceCacheStore < FidoMetadata::TestCacheStore
FILENAME = "metadata.zip"
METADATA_ENDPOINT = URI("https://mds.fidoalliance.org/")

def setup_authenticators
puts("#{FILENAME} not found, this will affect Metadata Service Test results.") unless File.exist?(FILENAME)
Expand All @@ -19,11 +18,27 @@ def setup_authenticators
end
end

def setup_metadata_store
def setup_metadata_store(endpoint)
puts("Setting up metadata store TOC")

response = Net::HTTP.post(
URI("https://mds3.fido.tools/getEndpoints"),
{ endpoint: endpoint }.to_json,
FidoMetadata::Client::DEFAULT_HEADERS
)

response.value
possible_endpoints = JSON.parse(response.body)["result"]

client = FidoMetadata::Client.new
json = client.download_toc(METADATA_ENDPOINT, trusted_certs: conformance_certificates)

json =
possible_endpoints.each_with_index do |uri, index|
puts("Trying endpoint #{index}: #{uri}")
break client.download_toc(URI(uri), algorithms: ["ES256"], trusted_certs: conformance_certificates)
rescue FidoMetadata::Client::DataIntegrityError, JWT::VerificationError, Net::HTTPFatalError
nil
end

if json.is_a?(Hash) && json.keys == ["legalHeader", "no", "nextUpdate", "entries"]
puts("TOC setup done!")
Expand Down
2 changes: 1 addition & 1 deletion spec/conformance/server.rb
Original file line number Diff line number Diff line change
Expand Up @@ -44,7 +44,7 @@ def self.registered_for(username)
MDSFinder.new.tap do |mds|
mds.cache_backend = ConformanceCacheStore.new
mds.cache_backend.setup_authenticators
mds.cache_backend.setup_metadata_store
mds.cache_backend.setup_metadata_store("http://#{host}:#{settings.port}")
end

relying_party = WebAuthn::RelyingParty.new(
Expand Down

0 comments on commit 6593ff5

Please sign in to comment.