This repository has been archived by the owner on Sep 30, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 13
Extract and validate client challenge #83
Merged
JohnGuilding
merged 3 commits into
main
from
44-extract-webauthn-challenge-from-clientData-and-compare-to-clientChallenge
Sep 18, 2023
Merged
Changes from 2 commits
Commits
Show all changes
3 commits
Select commit
Hold shift + click to select a range
File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,105 @@ | ||
// SPDX-License-Identifier: MIT | ||
// from OpenZeppelin Contracts (last updated v4.7.0) (utils/Base64.sol) | ||
|
||
pragma solidity ^0.8.0; | ||
|
||
/** | ||
* @dev Provides a set of functions to operate with Base64 strings. | ||
* | ||
* _Available since v4.5._ | ||
*/ | ||
library Base64URL { | ||
/** | ||
* @dev Base64 Encoding/Decoding Table | ||
*/ | ||
string internal constant _TABLE = | ||
"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_"; | ||
|
||
/** | ||
* @dev Converts a `bytes` to its Bytes64 `string` representation. | ||
*/ | ||
function encode32(bytes memory data) internal pure returns (string memory) { | ||
/** | ||
* Inspired by Brecht Devos (Brechtpd) implementation - MIT licence | ||
* https://github.com/Brechtpd/base64/blob/e78d9fd951e7b0977ddca77d92dc85183770daf4/base64.sol | ||
*/ | ||
if (data.length == 0) return ""; | ||
|
||
// Loads the table into memory | ||
string memory table = _TABLE; | ||
|
||
// Encoding takes 3 bytes chunks of binary data from `bytes` data parameter | ||
// and split into 4 numbers of 6 bits. | ||
// The final Base64 length should be `bytes` data length multiplied by 4/3 rounded up | ||
// - `data.length + 2` -> Round up | ||
// - `/ 3` -> Number of 3-bytes chunks | ||
// - `4 *` -> 4 characters for each chunk | ||
//string memory result = new string(4 * ((data.length + 2) / 3)); | ||
string memory result = new string(4 * ((data.length + 2) / 3) - 1); | ||
|
||
/// @solidity memory-safe-assembly | ||
assembly { | ||
// Prepare the lookup table (skip the first "length" byte) | ||
let tablePtr := add(table, 1) | ||
|
||
// Prepare result pointer, jump over length | ||
let resultPtr := add(result, 32) | ||
|
||
// Run over the input, 3 bytes at a time | ||
for { | ||
let dataPtr := data | ||
let endPtr := add(data, mload(data)) | ||
} lt(dataPtr, endPtr) { | ||
|
||
} { | ||
// Advance 3 bytes | ||
dataPtr := add(dataPtr, 3) | ||
let input := mload(dataPtr) | ||
|
||
// To write each character, shift the 3 bytes (18 bits) chunk | ||
// 4 times in blocks of 6 bits for each character (18, 12, 6, 0) | ||
// and apply logical AND with 0x3F which is the number of | ||
// the previous character in the ASCII table prior to the Base64 Table | ||
// The result is then added to the table to get the character to write, | ||
// and finally write it in the result pointer but with a left shift | ||
// of 256 (1 byte) - 8 (1 ASCII char) = 248 bits | ||
|
||
mstore8( | ||
resultPtr, | ||
mload(add(tablePtr, and(shr(18, input), 0x3F))) | ||
) | ||
resultPtr := add(resultPtr, 1) // Advance | ||
|
||
mstore8( | ||
resultPtr, | ||
mload(add(tablePtr, and(shr(12, input), 0x3F))) | ||
) | ||
resultPtr := add(resultPtr, 1) // Advance | ||
|
||
mstore8( | ||
resultPtr, | ||
mload(add(tablePtr, and(shr(6, input), 0x3F))) | ||
) | ||
resultPtr := add(resultPtr, 1) // Advance | ||
|
||
mstore8(resultPtr, mload(add(tablePtr, and(input, 0x3F)))) | ||
resultPtr := add(resultPtr, 1) // Advance | ||
} | ||
|
||
/* | ||
// When data `bytes` is not exactly 3 bytes long | ||
// it is padded with `=` characters at the end | ||
switch mod(mload(data), 3) | ||
case 1 { | ||
mstore8(sub(resultPtr, 1), 0x3d) | ||
mstore8(sub(resultPtr, 2), 0x3d) | ||
} | ||
case 2 { | ||
mstore8(sub(resultPtr, 1), 0x3d) | ||
} | ||
*/ | ||
} | ||
|
||
return result; | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
^I'm not sure why this is the order for the decoding, I originally assumed it would have been bytes before uints like so:
The screenshot below shows the difference between the two signatures. The older signature without the
clientChallenge
is on the left, and the newer signature with theclientChallenge
is on the right:You can see where the clientChallenge was added, look for
353a3ed5a0441919f1c639a46931de872ac3357de2ce5aa2d68c2639df54189d
. There were some other changes which I'm not too sure about. It looks like the mysteryuint256
changed. The value in the first 32 bytes was also changed, again not sure what that change means - @jzaki any ideas?There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The ordering of these fixed length vars is as they were encoded.
The additional 0x20 (32) on the length is the additional 32 bytes added.
The mystery number seems to be a length, since it also increased by 0x20. Will create an issue to get to the bottom of why and how that gets encoded in.