feat: add isDeviceSupported method

near · Jul 4, 2024 · 71b2764 · 71b2764
1 parent ed54e10
commit 71b2764
Show file tree

Hide file tree

Showing 5 changed files with 1,752 additions and 1,579 deletions.
diff --git a/.changeset/brown-kings-promise.md b/.changeset/brown-kings-promise.md
@@ -0,0 +1,5 @@
+---
+"@near-js/biometric-ed25519": patch
+---
+
+Add isDeviceSupported method
diff --git a/packages/biometric-ed25519/package.json b/packages/biometric-ed25519/package.json
@@ -22,6 +22,7 @@
     "asn1-parser": "1.1.8",
     "borsh": "1.0.0",
     "buffer": "6.0.3",
+    "cbor-js": "^0.1.0",
     "fido2-lib": "3.4.1"
   },
   "devDependencies": {

diff --git a/packages/biometric-ed25519/src/fido2.ts b/packages/biometric-ed25519/src/fido2.ts
@@ -1,5 +1,6 @@
 import base64 from '@hexagon/base64';
 import { Fido2Lib } from 'fido2-lib';
+import cbor from "cbor-js";
 
 export class Fido2 {
     f2l: Fido2Lib;
@@ -58,4 +59,12 @@ export class Fido2 {
             status: 'ok',
         };
     }
+
+    async checkAlg(res, exp): Promise<any> {
+        const result = await this.f2l.attestationResult(res, exp);
+        const cosePublicKey = result.authnrData.get('credentialPublicKeyCose');
+        const decodedKey = cbor.decode(cosePublicKey);
+        const algKey = 3; // The key for the "alg" field in COSE
+        return decodedKey[algKey];
+    }
 }
diff --git a/packages/biometric-ed25519/src/index.ts b/packages/biometric-ed25519/src/index.ts
@@ -67,6 +67,16 @@ export const createKey = async (username: string): Promise<KeyPair> => {
 
             const sanitizedResponse = sanitizeCreateKeyResponse(res);
 
+            const alg = await f2l.checkAlg(sanitizedResponse, {
+                challenge: challengeMakeCred.challenge,
+                origin,
+                factor: "either"
+            });
+
+            if (+alg === -257) {
+                throw new Error('Unsupported device');
+            }
+
             const result = await f2l.attestation({
                 clientAttestationResponse: sanitizedResponse,
                 origin,
@@ -129,3 +139,13 @@ export const getKeys = async (username: string): Promise<[KeyPair, KeyPair]> =>
 export const isPassKeyAvailable = async (): Promise<boolean> => {
     return window.PublicKeyCredential?.isUserVerifyingPlatformAuthenticatorAvailable?.() || false;
 };
+
+// To check if current device is supported
+export const isDeviceSupported = async (): Promise<boolean> => {
+    try {
+        await createKey('test-device');
+        return true;
+    } catch (e) {
+        return false;
+    }
+}