View GitHub Repository simplesamlphp-module-webauthn

Schedule Inspection
Subscribe
Passed
Push — master ( 52ca41...25379a )
by Jaime Pérez
02:48
created
Status
Category
Toggle Patches
lib/Store.php 1 patch
Spacing   +1 added lines, -1 removed lines patch added patch discarded remove patch 
@@ -120,7 +120,7 @@
 
 block discarded – undo
120 120 
         }
121 121
122 122 
         if (!is_array($config)) {
123 
-            throw new Exception('Invalid configuration for consent store option: '.var_export($config, true));
123 
+            throw new Exception('Invalid configuration for consent store option: ' . var_export($config, true));
124 124 
         }
125 125
126 126 
         if (!array_key_exists(0, $config)) {
Please login to merge, or discard this patch.
www/managetoken.php 1 patch
Switch Indentation   +13 added lines, -13 removed lines patch added patch discarded remove patch 
@@ -26,18 +26,18 @@
 
 block discarded – undo
26 26 
     throw new Exception("Attempt to access the token management page unauthenticated.");
27 27 
 }
28 28 
 switch ($_POST['submit']) {
29 
-    case "NEVERMIND":
30 
-        Auth\ProcessingChain::resumeProcessing($state);
31 
-        break;
32 
-    case "DELETE":
33 
-        if ($state['FIDO2AuthSuccessful'] == $_POST['credId']) {
34 
-            throw new Exception("Attempt to delete the currently used credential despite UI preventing this.");
35 
-        }
36 
-        $store = $state['webauthn:store'];
37 
-        $store->deleteTokenData($_POST['credId']);
38 
-        Auth\ProcessingChain::resumeProcessing($state);
39 
-        break;
40 
-    default:
41 
-        throw new Exception("Unknown submit button state.");
29 
+        case "NEVERMIND":
30 
+            Auth\ProcessingChain::resumeProcessing($state);
31 
+            break;
32 
+        case "DELETE":
33 
+            if ($state['FIDO2AuthSuccessful'] == $_POST['credId']) {
34 
+                throw new Exception("Attempt to delete the currently used credential despite UI preventing this.");
35 
+            }
36 
+            $store = $state['webauthn:store'];
37 
+            $store->deleteTokenData($_POST['credId']);
38 
+            Auth\ProcessingChain::resumeProcessing($state);
39 
+            break;
40 
+        default:
41 
+            throw new Exception("Unknown submit button state.");
42 42 
 }
43 43
Please login to merge, or discard this patch.
www/webauthn.php 1 patch
Spacing   +1 added lines, -1 removed lines patch added patch discarded remove patch 
@@ -13,7 +13,7 @@
 
 block discarded – undo
13 13 
 use SimpleSAML\Logger;
14 14 
 use SimpleSAML\Module;
15 15 
 use SimpleSAML\Utils;
16 
-use SimpleSAML\XHTML\Template;;
16 
+use SimpleSAML\XHTML\Template; ;
17 17
18 18 
 $globalConfig = Configuration::getInstance();
19 19
Please login to merge, or discard this patch.
www/authprocess.php 1 patch
Spacing   +2 added lines, -2 removed lines patch added patch discarded remove patch 
@@ -82,10 +82,10 @@
 
 block discarded – undo
82 82 
 if ($debugEnabled) {
83 83 
     echo $authObject->debugBuffer;
84 84 
     echo $authObject->validateBuffer;
85 
-    echo "Debug mode, not continuing to ". ($state['FIDO2WantsRegister'] ? "credential registration page." : "destination.");
85 
+    echo "Debug mode, not continuing to " . ($state['FIDO2WantsRegister'] ? "credential registration page." : "destination.");
86 86 
 } else {
87 87 
     if ($state['FIDO2WantsRegister']) {
88 
-        header("Location: ".Module::getModuleURL('webauthn/webauthn.php?StateId='.urlencode($id)));
88 
+        header("Location: " . Module::getModuleURL('webauthn/webauthn.php?StateId=' . urlencode($id)));
89 89 
     } else {
90 90 
         Auth\ProcessingChain::resumeProcessing($state);
91 91 
     }
Please login to merge, or discard this patch.
lib/Auth/Process/WebAuthn.php 1 patch
Spacing   +1 added lines, -1 removed lines patch added patch discarded remove patch 
@@ -76,7 +76,7 @@
 
 block discarded – undo
76 76 
             $this->store = Store::parseStoreConfig($config['store']);
77 77 
         } catch (\Exception $e) {
78 78 
             Logger::error(
79 
-                'webauthn: Could not create storage: '.
79 
+                'webauthn: Could not create storage: ' .
80 80 
                 $e->getMessage()
81 81 
             );
82 82 
         }
Please login to merge, or discard this patch.
lib/WebAuthn/WebAuthnRegistrationEvent.php 1 patch
Spacing   +7 added lines, -7 removed lines patch added patch discarded remove patch 
@@ -174,16 +174,16 @@  discard block
 
 block discarded – undo
174 174 
              */
175 175 
             $certProps = openssl_x509_parse($this->der2pem($stmtDecoded['x5c'][0]));
176 176 
             $this->debugBuffer .= "Attestation Certificate:" . print_r($certProps, true) . "<br/>";
177 
-            if ($certProps['version'] != 2 ||                                                                      /** §8.2.1 Bullet 1 */
178 
-                    $certProps['subject']['OU'] != "Authenticator Attestation" ||                                  /** §8.2.1 Bullet 2 [Subject-OU] */
179 
-                    !isset($certProps['subject']['CN']) ||                                                         /** §8.2.1 Bullet 2 [Subject-CN] */
177 
+            if ($certProps['version'] != 2 || /** §8.2.1 Bullet 1 */
178 
+                    $certProps['subject']['OU'] != "Authenticator Attestation" || /** §8.2.1 Bullet 2 [Subject-OU] */
179 
+                    !isset($certProps['subject']['CN']) || /** §8.2.1 Bullet 2 [Subject-CN] */
180 180 
                     !isset($certProps['extensions']['basicConstraints']) ||
181 181 
                     strstr("CA:FALSE", $certProps['extensions']['basicConstraints']) === false                     /** §8.2.1 Bullet 4 */
182 182 
             ) {
183 183 
                 $this->fail("Attestation certificate properties are no good.");
184 184 
             }
185 185 
             if (isset(AAGUID::AAGUID_DICTIONARY[strtolower($this->AAGUID)])) {
186 
-                if ($certProps['subject']['O'] != AAGUID::AAGUID_DICTIONARY[strtolower($this->AAGUID)]['O'] ||     /** §8.2.1 Bullet 2 [Subject-O] */
186 
+                if ($certProps['subject']['O'] != AAGUID::AAGUID_DICTIONARY[strtolower($this->AAGUID)]['O'] || /** §8.2.1 Bullet 2 [Subject-O] */
187 187 
                         $certProps['subject']['C'] != AAGUID::AAGUID_DICTIONARY[strtolower($this->AAGUID)]['C']) { /** §8.2.1 Bullet 2 [Subject-C] */
188 188 
                     $this->fail("AAGUID does not match vendor data.");
189 189 
                 }
 
@@ -288,18 +288,18 @@  discard block
 
 block discarded – undo
288 288 
         if (isset($this->credential[-2]) && sizeof($this->credential[-2]) == 32
289 289 
               &&
290 290 
             isset($this->credential[-3]) && sizeof($this->credential[-3]) == 32) {
291 
-            $publicKeyU2F = chr(4).$this->credential[-2].$this->credential[-3];
291 
+            $publicKeyU2F = chr(4) . $this->credential[-2] . $this->credential[-3];
292 292 
         } else {
293 293 
             $this->fail("FIDO U2F attestation: the public key is not as expected.");
294 294 
         }
295 295 
         /**
296 296 
          * §8.6 Verification Step 5: create verificationData
297 297 
          */
298 
-        $verificationData = chr(0).$this->rpIdHash.$this->clientDataHash.$this->credentialId.$publicKeyU2F;
298 
+        $verificationData = chr(0) . $this->rpIdHash . $this->clientDataHash . $this->credentialId . $publicKeyU2F;
299 299 
         /**
300 300 
          * §8.6 Verification Step 6: verify signature
301 301 
          */
302 
-        if (openssl_verify($verificationData, $stmtDecoded['sig'],$attCert, OPENSSL_ALGO_SHA256) !== 1) {
302 
+        if (openssl_verify($verificationData, $stmtDecoded['sig'], $attCert, OPENSSL_ALGO_SHA256) !== 1) {
303 303 
             $this->fail("FIDO U2F Attestation verification failed.");
304 304 
         } else {
305 305 
             $this->pass("Successfully verified FIDO U2F signature.");
Please login to merge, or discard this patch.