Index: chrome/browser/resources/cryptotoken/gnubby-u2f.js |
diff --git a/chrome/browser/resources/cryptotoken/gnubby-u2f.js b/chrome/browser/resources/cryptotoken/gnubby-u2f.js |
index 1ffbc276cc71ef266ba103f0eaee71aa8be86da3..9dd84fd075c6572e485197cc594b1c9e7c6a43a2 100644 |
--- a/chrome/browser/resources/cryptotoken/gnubby-u2f.js |
+++ b/chrome/browser/resources/cryptotoken/gnubby-u2f.js |
@@ -34,26 +34,25 @@ Gnubby.U2F_V1 = 'U2F_V1'; |
/** V2 of the applet. */ |
Gnubby.U2F_V2 = 'U2F_V2'; |
-/** |
- * Google corporate appId hash |
- * @private |
- */ |
-Gnubby.GOOGLE_CORP_APP_ID_HASH_ = 'ZEZHL99u7Xvzwzcg8jZnbDbhtF6-BIXbiaPN_dJL1p8'; |
- |
/** Perform enrollment |
* @param {ArrayBuffer|Uint8Array} challenge Enrollment challenge |
* @param {ArrayBuffer|Uint8Array} appIdHash Hashed application id |
* @param {function(...)} cb Result callback |
+ * @param {boolean=} opt_individualAttestation Request the individual |
+ * attestation cert rather than the batch one. |
*/ |
-Gnubby.prototype.enroll = function(challenge, appIdHash, cb) { |
+Gnubby.prototype.enroll = function(challenge, appIdHash, cb, |
+ opt_individualAttestation) { |
+ var p1 = Gnubby.P1_TUP_REQUIRED | Gnubby.P1_TUP_CONSUME; |
+ if (opt_individualAttestation) { |
+ p1 |= Gnubby.P1_INDIVIDUAL_KEY; |
+ } |
var apdu = new Uint8Array( |
[0x00, |
Gnubby.U2F_ENROLL, |
- Gnubby.P1_TUP_REQUIRED | Gnubby.P1_TUP_CONSUME, |
+ p1, |
0x00, 0x00, 0x00, |
challenge.length + appIdHash.length]); |
- if (B64_encode(appIdHash) == Gnubby.GOOGLE_CORP_APP_ID_HASH_) |
- apdu[2] |= Gnubby.P1_INDIVIDUAL_KEY; |
var u8 = new Uint8Array(apdu.length + challenge.length + |
appIdHash.length + 2); |
for (var i = 0; i < apdu.length; ++i) u8[i] = apdu[i]; |