Closed ShaneJANG closed 4 years ago
Same for me. This test used to pass few weeks ago (I will try again with an old release of the app).
@ShaneJANG Try 1.2.0
Unfortunately, there is no change with 1.2.0.
Hereafter the data I have. Options:
Response:
It contains 2 certificates. The leaf certificate can be verified with the first one, but the chain cannot be validated using the 4 certificates received from the authenticator metatada.
Same happens to me with 1.2.0.
There's a mismatch between the subjectKeyIdentifier
and authorityKeyIdentifier
of the certificates, similar to #520. The attestation certificate can be linked to an intermediate certificate and this one to two of the four CA certificates from the metadata, but the authorityKeyIdentifier
s of these two don't match against the subjectKeyIdentifier
of any of the certificates left (or themselves, so they're not self-signed).
Fixed in 1.2.1(will be up in an hour). Please download update metadata.
Sorry for the inconvenience
I confirm it is now fixed. Thank you!
What protocol and version of the protocol are you testing?
FIDO2
What is your implementation class?
Server
What is the version of the tool are you using?
v1.1.6
What is the OS and the version are you running?
windows 10
Issue description
We are under development for FIDO2 Server. During test with FIDO Conformance tools, we are confronted with an error below.
[Error log] Server-ServerAuthenticatorAttestationResponse-Resp-B Test server processing "android-safetynet" attestation P-1 Send a valid ServerAuthenticatorAttestationResponse with "android-safetynet" attestation, and check that server succeeds ‣ Error: Server responed with error. The errorMessage is: Invalid safety net attestation:4241:19)
at let username = generateRandomString();
let displayName = generateRandomName();
return getMakeCredentialsChallenge({'displayName': displayName, 'username':username, 'attestation': 'direct'})
.then((response) => {
return webauthnClient.createCredential(response)
})
.then((response) => {
return sendAttestationResponse(response)
})
at fetch.then.then (eval at compileCode (js/sandbox.js:25:26),
The file we used during test is attached (toc.jwt) toc.zip Is this file occurs this error?
Please give us the information can be referenced.
Thank you.