refactor: Ensure big.Int return a 32-byte slice

go-webauthn · Nov 12, 2024 · a82e18a · a82e18a
1 parent c42f846
commit a82e18a
Show file tree

Hide file tree

Showing 2 changed files with 5 additions and 3 deletions.
diff --git a/protocol/assertion.go b/protocol/assertion.go
@@ -141,7 +141,7 @@ func (car CredentialAssertionResponse) Parse() (par *ParsedCredentialAssertionDa
 // Specification: §7.2 Verifying an Authentication Assertion (https://www.w3.org/TR/webauthn/#sctn-verifying-assertion)
 func (p *ParsedCredentialAssertionData) Verify(storedChallenge string, relyingPartyID string, rpOrigins, rpTopOrigins []string, rpTopOriginsVerify TopOriginVerificationMode, appID string, verifyUser bool, credentialBytes []byte) error {
 	// Steps 4 through 6 in verifying the assertion data (https://www.w3.org/TR/webauthn/#verifying-assertion) are
-	// "assertive" steps, i.e "Let JSONtext be the result of running UTF-8 decode on the value of cData."
+	// "assertive" steps, i.e. "Let JSONtext be the result of running UTF-8 decode on the value of cData."
 	// We handle these steps in part as we verify but also beforehand
 
 	// Handle steps 7 through 10 of assertion by verifying stored data against the Collected Client Data

diff --git a/protocol/webauthncose/webauthncose.go b/protocol/webauthncose/webauthncose.go
@@ -36,6 +36,8 @@ type PublicKeyData struct {
 	Algorithm int64 `cbor:"3,keyasint" json:"alg"`
 }
 
+const ecCoordSize = 32
+
 type EC2PublicKeyData struct {
 	PublicKeyData
 
@@ -180,8 +182,8 @@ func ParseFIDOPublicKey(keyBytes []byte) (data EC2PublicKeyData, err error) {
 		PublicKeyData: PublicKeyData{
 			Algorithm: int64(AlgES256),
 		},
-		XCoord: x.Bytes(),
-		YCoord: y.Bytes(),
+		XCoord: x.FillBytes(make([]byte, ecCoordSize)),
+		YCoord: y.FillBytes(make([]byte, ecCoordSize)),
 	}, nil
 }