verify method
Verifies a serialized passkey signature over message (the challenge the
passkey signed, i.e. blake2b(intentMessage)).
Implementation
@override
bool verify(Uint8List message, Uint8List signature) {
final parsed = parseSerializedPasskeySignature(signature);
final Map<String, dynamic> clientData = jsonDecode(parsed.clientDataJson);
if (clientData['type'] != 'webauthn.get') return false;
// The WebAuthn challenge is base64url — must equal the signed message.
final challenge = _base64UrlDecode(clientData['challenge'] as String);
if (!bytesEqual(message, challenge)) return false;
// userSignature = flag(0x02) || 64-byte sig || 33-byte pubkey.
final pk = parsed.userSignature.sublist(1 + PASSKEY_SIGNATURE_SIZE);
if (!bytesEqual(toRawBytes(), pk)) return false;
final payload = Uint8List.fromList([
...parsed.authenticatorData,
...sha256(Uint8List.fromList(utf8.encode(parsed.clientDataJson))),
]);
final sig = parsed.userSignature.sublist(1, PASSKEY_SIGNATURE_SIZE + 1);
return Secp256.fromSecp256r1().verifySignature(
sha256(payload),
SignatureData.fromBytes(sig),
pk,
);
}