search

fido-alliance / conformance-test-tools-resources

Certification Test Tools Resources. For security and privacy related issues email tools@certification.fidoalliance.org
https://fidoalliance.org/certification/functional-certification/conformance/
40 stars 14 forks source link

Invalid COSE_HASH_ALG dictionary for certain algorithms #744

Closed ghislaindemael closed 4 months ago

ghislaindemael commented 7 months ago

By submitting this issue you are acknowledging that any information regarding this issue will be publicly available.

If you have privacy concerns, please email conformance-tools@fidoalliance.org

FIRST PRE CHECK

What protocol are you implementing?

What is your implementation class?

If you are platform authenticator vendor, please email conformance-tools@fidoalliance.org

What is the version of the tool are you using?

v1.7.17

What is the OS and the version are you running?

For desktop tools

Issue description

While building my MakeCredential Response, I have a continuous AssertionError: The assertion signature can not be verified!: expected false to be true, while trying to validate my secp521r1_ecdsa_sha512_raw signature.

Fast-forward to the problem, I found that the COSE_ALG_HASH dictionary defined in (...\resources\app.asar\dependencies\cryptodep.js:93 does not link the proper hash algorithms, according to the IANA COSE Algorithms list.

let COSE_ALG_HASH = {
    '-257'  : 'SHA-256', // RSASSA-PKCS1-v1_5 w/ SHA-256 Section 8.2 of [RFC8017]
    '-258'  : 'SHA-384', // RSASSA-PKCS1-v1_5 w/ SHA-384 Section 8.2 of [RFC8017]
    '-259'  : 'SHA-512', // RSASSA-PKCS1-v1_5 w/ SHA-512 Section 8.2 of [RFC8017]
    '-65535': 'SHA-1',   // RSASSA-PKCS1-v1_5 w/ SHA-1 Section 8.2 of [RFC8017]
    '-39'   : 'SHA-512',  // RSASSA-PSS w/ SHA-512  [RFC8230]
    '-38'   : 'SHA-384',  // RSASSA-PSS w/ SHA-384 [RFC8230]
    '-37'   : 'SHA-256',   // RSASSA-PSS w/ SHA-256 [RFC8230]
    '-260'  : 'SHA-256', // TPM_ECC_BN_P256 curve w/ SHA-256
    '-261'  : 'SHA-512', // ECC_BN_ISOP512 curve w/ SHA-512
    '-7'    : 'SHA-256',   // ECDSA w/ SHA-256 
    '-36'   : 'SHA-384',  // ECDSA w/ SHA-384 
    '-37'   : 'SHA-512'  // ECDSA w/ SHA-512
}

In my case, I am using a P-521 curve with a SHA512 hasher, therefore I declare using algorithm -36, however, the Tools hash my message with a SHA-384 hasher, thus giving non-corresponding results.

ghislaindemael commented 7 months ago

@iirachek Is it a quick-fix, or does it require a little more time ?

iirachek commented 7 months ago

The fix itself won't take long, but the publication of a new release build does. I'll look into how the workflow can be adjusted to allow for hotfix releases.

ghislaindemael commented 7 months ago

Thanks for the heads up ! I'll look to dev other aspects while waiting for the hotfix.

iirachek commented 6 months ago

Algorithm identifiers were updated in the latest 1.7.19 version to match the registry, which now should lead to properly hashed messages.