UAF1.1 Server-Auth-Resp-6/F-15 TAG_ASSERTION_INFO.SignatureAlgAndEncoding is NOT set to the used signature algorithm: wrong content is sent

[purrema1]

By submitting this issue you are acknowledging that any information regarding this issue will be publicly available.

If you have privacy concerns, please email conformance-tools@fidoalliance.org

FIRST PRE CHECK

• [X] I SOLEMNLY SWEAR THAT I HAVE SEARCHED DOCUMENTATION AND WAS NOT ABLE TO RESOLVE MY ISSUE

What protocol are you implementing?

• [ ] FIDO2 Server
• [ ] CTAP2.0
• [ ] CTAP2.1
• [X] UAF 1.1
• [ ] U2F 1.1
• [ ] U2F 1.2

NOTE: UAF 1.0 certification have been officially sunset. U2F 1.2 only supported version of U2F.

What is your implementation class?

• [ ] Security Key / FIDO2 / U2F authenticators
• [X] Server
• [ ] UAF Client-ASM-Authenticator combo
• [ ] UAF Client
• [ ] UAF ASM-Authenticator

If you are platform authenticator vendor, please email conformance-tools@fidoalliance.org

What is the version of the tool are you using?

v1.6.39

What is the OS and the version are you running?

For desktop tools

• [ ] OSX
• [X] Windows
• [ ] Linux

For UAF mobile tools

• [ ] #664
• [ ] #665

Issue description

For this scenario the field 'TAG_ASSERTION_INFO.SignatureAlgAndEncoding' is set to 0 (using an Uint8Array) in 'Authenticator.js#509':

SIGNED_DATA_STRUCTURE.TAG_UAFV1_SIGNED_DATA.TAG_ASSERTION_INFO.SignatureAlgAndEncoding = new Uint8Array([0x00]);

But this results in a wrong length of the 'TAG_ASSERTION_INFO' tag.

Instead, 'new Uint16Array([0x00])' has to be used, as in 'Authenticator.js#188' for registration.

[yackermann]

Resolved in 1.6.46

[purrema1]

@herrjemand thx! ok!