From 8cfdcfb5557032e06429d09e38cef9d7cd7cf661 Mon Sep 17 00:00:00 2001
From: ale <ale@incal.net>
Date: Thu, 2 Dec 2021 18:33:23 +0000
Subject: [PATCH] Add method to parse legacy u2f keys from cli/yaml

---
 ldap/compositetypes/composite_types.go | 27 ++++++++++++++++++++++++++
 1 file changed, 27 insertions(+)

diff --git a/ldap/compositetypes/composite_types.go b/ldap/compositetypes/composite_types.go
index 326441a..812da55 100644
--- a/ldap/compositetypes/composite_types.go
+++ b/ldap/compositetypes/composite_types.go
@@ -16,8 +16,11 @@
 package compositetypes
 
 import (
+	"encoding/base64"
+	"encoding/hex"
 	"encoding/json"
 	"errors"
+	"fmt"
 	"strings"
 
 	"github.com/duo-labs/webauthn/webauthn"
@@ -149,6 +152,30 @@ func UnmarshalU2FRegistration(s string) (*U2FRegistration, error) {
 	}, nil
 }
 
+// ParseU2FRegistrationFromStrings parses the legacy U2F format used
+// in manual key specifications etc. which consists of a
+// base64(url)-encoded key handle, and a hex-encoded public key (in
+// legacy U2F format).
+func ParseU2FRegistrationFromStrings(keyHandle, publicKey string) (*U2FRegistration, error) {
+	// U2F key handles are base64(url)-encoded (no trailing =s).
+	kh, err := base64.RawURLEncoding.DecodeString(keyHandle)
+	if err != nil {
+		return nil, fmt.Errorf("error decoding key handle: %w", err)
+	}
+
+	// U2F public keys are hex-encoded.
+	pk, err := hex.DecodeString(publicKey)
+	if err != nil {
+		return nil, fmt.Errorf("error decoding public key: %w", err)
+	}
+
+	return &U2FRegistration{
+		PublicKey: u2fToCOSE(pk),
+		KeyHandle: kh,
+		Legacy:    true,
+	}, nil
+}
+
 // Decode returns a u2f.Registration object with the decoded public
 // key ready for use in verification.
 func (r *U2FRegistration) Decode() (webauthn.Credential, error) {
-- 
GitLab