### Install Noir WebAuthn Library via Nargo.toml Source: https://github.com/olehmisar/noir_webauthn/blob/main/README.md This TOML snippet shows how to add the noir_webauthn library as a dependency in your Nargo.toml file. It specifies the version using a git tag for reproducible builds. Ensure you replace 'v0.37.2' with the desired version. ```toml [dependencies] webauthn = { tag = "v0.37.2", git = "https://github.com/olehmisar/noir_webauthn" } ``` -------------------------------- ### Verify WebAuthn Signature using Noir Source: https://github.com/olehmisar/noir_webauthn/blob/main/README.md This Rust (Noir) code snippet demonstrates how to use the `webauthn::verify_signature` function. It outlines the expected input parameters, including public key coordinates, signature, client data, authenticator data, challenge, and challenge index, and asserts the verification result. ```rust let result = webauthn::verify_signature( // [u8; 32] - x coordinate of WebAuthn public key generated by `credentials.create` public_key_x, // [u8; 32] - y coordinate of WebAuthn public key generated by `credentials.create` public_key_y, // [u8; 64] - signature generated by `credentials.get` signature, // BoundedVec - clientDataJSON generated `credentials.get` client_data_json, // BoundedVec - authenticatorData generated `credentials.get` authenticator_data, // [u8; 32] - challenge generated `credentials.get` challenge, // u32 - index of challenge in clientDataJSON challenge_index, ); assert(result, "webauthn signature verification failed"); ``` -------------------------------- ### Configure WebAuthn Buffer Sizes in Rust Source: https://context7.com/olehmisar/noir_webauthn/llms.txt Demonstrates how to configure custom buffer sizes for client data JSON and authenticator data in Rust when using the Noir WebAuthn library. Larger buffers are suitable for complex scenarios, while smaller buffers reduce circuit size. The verify_signature function is used to validate the WebAuthn credentials. ```rust use dep::webauthn; // Configure custom buffer sizes for your application fn verify_with_large_buffers( public_key_x: [u8; 32], public_key_y: [u8; 32], signature: [u8; 64], challenge: [u8; 32], ) { // Allocate larger buffers for complex WebAuthn responses // CLIENT_DATA_JSON_MAX_LEN = 512 (instead of default 256) // AUTHENTICATOR_DATA_MAX_LEN = 128 (instead of default 64) let client_data_json: BoundedVec = BoundedVec::from([/* ... */]); let authenticator_data: BoundedVec = BoundedVec::from([/* ... */]); let is_valid = webauthn::verify_signature( public_key_x, public_key_y, signature, client_data_json, authenticator_data, challenge, 36, // challenge_index ); assert(is_valid); } // Configure minimal buffers for simple scenarios fn verify_with_minimal_buffers( public_key_x: [u8; 32], public_key_y: [u8; 32], signature: [u8; 64], challenge: [u8; 32], ) { // Use smaller buffers to reduce circuit size // CLIENT_DATA_JSON_MAX_LEN = 200 // AUTHENTICATOR_DATA_MAX_LEN = 50 let client_data_json: BoundedVec = BoundedVec::from([/* ... */]); let authenticator_data: BoundedVec = BoundedVec::from([/* ... */]); let is_valid = webauthn::verify_signature( public_key_x, public_key_y, signature, client_data_json, authenticator_data, challenge, 36, ); assert(is_valid); } ``` -------------------------------- ### Verify WebAuthn Signature in Noir Source: https://context7.com/olehmisar/noir_webauthn/llms.txt Verifies a WebAuthn signature using public key coordinates, signature, client data, authenticator data, and a challenge. It handles base64url encoding, SHA-256 hashing, and data concatenation as per the WebAuthn specification. Dependencies include the `dep::webauthn` library. ```rust use dep::webauthn; fn main( public_key_x: [u8; 32], public_key_y: [u8; 32], signature: [u8; 64], client_data_json: BoundedVec, authenticator_data: BoundedVec, challenge: [u8; 32], challenge_index: u32, ) { // Example values from a real WebAuthn credential let pub_key_x = [ 91, 200, 36, 72, 14, 85, 105, 189, 204, 19, 185, 157, 161, 241, 56, 107, 228, 8, 67, 156, 7, 183, 173, 111, 146, 216, 51, 2, 244, 251, 78, 203, ]; let pub_key_y = [ 30, 52, 243, 79, 92, 114, 5, 253, 138, 212, 14, 51, 122, 247, 225, 82, 193, 243, 157, 70, 225, 62, 254, 206, 247, 110, 252, 111, 188, 128, 142, 226, ]; let sig = [ 47, 222, 74, 22, 26, 2, 142, 123, 25, 179, 68, 61, 58, 204, 200, 245, 241, 176, 227, 237, 173, 115, 147, 229, 128, 165, 63, 170, 148, 250, 171, 141, 115, 50, 249, 181, 84, 62, 116, 119, 139, 101, 89, 14, 140, 246, 186, 29, 143, 146, 13, 198, 186, 85, 47, 213, 235, 176, 236, 26, 88, 231, 191, 129, ]; // Client data JSON contains type, challenge, origin, and crossOrigin fields let client_data = BoundedVec::from([ 123, 34, 116, 121, 112, 101, 34, 58, 34, 119, 101, 98, 97, 117, 116, 104, 110, 46, 103, 101, 116, 34, 44, 34, 99, 104, 97, 108, 108, 101, 110, 103, 101, 34, 58, 34, 85, 76, 76, 69, 80, 57, 79, 82, 66, 114, 114, 55, 117, 103, 50, 106, 84, 56, 81, 119, 52, 102, 107, 101, 80, 74, 98, 113, 75, 115, 55, 105, 118, 68, 81, 82, 110, 53, 75, 122, 100, 49, 65, 34, 44, 34, 111, 114, 105, 103, 105, 110, 34, 58, 34, 104, 116, 116, 112, 58, 47, 47, 108, 111, 99, 97, 108, 104, 111, 115, 116, 58, 53, 49, 56, 52, 34, 44, 34, 99, 114, 111, 115, 115, 79, 114, 105, 103, 105, 110, 34, 58, 102, 97, 108, 115, 101, 125, ]); let auth_data = BoundedVec::from([ 73, 150, 13, 229, 136, 14, 140, 104, 116, 52, 23, 15, 100, 118, 96, 91, 143, 228, 174, 185, 162, 134, 50, 199, 153, 92, 243, 186, 131, 29, 151, 99, 29, 0, 0, 0, 0, ]); let challenge_bytes = [ 80, 178, 196, 63, 211, 145, 6, 186, 251, 186, 13, 163, 79, 196, 48, 225, 249, 30, 60, 150, 234, 42, 206, 226, 188, 52, 17, 159, 146, 179, 119, 80, ]; // Index where the base64url-encoded challenge appears in client_data_json let challenge_idx = 36; // Verify the signature let is_valid = webauthn::verify_signature( pub_key_x, pub_key_y, sig, client_data, auth_data, challenge_bytes, challenge_idx, ); assert(is_valid, "WebAuthn signature verification failed"); } ``` -------------------------------- ### verify_signature - Main Verification Function Source: https://context7.com/olehmisar/noir_webauthn/llms.txt Verifies a WebAuthn signature by validating authenticator data, client data JSON, challenge, and the ECDSA secp256r1 signature. ```APIDOC ## verify_signature - Main Verification Function ### Description Verifies a WebAuthn signature (passkey signature) by validating the authenticator data, client data JSON, challenge, and cryptographic signature using the secp256r1 elliptic curve. This function performs all necessary checks including challenge presence verification in the client data JSON and ECDSA signature validation against the provided public key coordinates. ### Method Internal Function Call ### Endpoint N/A (Rust function within a Noir circuit) ### Parameters #### Path Parameters None #### Query Parameters None #### Request Body - **public_key_x** ([u8; 32]) - Required - The x-coordinate of the public key. - **public_key_y** ([u8; 32]) - Required - The y-coordinate of the public key. - **signature** ([u8; 64]) - Required - The ECDSA signature (r and s components). - **client_data_json** (BoundedVec) - Required - The JSON string containing client-side data, base64url encoded. - **authenticator_data** (BoundedVec) - Required - The authenticator data, base64url encoded. - **challenge** ([u8; 32]) - Required - The challenge issued by the relying party. - **challenge_index** (u32) - Required - The index in `client_data_json` where the challenge string begins. ### Request Example ```rust use dep::webauthn; // ... (example parameter values) let is_valid = webauthn::verify_signature( pub_key_x, pub_key_y, sig, client_data, auth_data, challenge_bytes, challenge_idx, ); assert(is_valid, "WebAuthn signature verification failed"); ``` ### Response #### Success Response (Boolean) - **is_valid** (bool) - True if the signature is valid, false otherwise. #### Response Example ```json // This is a conceptual representation, the actual output is a boolean result within the circuit. // If the assertion passes, the verification was successful. ``` ``` -------------------------------- ### SIGNATURE_LEN - Signature Length Constant Source: https://context7.com/olehmisar/noir_webauthn/llms.txt Global constant defining the expected length of WebAuthn signatures (64 bytes) for secp256r1 ECDSA signatures. ```APIDOC ## SIGNATURE_LEN - Signature Length Constant ### Description Global constant defining the expected length of WebAuthn signatures in bytes. WebAuthn uses ECDSA signatures on the secp256r1 curve, which produce 64-byte signatures (32 bytes for r and 32 bytes for s components). ### Method Constant Definition ### Endpoint N/A (Rust constant within the `dep::webauthn` module) ### Parameters None ### Request Example ```rust use dep::webauthn; // Accessing the constant let signature_length = webauthn::SIGNATURE_LEN; // Usage in function signature fn verify_custom_signature( public_key_x: [u8; 32], public_key_y: [u8; 32], signature: [u8; webauthn::SIGNATURE_LEN], // Explicitly typed with the constant // ... other parameters ) -> bool { assert(signature.len() == webauthn::SIGNATURE_LEN); // ... rest of verification logic } ``` ### Response #### Success Response (Integer) - **SIGNATURE_LEN** (usize) - The value 64, representing the byte length of a WebAuthn signature. #### Response Example ```json // Conceptual representation of the constant value. { "SIGNATURE_LEN": 64 } ``` ``` -------------------------------- ### Noir WebAuthn Signature Length Constant Source: https://context7.com/olehmisar/noir_webauthn/llms.txt Defines the constant `SIGNATURE_LEN` for WebAuthn signatures, which are 64 bytes long due to ECDSA secp256r1 (32 bytes for r and 32 bytes for s). This constant ensures correct signature length validation in custom verification functions. ```rust use dep::webauthn; fn verify_custom_signature( public_key_x: [u8; 32], public_key_y: [u8; 32], signature: [u8; webauthn::SIGNATURE_LEN], // 64 bytes client_data_json: BoundedVec, authenticator_data: BoundedVec, challenge: [u8; 32], challenge_index: u32, ) -> bool { // Ensure signature has correct length assert(signature.len() == webauthn::SIGNATURE_LEN); // Perform verification with custom buffer sizes let result = webauthn::verify_signature( public_key_x, public_key_y, signature, client_data_json, authenticator_data, challenge, challenge_index, ); result } ``` === COMPLETE CONTENT === This response contains all available snippets from this library. No additional content exists. Do not make further requests.