fix(core): Strictened the sign routine

Closes #14

Author: grantila

lib/u2f-api.ts

@@ -21,8 +21,7 @@ export interface RegisterRequest {
 	challenge: string;
 }
 
-export interface SignRequest
-	extends RegisterRequest {
+export interface SignRequest extends RegisterRequest {
 	keyHandle: string;
 }
 
@@ -38,6 +37,16 @@ export interface SignResponse {
 	signatureData: string;
 }
 
+export type Transport = 'bt' | 'ble' | 'nfc' | 'usb';
+export type Transports = Array< Transport >;
+
+export interface RegisteredKey {
+	version: string;
+	keyHandle: string;
+	transports: Transports;
+	appId: string;
+}
+
 var _backend: Promise< API > = null;
 function getBackend( )
 {
@@ -147,6 +156,22 @@ export function ensureSupport( )
 	.then( _ensureSupport );
 }
 
+function arrayify< T >(
+	value:
+			T | Array< T > | Readonly< T > | ReadonlyArray< T > | undefined | null
+)
+: Array< T >
+{
+	if ( value != null && Array.isArray( value ) )
+		return value;
+
+	return value == null
+		? [ ]
+		: Array.isArray( value )
+		? [ ...value ]
+		: [ < T >value ];
+}
+
 export function register(
 	registerRequests: RegisterRequest | ReadonlyArray< RegisterRequest >,
 	signRequests: SignRequest | ReadonlyArray< SignRequest >,
@@ -163,17 +188,17 @@ export function register(
 )
 : Promise< RegisterResponse >
 {
-	if ( !Array.isArray( registerRequests ) )
-		registerRequests = [ registerRequests ] as ReadonlyArray< RegisterRequest >;
+	const _registerRequests = arrayify( registerRequests );
 
 	if ( typeof signRequests === 'number' && typeof timeout === 'undefined' )
 	{
 		timeout = signRequests;
 		signRequests = null;
 	}
 
-	if ( !signRequests )
-		signRequests = [ ];
+	const _signRequests = arrayify(
+		< SignRequest | ReadonlyArray< SignRequest > >signRequests
+	);
 
 	return getBackend( )
 	.then( function( backend )
@@ -195,10 +220,10 @@ export function register(
 				}
 			}
 
-			const appId = registerRequests[ 0 ].appId;
+			const appId = _registerRequests[ 0 ].appId;
 
 			u2f.register(
-				appId, registerRequests, signRequests, callback, timeout );
+				appId, _registerRequests, _signRequests, callback, timeout );
 		} );
 	} );
 }
@@ -209,8 +234,7 @@ export function sign(
 )
 : Promise< SignResponse >
 {
-	if ( !Array.isArray( signRequests ) )
-		signRequests = [ signRequests ] as ReadonlyArray< SignRequest >;
+	const _signRequests = arrayify( signRequests );
 
 	return getBackend( )
 	.then( function( backend )
@@ -232,10 +256,14 @@ export function sign(
 				}
 			}
 
-			const appId = signRequests[ 0 ].appId;
-			const challenge = signRequests[ 0 ].challenge;
+			const appId = _signRequests[ 0 ].appId;
+			const challenge = _signRequests[ 0 ].challenge;
+			const registeredKeys = _signRequests
+				.map( ( { version, keyHandle, appId } ) =>
+					( { version, keyHandle, appId } as RegisteredKey )
+				);
 
-			u2f.sign( appId, challenge, signRequests, callback, timeout );
+			u2f.sign( appId, challenge, registeredKeys, callback, timeout );
 		} );
 	} );
 }

package.json

@@ -38,12 +38,14 @@
     "@types/mocha": "5.x",
     "already": "1.x",
     "chai": "4.x",
+    "commitizen": "3.x",
     "cz-conventional-changelog": "2.x",
     "jsdom": "11.x",
     "mocha": "5.x",
     "pre-commit": "1.x",
     "rimraf": "2.x",
     "semantic-release": "15.x",
+    "source-map-support": "0.x",
     "travis-deploy-once": "5.x",
     "typescript": "3.x"
   },

test/u2f-api/index.ts

@@ -3,6 +3,8 @@
 declare var global: any;
 declare var require: any;
 
+import 'source-map-support/register'
+
 import 'mocha';
 import { expect } from 'chai';
 import { Finally, Try, delay } from 'already';
@@ -161,7 +163,7 @@ function u2fMock( props: MockProps = { } )
 		sign(
 			appId,
 			challenge,
-			signRequests: Array< FakeRequest >,
+			registeredKeys: Array< u2fApi.RegisteredKey >,
 			cbNative,
 			timeout
 		)
@@ -171,10 +173,8 @@ function u2fMock( props: MockProps = { } )
 				if ( props.appId && props.appId !== appId )
 					return { errorCode: ErrorCodesEnum.BAD_REQUEST };
 
-				const found = signRequests.some( req =>
+				const found = registeredKeys.some( req =>
 					store.some( storeReq =>
-						storeReq.request === req.request
-						&&
 						storeReq.appId === req.appId
 					)
 				);