Add Ed25519 to PubKeyCredParams

Use COSE.Algorithm for PubKeyCredParam.Alg instead of hardcoding alg values.  Fixes #192.

Author: aseigler

Src/Fido2/Objects/COSETypes.cs Src/Fido2.Models/COSETypes.csSrc/Fido2/Objects/COSETypes.cs renamed to Src/Fido2.Models/COSETypes.cs

@@ -87,6 +87,7 @@ public static CredentialCreateOptions Create(Fido2Configuration config, byte[] c
                     ES512,
                     RS512,
                     PS512,
+                    Ed25519,
                 },
                 AuthenticatorSelection = authenticatorSelection,
                 Attestation = attestationConveyancePreference,
@@ -109,48 +110,53 @@ public static CredentialCreateOptions FromJson(string json)
         {
             // External authenticators support the ES256 algorithm
             Type = PublicKeyCredentialType.PublicKey,
-            Alg = -7
+            Alg = COSE.Algorithm.ES256,
         };
         private static PubKeyCredParam ES384 = new PubKeyCredParam()
         {
             Type = PublicKeyCredentialType.PublicKey,
-            Alg = -35
+            Alg = COSE.Algorithm.ES384,
         };
         private static PubKeyCredParam ES512 = new PubKeyCredParam()
         {
             Type = PublicKeyCredentialType.PublicKey,
-            Alg = -36
+            Alg = COSE.Algorithm.ES512,
         };
         private static PubKeyCredParam RS256 = new PubKeyCredParam()
         {
             // Windows Hello supports the RS256 algorithm
             Type = PublicKeyCredentialType.PublicKey,
-            Alg = -257
+            Alg = COSE.Algorithm.RS256,
         };
         private static PubKeyCredParam RS384 = new PubKeyCredParam()
         {
             Type = PublicKeyCredentialType.PublicKey,
-            Alg = -258
+            Alg = COSE.Algorithm.RS384,
         };
         private static PubKeyCredParam RS512 = new PubKeyCredParam()
         {
             Type = PublicKeyCredentialType.PublicKey,
-            Alg = -259
+            Alg = COSE.Algorithm.RS512,
         };
         private static PubKeyCredParam PS256 = new PubKeyCredParam()
         {
             Type = PublicKeyCredentialType.PublicKey,
-            Alg = -37
+            Alg = COSE.Algorithm.PS256,
         };
         private static PubKeyCredParam PS384 = new PubKeyCredParam()
         {
             Type = PublicKeyCredentialType.PublicKey,
-            Alg = -38
+            Alg = COSE.Algorithm.PS384,
         };
         private static PubKeyCredParam PS512 = new PubKeyCredParam()
         {
             Type = PublicKeyCredentialType.PublicKey,
-            Alg = -39
+            Alg = COSE.Algorithm.PS512,
+        };
+        private static PubKeyCredParam Ed25519 = new PubKeyCredParam()
+        {
+            Type = PublicKeyCredentialType.PublicKey,
+            Alg = COSE.Algorithm.EdDSA,
         };
     }
 
@@ -166,7 +172,7 @@ public class PubKeyCredParam
         /// The alg member specifies the cryptographic signature algorithm with which the newly generated credential will be used, and thus also the type of asymmetric key pair to be generated, e.g., RSA or Elliptic Curve.
         /// </summary>
         [JsonProperty("alg")]
-        public long Alg { get; set; }
+        public COSE.Algorithm Alg { get; set; }
     }
 
     /// <summary>

Src/Fido2.Models/CredentialCreateOptions.cs

@@ -192,7 +192,7 @@ public void TestApplePublicKeyMismatch()
                 {
                     new PubKeyCredParam
                     {
-                        Alg = -7,
+                        Alg = COSE.Algorithm.ES256,
                         Type = PublicKeyCredentialType.PublicKey,
                     }
                 },

Test/Attestation/Apple.cs

@@ -195,7 +195,7 @@ public void TestAuthenticatorAttestationResponseInvalidType()
                 {
                     new PubKeyCredParam
                     {
-                        Alg = -7,
+                        Alg = COSE.Algorithm.ES256,
                         Type = PublicKeyCredentialType.PublicKey,
                     }
                 },
@@ -271,7 +271,7 @@ public void TestAuthenticatorAttestationResponseInvalidRawId(byte[] value)
                 {
                     new PubKeyCredParam
                     {
-                        Alg = -7,
+                        Alg = COSE.Algorithm.ES256,
                         Type = PublicKeyCredentialType.PublicKey,
                     }
                 },
@@ -345,7 +345,7 @@ public void TestAuthenticatorAttestationResponseInvalidRawType()
                 {
                     new PubKeyCredParam
                     {
-                        Alg = -7,
+                        Alg = COSE.Algorithm.ES256,
                         Type = PublicKeyCredentialType.PublicKey,
                     }
                 },
@@ -426,7 +426,7 @@ public void TestAuthenticatorAttestationResponseRpidMismatch()
                 {
                     new PubKeyCredParam
                     {
-                        Alg = -7,
+                        Alg = COSE.Algorithm.ES256,
                         Type = PublicKeyCredentialType.PublicKey,
                     }
                 },
@@ -507,7 +507,7 @@ public void TestAuthenticatorAttestationResponseNotUserPresent()
                 {
                     new PubKeyCredParam
                     {
-                        Alg = -7,
+                        Alg = COSE.Algorithm.ES256,
                         Type = PublicKeyCredentialType.PublicKey,
                     }
                 },
@@ -588,7 +588,7 @@ public void TestAuthenticatorAttestationResponseNoAttestedCredentialData()
                 {
                     new PubKeyCredParam
                     {
-                        Alg = -7,
+                        Alg = COSE.Algorithm.ES256,
                         Type = PublicKeyCredentialType.PublicKey,
                     }
                 },
@@ -670,7 +670,7 @@ public void TestAuthenticatorAttestationResponseUnknownAttestationType()
                 {
                     new PubKeyCredParam
                     {
-                        Alg = -7,
+                        Alg = COSE.Algorithm.ES256,
                         Type = PublicKeyCredentialType.PublicKey,
                     }
                 },
@@ -752,7 +752,7 @@ public void TestAuthenticatorAttestationResponseNotUniqueCredId()
                 {
                     new PubKeyCredParam
                     {
-                        Alg = -7,
+                        Alg = COSE.Algorithm.ES256,
                         Type = PublicKeyCredentialType.PublicKey,
                     }
                 },

Test/AuthenticatorResponse.cs

@@ -250,13 +250,13 @@ public Attestation()
                     Challenge = _challenge,
                     ErrorMessage = "",
                     PubKeyCredParams = new List<PubKeyCredParam>()
-                {
-                    new PubKeyCredParam
-                    {
-                        Alg = -7,
-                        Type = PublicKeyCredentialType.PublicKey,
-                    }
-                },
+                    {
+                        new PubKeyCredParam
+                        {
+                            Alg = COSE.Algorithm.ES256,
+                            Type = PublicKeyCredentialType.PublicKey,
+                        }
+                    },
                     Rp = new PublicKeyCredentialRpEntity(rp, rp, ""),
                     Status = "ok",
                     User = new Fido2User