Server-ServerAuthenticatorAttestationResponse-Resp-9 P-2 ServerAuthenticatorAttestationResponse with "tpm" attestation for SHA-1 throws DataError

[s1r-J]

By submitting this issue you are acknowledging that any information regarding this issue will be publicly available.

If you have privacy concerns, please email conformance-tools@fidoalliance.org

FIRST PRE CHECK

• [x] I SOLEMNLY SWEAR THAT I HAVE SEARCHED DOCUMENTATION AND WAS NOT ABLE TO RESOLVE MY ISSUE

What protocol are you implementing?

• [x] FIDO2 Server
• [ ] CTAP2.0
• [ ] CTAP2.1
• [ ] UAF 1.1
• [ ] U2F 1.1
• [ ] U2F 1.2

NOTE: UAF 1.0 certification have been officially sunset. U2F 1.2 only supported version of U2F.

What is your implementation class?

• [ ] Security Key / FIDO2 / U2F authenticators
• [x] Server
• [ ] UAF Client-ASM-Authenticator combo
• [ ] UAF Client
• [ ] UAF ASM-Authenticator

If you are platform authenticator vendor, please email conformance-tools@fidoalliance.org

What is the version of the tool are you using?

v1.7.11

What is the OS and the version are you running?

For desktop tools

• [ ] OSX
• [x] Windows
• [ ] Linux

For UAF mobile tools

• [ ] iOS
• [ ] Android

Issue description

The following test are failing. The test throws an error.

Server-ServerAuthenticatorAttestationResponse-Resp-9 Test server processing "tpm" attestation P-2 Send a valid ServerAuthenticatorAttestationResponse with "tpm" attestation for SHA-1, and check that server succeeds

Error message is below.

DataError: The JWK "alg" member was inconsistent with that specified by the Web Crypto call

Sorry if it's wrong, I think the test tool and chromium which the test tool is based on cause the error.

And I found the same issue on Google Groups(Questions about the conformance tool v1.7.7+). Is this problem not resolved yet?

I would like some advice.

[Milton-Ch]

I have this same problem, any news?

[Dstoney]

Good

[roy870821]

I have this problem too，version is v1.7.14，How can I solve it?

[sbweeden]

You can't solve it - FIDO will have to release a new version of the test tool with a fix.

[roy870821]

You can't solve it - FIDO will have to release a new version of the test tool with a fix. understand，thanks for response

[yackermann]

Resolved

[ynojima]

I still face the same issue with v1.7.14. Have you released a new version?

[yackermann]

@ynojima try updating metadata

[sbweeden]

The problem is fixed by this recent commit (I know not everyone will have access to this repo), and a new build of the conformance tool is required. I patched my v1.7.14 test tool with a modification made to ctap2Authenticator.js from that commit and was able to successfully run the test case.

[ynojima]

@herrjemand I still face the issue after updating the metadata with one downloaded from v1.7.14. @sbweeden "Thank you for letting me know. Then, I'll wait for the next release.

[iirachek]

@ynojima We've uploaded a new build v1.7.15 with a fix for this issue.

[sbweeden]

@iirachek why is only the windows version published (no dmg for Mac)?

[iirachek]

@sbweeden Minor complications with building it. The .dmg will be up by the end of the day.

[s1r-J]

I checked that this issue has been fixed in v1.7.15 on Windows. Thank you, I appreciate it.