verify_webauthn_data_internal

tempo_primitives::transaction::tt_signature

Function verify_webauthn_data_internal 

Source 
fn verify_webauthn_data_internal(
    webauthn_data: &[u8],
    tx_hash: &B256,
) -> Result<B256, &'static str>
Expand description

Parses and validates WebAuthn data, returning the message hash for P256 verification ref: https://www.w3.org/TR/webauthn-2/#sctn-authenticator-data

According to the spec, this:

  1. Parses authenticatorData and clientDataJSON
  2. Validates authenticatorData (min 37 bytes, UP flag set)
  3. Validates clientDataJSON (type=“webauthn.get”, challenge matches tx_hash)
  4. Computes message hash = sha256(authenticatorData || sha256(clientDataJSON))