FIDO Confirmation Testing Attestation Trust issue
26 views
Skip to first unread message
Abhijai K P
Oct 23, 2025, 11:15:43 AM (2 days ago) Oct 23
to FIDO Dev (fido-dev), Abhijai K P
Hi,
I have implemented an mds3 FIDO server using Yubico webauthn library for passkey web authentication in my project.
After implementation, I've started testing the server with the FIDO conformance tool.
But for MakeCredential Response server test, Some tests are failing.
It throws an error : Registration verification failed: java.lang.IllegalArgumentException: Failed to derive trust for attestation key.
I've downloaded, extracted, and put into the folder example/fido-conformance-mds by clicking the button "Download Test Metadata" in the tool.
I have imported all the metadata files to the server (com.yubico.fido.metadata.MetadataBLOBPayload)
Created trustsource from (com.yubico.fido.metadata.FidoMetadataService)
Test : P-5 Send a valid ServerAuthenticatorAttestationResponse with SELF "packed" attestation, for "ALG_SIGN_RSASSA_PKCSV15_SHA256_RAW" aka "RS256" algorithm, and check that server succeeds
What is the issue here? am I missing something?
Need the solution ASAP.
I have implemented an mds3 FIDO server using Yubico webauthn library for passkey web authentication in my project.
After implementation, I've started testing the server with the FIDO conformance tool.
But for MakeCredential Response server test, Some tests are failing.
It throws an error : Registration verification failed: java.lang.IllegalArgumentException: Failed to derive trust for attestation key.
I've downloaded, extracted, and put into the folder example/fido-conformance-mds by clicking the button "Download Test Metadata" in the tool.
I have imported all the metadata files to the server (com.yubico.fido.metadata.MetadataBLOBPayload)
Created trustsource from (com.yubico.fido.metadata.FidoMetadataService)
Test : P-5 Send a valid ServerAuthenticatorAttestationResponse with SELF "packed" attestation, for "ALG_SIGN_RSASSA_PKCSV15_SHA256_RAW" aka "RS256" algorithm, and check that server succeeds
What is the issue here? am I missing something?
Need the solution ASAP.
Reply all
Reply to author
Forward
0 new messages