Signature from Challenge
254 views
Skip to first unread message
richard redpath
Oct 23, 2023, 1:25:37 PM10/23/23
to FIDO Dev (fido-dev)
I got the registration of the Publickey working fine with the Authenticator hardware device and Now the Authentication is next.
The only issue I have here is what is exactly signed?
The challenge is received from the FIDO server.
I fix the challenge to "*richardredpath*" so tracing is easy. Its always the same.
I take this challenge "*richardredpath*"and 256 hash and sign the hash, thats my signature.
Its not really clear anywhere what the signature is on other than I assume the challenge is signed via 256hash it and then sign.
"response": {
"authenticatorData": bufferToBase64url(authData),
"clientDataJSON": base64URLencode(JSON.stringify( sampleClientDataJSON ) ),
"signature": bufferToBase64url(hexToBytes( signature).buffer),
},
So this should be easy to reply.
The only issue I have here is what is exactly signed?
The challenge is received from the FIDO server.
I fix the challenge to "*richardredpath*" so tracing is easy. Its always the same.
I take this challenge "*richardredpath*"and 256 hash and sign the hash, thats my signature.
Its not really clear anywhere what the signature is on other than I assume the challenge is signed via 256hash it and then sign.
"response": {
"authenticatorData": bufferToBase64url(authData),
"clientDataJSON": base64URLencode(JSON.stringify( sampleClientDataJSON ) ),
"signature": bufferToBase64url(hexToBytes( signature).buffer),
},
So this should be easy to reply.
My1
Oct 23, 2023, 1:53:10 PM10/23/23
to richard redpath, FIDO Dev (fido-dev)
Hi,
According to the webAuthn Specs the sig is formed over the Authenticator Data and the Client Data Hash
also please dont forget to verify the signature when registering too.
--
You received this message because you are subscribed to the Google Groups "FIDO Dev (fido-dev)" group.
To unsubscribe from this group and stop receiving emails from it, send an email to fido-dev+u...@fidoalliance.org.
To view this discussion on the web visit https://groups.google.com/a/fidoalliance.org/d/msgid/fido-dev/02c68888-e90e-4101-9031-5c308da2f5b8n%40fidoalliance.org.
richard redpath
Oct 23, 2023, 6:26:24 PM10/23/23
to FIDO Dev (fido-dev), My1, FIDO Dev (fido-dev), richard redpath
Yes I did see that URL which talks about the concatenation
I would take this binary data
b'49960de5880e8c687434170f6476605b8fe4aeb9a28632c7995cf3ba831d97631d0000000078bb32a61d3e7e48c1b2e161ac086a9b3b1d626c24e9ce115b533782a1aa833a'
and hash256 it to this
cf6a03cee7ee0340986f9cd02a50ef3a442a809b737ba6aa74d23711102a2165
and then sign the Hash256 for the signature.
I assume the FIDO server takes the message and makes a hash256 to verify it with the signature.
so if my AuthenticatorData is this
"49960de5880e8c687434170f6476605b8fe4aeb9a28632c7995cf3ba831d97631d00000000"
which is really this in its parts
var RPIDhash = "49960de5880e8c687434170f6476605b8fe4aeb9a28632c7995cf3ba831d9763"; //256 hash of "localhost" (32 bytes)
var flags = "1d"; //1 byte
var counter = "00000000"; //do not need one 4 bytes
and my clientData is this data string.
{"type":"webauthn.get","challenge":"KnJpY2hhcmRyZWRwYXRoKg","origin":"http://localhost:5000","crossOrigin":false,"other_keys_can_be_added_here":"do not compare clientDataJSON against a template. See https://goo.gl/yabPex"}
which is hashed to this
78bb32a61d3e7e48c1b2e161ac086a9b3b1d626c24e9ce115b533782a1aa833a
The concatenation is this for the message.
49960de5880e8c687434170f6476605b8fe4aeb9a28632c7995cf3ba831d97631d0000000078bb32a61d3e7e48c1b2e161ac086a9b3b1d626c24e9ce115b533782a1aa833a
which is what I see as a dump
message
b'49960de5880e8c687434170f6476605b8fe4aeb9a28632c7995cf3ba831d97631d0000000078bb32a61d3e7e48c1b2e161ac086a9b3b1d626c24e9ce115b533782a1aa833a'
Now Do I take this message (binary data) and sign it for the Signature?
"49960de5880e8c687434170f6476605b8fe4aeb9a28632c7995cf3ba831d97631d00000000"
which is really this in its parts
var RPIDhash = "49960de5880e8c687434170f6476605b8fe4aeb9a28632c7995cf3ba831d9763"; //256 hash of "localhost" (32 bytes)
var flags = "1d"; //1 byte
var counter = "00000000"; //do not need one 4 bytes
and my clientData is this data string.
{"type":"webauthn.get","challenge":"KnJpY2hhcmRyZWRwYXRoKg","origin":"http://localhost:5000","crossOrigin":false,"other_keys_can_be_added_here":"do not compare clientDataJSON against a template. See https://goo.gl/yabPex"}
which is hashed to this
78bb32a61d3e7e48c1b2e161ac086a9b3b1d626c24e9ce115b533782a1aa833a
The concatenation is this for the message.
49960de5880e8c687434170f6476605b8fe4aeb9a28632c7995cf3ba831d97631d0000000078bb32a61d3e7e48c1b2e161ac086a9b3b1d626c24e9ce115b533782a1aa833a
which is what I see as a dump
message
b'49960de5880e8c687434170f6476605b8fe4aeb9a28632c7995cf3ba831d97631d0000000078bb32a61d3e7e48c1b2e161ac086a9b3b1d626c24e9ce115b533782a1aa833a'
Now Do I take this message (binary data) and sign it for the Signature?
I would take this binary data
b'49960de5880e8c687434170f6476605b8fe4aeb9a28632c7995cf3ba831d97631d0000000078bb32a61d3e7e48c1b2e161ac086a9b3b1d626c24e9ce115b533782a1aa833a'
and hash256 it to this
cf6a03cee7ee0340986f9cd02a50ef3a442a809b737ba6aa74d23711102a2165
and then sign the Hash256 for the signature.
I assume the FIDO server takes the message and makes a hash256 to verify it with the signature.
Thanks in advance.
richard redpath
Oct 24, 2023, 8:20:57 AM10/24/23
to FIDO Dev (fido-dev), richard redpath, My1, FIDO Dev (fido-dev)
And that all worked nicely
Thanks for the help. Register and Authenticate sandbox works fine for the roaming Authenticator
My1
Oct 24, 2023, 8:32:49 AM10/24/23
to richard redpath, FIDO Dev (fido-dev)
nice to hear that all worked out
Muhammad Bilal
Oct 24, 2023, 10:45:53 AM10/24/23
to My1, richard redpath, FIDO Dev (fido-dev)
To view this discussion on the web visit https://groups.google.com/a/fidoalliance.org/d/msgid/fido-dev/CACHSkNoU0UfNapVAnDBmnBvTp0c%3DGseAE6Py5Vj5AgFMhw5UiQ%40mail.gmail.com.
Reply all
Reply to author
Forward
0 new messages