sign method

Future<Uint8List> sign(
  1. Uint8List data
)

Asks the authenticator to sign data (typically blake2b(intent_message), passed as the WebAuthn challenge) and returns the BCS-encoded PasskeyAuthenticator (without the outer scheme flag).

Implementation

Future<Uint8List> sign(Uint8List data) async {
  final credential = await _provider.get(data, _credentialId);
  final clientDataJsonString = utf8.decode(credential.clientDataJson);

  final (r, s) = _decodeDerEcdsaSignature(credential.signature);
  var ecSig = ECSignature(r, s);
  if (!ecSig.isNormalized(curve256r1Params)) {
    ecSig = ecSig.normalize(curve256r1Params);
  }
  final normalized = SignatureData(ecSig.r, ecSig.s).toBytes();

  // userSignature is a serialized secp256r1 signature: flag || sig(64) || pk(33).
  final userSignature = Uint8List(1 + normalized.length + _publicKey.length);
  userSignature[0] = SIGNATURE_SCHEME_TO_FLAG.Secp256r1;
  userSignature.setAll(1, normalized);
  userSignature.setAll(1 + normalized.length, _publicKey);

  return SuiBcs.PasskeyAuthenticator.serialize({
    'authenticatorData': credential.authenticatorData,
    'clientDataJson': clientDataJsonString,
    'userSignature': userSignature,
  }).toBytes();
}