Parsing the #U2F Signature response in #Javascript
This is my third blog post in my series of U2F, and if you haven’t already seen it – check out the github repo for the source code here;
https://github.com/infiniteloopltd/U2FJS
It’s been refactored since the last post, so that the parser no longer pollutes the global namespace with it’s own variables, and keeps things cleaner.
So, it’s now wrapped up like this
class U2FParse {
parseRegistration (registrationData)
{ …
}parseSign (signData)
{ …
}…
}
So that you instatiate a new U2FParse class (which I’ve called “parser”), then parse either the registration response or the sign response.
Let’s look at how to get a signature response, assuming you already have the keyhandle from the registration;
function Sign()
{
let registeredKey = {
keyHandle: U2FRegistration.keyHandle,
version: ‘U2F_V2’
}
u2f.sign(‘https://localhost’, ‘SigningChallenge’, [registeredKey],
(response) => {
….
}
);
}
By running this code, the browser will prompt you to press the button on your U2F device, and the callback will be triggered, with the response object populated.
Now, we call the method;
U2FSign = parser.parseSign(response.signatureData);
Which does the following;
var bSignData = this._Base64ToArrayBuffer(signData);
return {
userPresence : bSignData[0],
userCounter : bSignData[4]
+ bSignData[3] * 256
+ bSignData[2] * 256 * 256
+ bSignData[1] * 256 * 256 * 256
};
The UserPresence is a number where 1 is present, and anything else is just plain wierd, but treat that as an error.
UserCounter is a 4 byte integer, that counts up how many times the user has logged in (signed a challenge).
My plan is to move this to server side code that can be accessed via Ajax, since I haven’t seen that done before, and I guess it may be useful to someone.