Allow authentication caller to provide raw hashed challenge

authenticate.go

@@ -109,10 +109,20 @@ func authenticateRequest(req *AuthenticateRequest) ([]byte, []byte, error) {
 		return nil, nil, fmt.Errorf("Error marshaling clientData to json: %s", err)
 	}
 
+	var challengeHash []byte
+	if req.RawChallenge {
+		challengeHash, err = websafeDecode(req.Challenge)
+		if err != nil {
+			return []byte{}, []byte{}, fmt.Errorf("base64 challenge: %s", err)
+		}
+	} else {
+		challengeHash = sha256(clientJson)
+	}
+
 	// Pack into byte array
 	// https://fidoalliance.org/specs/fido-u2f-v1.0-nfc-bt-amendment-20150514/fido-u2f-raw-message-formats.html#authentication-request-message---u2f_authenticate
 	request := butil.Concat(
-		sha256(clientJson),
+		challengeHash,
 		sha256([]byte(req.AppId)),
 		[]byte{byte(len(keyHandle))},
 		keyHandle,

types.go

@@ -76,6 +76,10 @@ type AuthenticateRequest struct {
 	// Optional boolean (defaults to false) to use WebAuthn authentication with U2f
 	// devices
 	WebAuthn bool
+
+	// Optional boolean (defaults to false) that indicates the Challenge string is a raw
+	// base64 websafe SHA256 hash that should be used directly as the authentication challenge
+	RawChallenge bool
 }
 
 // A response from an Authenticate operation.