Closed sbweeden closed 11 months ago
By submitting this issue you are acknowledging that any information regarding this issue will be publicly available.
If you have privacy concerns, please email conformance-tools@fidoalliance.org
NOTE: UAF 1.0 certification have been officially sunset. U2F 1.2 only supported version of U2F.
If you are platform authenticator vendor, please email conformance-tools@fidoalliance.org
v1.7.12
MacOS
For desktop tools
For UAF mobile tools
For test: Server-ServerAuthenticatorAttestationResponse-Resp-A Test server processing "android-key" P-1 Send a valid ServerAuthenticatorAttestationResponse with "android-key" attestation, and check that server succeeds
Code here: https://github.com/fido-alliance/fido2-server-conformance-module/blob/main/tests/Server/MakeCredential/Server-ServerAuthenticatorAttestationResponse-Resp-A.js#L27
You can see this uses a metadata file with AAGUID: 550e4b54-aa47-409f-9a95-1ab76c130131
Which corresponds to metadata file: https://github.com/fido-alliance/fido2-server-conformance-module/blob/main/metadata/CTAP2Secp256r1AndroidAttestation.metadata3.json#L23
Notice that the attestationTypes element contains only anonca. It should be basic_full since Android Keystore attestations are a type of Basic attestation (see https://w3c.github.io/webauthn/#sctn-android-key-attestation)
attestationTypes
anonca
basic_full
Resolved
iirachek
commented
11 months ago
By submitting this issue you are acknowledging that any information regarding this issue will be publicly available.
If you have privacy concerns, please email conformance-tools@fidoalliance.org
FIRST PRE CHECK
What protocol are you implementing?
NOTE: UAF 1.0 certification have been officially sunset. U2F 1.2 only supported version of U2F.
What is your implementation class?
If you are platform authenticator vendor, please email conformance-tools@fidoalliance.org
What is the version of the tool are you using?
v1.7.12
What is the OS and the version are you running?
MacOS
For desktop tools
For UAF mobile tools
Issue description
For test: Server-ServerAuthenticatorAttestationResponse-Resp-A Test server processing "android-key" P-1 Send a valid ServerAuthenticatorAttestationResponse with "android-key" attestation, and check that server succeeds
Code here: https://github.com/fido-alliance/fido2-server-conformance-module/blob/main/tests/Server/MakeCredential/Server-ServerAuthenticatorAttestationResponse-Resp-A.js#L27
You can see this uses a metadata file with AAGUID: 550e4b54-aa47-409f-9a95-1ab76c130131
Which corresponds to metadata file: https://github.com/fido-alliance/fido2-server-conformance-module/blob/main/metadata/CTAP2Secp256r1AndroidAttestation.metadata3.json#L23
Notice that the
attestationTypeselement contains onlyanonca. It should bebasic_fullsince Android Keystore attestations are a type of Basic attestation (see https://w3c.github.io/webauthn/#sctn-android-key-attestation)