Merge pull request #437 from cedarcode/sr--fake-authenticator-support…

…-creating-credentials-of-different-algorithms

Add ability to choose the algorithm when creating a credential with `FakeAuthenticator#make_credential`

lib/webauthn/fake_authenticator.rb

@@ -20,10 +20,11 @@ def make_credential(
       backup_eligibility: false,
       backup_state: false,
       attested_credential_data: true,
+      algorithm: nil,
       sign_count: nil,
       extensions: nil
     )
-      credential_id, credential_key, credential_sign_count = new_credential
+      credential_id, credential_key, credential_sign_count = new_credential(algorithm)
       sign_count ||= credential_sign_count
 
       credentials[rp_id] ||= {}
@@ -109,8 +110,21 @@ def get_assertion(
 
     attr_reader :credentials
 
-    def new_credential
-      [SecureRandom.random_bytes(16), OpenSSL::PKey::EC.generate("prime256v1"), 0]
+    def new_credential(algorithm)
+      algorithm ||= 'ES256'
+      credential_key =
+        case algorithm
+        when 'ES256'
+          OpenSSL::PKey::EC.generate('prime256v1')
+        when 'RS256'
+          OpenSSL::PKey::RSA.new(2048)
+        when 'EdDSA'
+          OpenSSL::PKey.generate_key("ED25519")
+        else
+          raise "Unsupported algorithm #{algorithm}"
+        end
+
+      [SecureRandom.random_bytes(16), credential_key, 0]
     end
 
     def hashed(target)

lib/webauthn/fake_client.rb

@@ -32,6 +32,7 @@ def create(
       backup_eligibility: false,
       backup_state: false,
       attested_credential_data: true,
+      credential_algorithm: nil,
       extensions: nil
     )
       rp_id ||= URI.parse(origin).host
@@ -47,6 +48,7 @@ def create(
         backup_eligibility: backup_eligibility,
         backup_state: backup_state,
         attested_credential_data: attested_credential_data,
+        algorithm: credential_algorithm,
         extensions: extensions
       )