Probable typo in cryptodep.js@COSE_ALG_HASH

serianox commented 3 months ago

By submitting this issue you are acknowledging that any information regarding this issue will be publicly available.

If you have privacy concerns, please email conformance-tools@fidoalliance.org

FIRST PRE CHECK

[X] I SOLEMNLY SWEAR THAT I HAVE SEARCHED DOCUMENTATION AND WAS NOT ABLE TO RESOLVE MY ISSUE

What protocol are you implementing?

[ ] FIDO2 Server
[ ] CTAP2.0
[X] CTAP2.1
[ ] UAF 1.1
[ ] U2F 1.1
[ ] U2F 1.2

NOTE: UAF 1.0 certification have been officially sunset. U2F 1.2 only supported version of U2F.

What is your implementation class?

[X] Security Key / FIDO2 / U2F authenticators
[ ] Server
[ ] UAF Client-ASM-Authenticator combo
[ ] UAF Client
[ ] UAF ASM-Authenticator

If you are platform authenticator vendor, please email conformance-tools@fidoalliance.org

What is the version of the tool are you using?

1.7.19-1

What is the OS and the version are you running?

For desktop tools

[ ] OSX
[X] Windows
[ ] Linux

For UAF mobile tools

[ ] iOS
[ ] Android

Issue description

It seems there's a typo in in the hash computation for es384.

Hash computation fails with "Error: hashFunction argument is missing!"

In cryptodep.js@COSE_ALG_HASH, ECDSA w/ SHA-384 and SHA-512 are referenced as -36 and -37 resp, whereas in https://www.iana.org/assignments/cose/cose.xhtml they are referenced as -35 and -36 resp.

iirachek commented 3 months ago

Fixed, will be included in the upcoming v1.7.20

serianox commented 2 months ago

Tested OK with 1.7.20-4. 👍

Should I close the issue?

fido-alliance / conformance-test-tools-resources