search

fido-alliance / conformance-test-tools-resources

Certification Test Tools Resources. For security and privacy related issues email tools@certification.fidoalliance.org
https://fidoalliance.org/certification/functional-certification/conformance/
40 stars 14 forks source link

Creation of key with ES512 algorithm expects 64 bytes for public key x and y component length instead of 66 bytes based on P-521 curve #723

Closed ryarana closed 10 months ago

ryarana commented 11 months ago

By submitting this issue you are acknowledging that any information regarding this issue will be publicly available.

If you have privacy concerns, please email conformance-tools@fidoalliance.org

FIRST PRE CHECK

What protocol are you implementing?

NOTE: UAF 1.0 certification have been officially sunset. U2F 1.2 only supported version of U2F.

What is your implementation class?

If you are platform authenticator vendor, please email conformance-tools@fidoalliance.org

What is the version of the tool are you using?

1.7.14

What is the OS and the version are you running?

Windows 10 For desktop tools

For UAF mobile tools

Issue description

Based on WebAuth, https://www.w3.org/TR/webauthn-2/#sctn-alg-identifier Keys with algorithm ES512 (-36) MUST specify P-521 (3) as the crv parameter and MUST NOT use the compressed point form.

While testing using the self-conformance tool v1.7.14 for CTAP 2.1, I encountered the following error: Authr-MakeCred-Resp-1 Test registration response, and “packed” attestation: P-02 AssertionError: For ES512 x coefficient MUST be exactly 64 bytes long!: expected 66 to equal 64 at n.eval (eval at compileCode (js/sandbox.js:25:26), :6482:28)

The authenticator under test returned 66 bytes for the x and y component for ES512 (which is correct for P-521 curve) but the tool expects 64 bytes. In addition, the self-conformance tool code snippet below expects P-521/secp521r1 but its expected length is wrong. _… } else if(COSE_ALG_TO_FIDO_ALG_SHORT[keyStruct[COSE_KEYS.alg]] === ‘secp521r1_ecdsa_sha512_raw’ { assert.strictEqual(keyCBORStruct[COSE_KEYS.x].byteLength, 64, ‘For ES512 x coefficient MUST be exactly 64 bytes long!’); assert.strictEqual(keyCBORStruct[COSEKEYS.y].byteLength, 64, ‘For ES512 y coefficient MUST be exactly 64 bytes long!’); } …

iirachek commented 10 months ago

Sorry for the wait. This issue has been addressed and a fix will be available in the upcoming build. I'll notify you, when the build is published.