Move OID info to curve for comparison

Firehed · Mar 9, 2024 · e63da93 · e63da93
1 parent 85bdf1e
commit e63da93
Show file tree

Hide file tree

Showing 2 changed files with 10 additions and 4 deletions.
diff --git a/src/Attestations/FidoU2F.php b/src/Attestations/FidoU2F.php
@@ -8,6 +8,7 @@
 use Firehed\WebAuthn\AuthenticatorData;
 use Firehed\WebAuthn\BinaryString;
 use Firehed\WebAuthn\Certificate;
+use Firehed\WebAuthn\COSE\Curve;
 use Firehed\WebAuthn\PublicKey\EllipticCurve;
 
 /**
@@ -46,10 +47,7 @@ public function verify(AuthenticatorData $data, BinaryString $clientDataHash): V
         if ($info['type'] !== OPENSSL_KEYTYPE_EC) {
             throw new \Exception('Certificate PubKey is not Elliptic Curve');
         }
-        // OID for P-156 curve
-        // http://oid-info.com/get/1.2.840.10045.3.1.7
-        // See also EllipticCurve
-        if ($info['ec']['curve_oid'] !== '1.2.840.10045.3.1.7') {
+        if ($info['ec']['curve_oid'] !== Curve::P256->getOid()) {
             throw new \Exception('Certificate PubKey is not Elliptic Curve');
         }
 

diff --git a/src/COSE/Curve.php b/src/COSE/Curve.php
@@ -30,4 +30,12 @@ enum Curve: int
     case ED25519 = 6; // OKP
 
     case ED448 = 7; // OKP
+
+    public function getOid(): string
+    {
+        return match ($this) { // @phpstan-ignore-line default unhandled match is desired
+            self::P256 => '1.2.840.10045.3.1.7',
+            // TODO: add others as support increases
+        };
+    }
 }