diff --git a/.gitignore b/.gitignore
index 896796d4c..2ad24a54e 100644
--- a/.gitignore
+++ b/.gitignore
@@ -11,6 +11,9 @@ out/
*.iws
.attach_pid*
+# VS Code
+.vscode/
+
# Mac
.DS_Store
diff --git a/NEWS b/NEWS
index c3088166b..f1c909e04 100644
--- a/NEWS
+++ b/NEWS
@@ -1,3 +1,11 @@
+== Version 2.6.0 (unreleased) ==
+
+* Added method `getParsedPublicKey(): java.security.PublicKey` to
+ `RegistrationResult` and `RegisteredCredential`.
+ ** Thanks to Jakob Heher (A-SIT) for the contribution, see
+ https://github.com/Yubico/java-webauthn-server/pull/299
+
+
== Version 2.5.0 (unreleased) ==
`webauthn-server-core`:
diff --git a/webauthn-server-core/src/main/java/com/yubico/webauthn/RegisteredCredential.java b/webauthn-server-core/src/main/java/com/yubico/webauthn/RegisteredCredential.java
index a33ac9793..38abf25f6 100644
--- a/webauthn-server-core/src/main/java/com/yubico/webauthn/RegisteredCredential.java
+++ b/webauthn-server-core/src/main/java/com/yubico/webauthn/RegisteredCredential.java
@@ -24,8 +24,10 @@
package com.yubico.webauthn;
+import COSE.CoseException;
import com.fasterxml.jackson.annotation.JsonAlias;
import com.fasterxml.jackson.annotation.JsonCreator;
+import com.fasterxml.jackson.annotation.JsonIgnore;
import com.fasterxml.jackson.annotation.JsonProperty;
import com.yubico.webauthn.data.AttestedCredentialData;
import com.yubico.webauthn.data.AuthenticatorAssertionResponse;
@@ -34,6 +36,10 @@
import com.yubico.webauthn.data.COSEAlgorithmIdentifier;
import com.yubico.webauthn.data.PublicKeyCredentialDescriptor;
import com.yubico.webauthn.data.UserIdentity;
+import java.io.IOException;
+import java.security.NoSuchAlgorithmException;
+import java.security.PublicKey;
+import java.security.spec.InvalidKeySpecException;
import java.util.Optional;
import lombok.AccessLevel;
import lombok.Builder;
@@ -84,6 +90,19 @@ public final class RegisteredCredential {
*/
@NonNull private final ByteArray publicKeyCose;
+ /**
+ * The public key of the credential, parsed as a {@link PublicKey} object.
+ *
+ * @see #getPublicKeyCose()
+ * @see RegistrationResult#getParsedPublicKey()
+ */
+ @NonNull
+ @JsonIgnore
+ public PublicKey getParsedPublicKey()
+ throws InvalidKeySpecException, NoSuchAlgorithmException, CoseException, IOException {
+ return WebAuthnCodecs.importCosePublicKey(getPublicKeyCose());
+ }
+
/**
* The stored signature
* count of the credential.
diff --git a/webauthn-server-core/src/main/java/com/yubico/webauthn/RegistrationResult.java b/webauthn-server-core/src/main/java/com/yubico/webauthn/RegistrationResult.java
index b113b3072..d0f815862 100644
--- a/webauthn-server-core/src/main/java/com/yubico/webauthn/RegistrationResult.java
+++ b/webauthn-server-core/src/main/java/com/yubico/webauthn/RegistrationResult.java
@@ -24,6 +24,7 @@
package com.yubico.webauthn;
+import COSE.CoseException;
import com.fasterxml.jackson.annotation.JsonCreator;
import com.fasterxml.jackson.annotation.JsonIgnore;
import com.fasterxml.jackson.annotation.JsonProperty;
@@ -41,9 +42,13 @@
import com.yubico.webauthn.data.ClientRegistrationExtensionOutputs;
import com.yubico.webauthn.data.PublicKeyCredential;
import com.yubico.webauthn.data.PublicKeyCredentialDescriptor;
+import java.io.IOException;
+import java.security.NoSuchAlgorithmException;
+import java.security.PublicKey;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
+import java.security.spec.InvalidKeySpecException;
import java.util.List;
import java.util.Optional;
import java.util.stream.Collectors;
@@ -285,6 +290,19 @@ public ByteArray getPublicKeyCose() {
.getCredentialPublicKey();
}
+ /**
+ * The public key of the created credential, parsed as a {@link PublicKey} object.
+ *
+ * @see #getPublicKeyCose()
+ * @see RegisteredCredential#getParsedPublicKey()
+ */
+ @NonNull
+ @JsonIgnore
+ public PublicKey getParsedPublicKey()
+ throws InvalidKeySpecException, NoSuchAlgorithmException, CoseException, IOException {
+ return WebAuthnCodecs.importCosePublicKey(getPublicKeyCose());
+ }
+
/**
* The client