[EC-598] feat: add check for invalid option values

2025-12-22 11:13:46 +00:00 · 2023-03-21 17:27:52 +01:00
parent 696e036ca8
commit e1833ca352
3 changed files with 33 additions and 0 deletions
--- a/libs/common/src/webauthn/services/fido2-authenticator.service.ts
+++ b/libs/common/src/webauthn/services/fido2-authenticator.service.ts
@@ -41,6 +41,14 @@ export class Fido2AuthenticatorService implements Fido2AuthenticatorServiceAbstr
    if (params.pubKeyCredParams.every((p) => p.alg !== Fido2AlgorithmIdentifier.ES256)) {
      throw new Fido2AutenticatorError(Fido2AutenticatorErrorCode.CTAP2_ERR_UNSUPPORTED_ALGORITHM);
    }
+
+    if (params.options?.rk != undefined && typeof params.options.rk !== "boolean") {
+      throw new Fido2AutenticatorError(Fido2AutenticatorErrorCode.CTAP2_ERR_INVALID_OPTION);
+    }
+
+    if (params.options?.uv != undefined && typeof params.options.uv !== "boolean") {
+      throw new Fido2AutenticatorError(Fido2AutenticatorErrorCode.CTAP2_ERR_INVALID_OPTION);
+    }
  }

  private async vaultContainsId(ids: string[]): Promise<boolean> {