explain challenge generation

[raylu]

neither the affiliated https://webauthn.guide/, the readme, nor the examples talk about how to handle the challenge

my read is that the server is intended to store the challenge in a way that associates it with each registration/login attempt because the verify functions all take expected_challenge

I found this cumbersome (I didn't have a redis or similar and didn't want to store them in my DB), so I instead came up with a signing mechanism for my challenges where I HMAC a secret with the time and the user's username (and check that the signature happened in the last 300 seconds)

def register_challenge(request: Request) -> Response:
	username: str = request.body['username']
	reg_opts = webauthn.generate_registration_options(..., challenge=_make_challenge(username))
	return Response(webauthn.options_to_json(reg_opts), content_type='application/json')

def register_attest(request: Request) -> Response:
	credential: dict = request.body['credential']
	challenge = _verify_challenge(username, credential)

	try:
		registration = webauthn.verify_registration_response(credential=credential,
			expected_challenge=challenge, ...)
		db.User.create(username=username, public_key=registration.credential_public_key)
	except webauthn.helpers.exceptions.InvalidRegistrationResponse:
		return Response(code=403)
	return Response.json(True)

def login_challenge(request: Request) -> Response:
	username: str = request.body['username']
	authn_opts = webauthn.generate_authentication_options(..., challenge=_make_challenge(username))
	return Response(webauthn.options_to_json(authn_opts), content_type='application/json')

def login_assert(request: Request) -> Response:
	username: str = request.body['username']
	user = db.User.get_or_none(username=username)
	if user is None:
		return Response(code=403)

	assertion: dict = request.body['assertion']
	challenge = _verify_challenge(username, assertion)
	try:
		webauthn.verify_authentication_response(credential=assertion, expected_challenge=challenge,
				credential_public_key=user.public_key, credential_current_sign_count=0, ...)
	except webauthn.helpers.exceptions.InvalidAuthenticationResponse:
		return Response(code=403)

	response = Response.json(True)
	response.set_secure_cookie(request, 'user_id', user.id, max_age=datetime.timedelta(days=30), http_only=True)
	response.set_cookie('username', user.username, max_age=datetime.timedelta(days=30))
	return response

def _make_challenge(username: str) -> bytes:
	challenge = struct.pack('Q', int(time.time())) + username.encode('utf-8')[:24]
	return _sign(challenge) + challenge

def _verify_challenge(username: str, credential: dict) -> bytes:
	client_data = json.loads(webauthn.base64url_to_bytes(credential['response']['clientDataJSON']))
	challenge = webauthn.base64url_to_bytes(client_data['challenge'])
	(ts,) = struct.unpack('Q', challenge[32:40])
	if ts + 300 < time.time():
		raise HTTPException(403, 'challenge expired')
	if username.encode('utf-8')[:24] != challenge[40:]:
		raise HTTPException(403, 'username does not match challenge')
	if not hmac.compare_digest(challenge[:32], _sign(challenge[32:])):
		raise HTTPException(403, 'invalid challenge signature')
	return challenge

def _sign(msg: bytes) -> bytes:
	return hashlib.blake2b(msg, key=config.webauthn_challenge_secret, digest_size=32).digest()

as you can see, I had to pull apart the clientDataJSON to get at the challenge to verify the signature
then, I fed the "expected" challenge to webauthn for no reason
it'd be great if webauthn both provided some guidance on how to handle challenges and to support this sort of signed challenge

also credential_current_sign_count just seems pretty pointless and I'd really like to not pass it in. if I really wanted to track this, I can write my own incrementor. it's not helping