Hi,
I'm running the "CTAP2.1 Authenticator - Options: Resident Key" tests on my device;
P-1 passes
P-2 and P-3 skip because my authenticator has a display
P-4 fails.
When I look at the MakeCredentials message I receive I see
{
1: h'e7710b73826bf273bf5ee085b8727da3e16de9ce063cd16b40c58ff42c8c7920',
2: {"id": "
soothewait.pw", "name": "The Example Corporation with fake domain!"},
3: {"id": h'a70ab05a1d43bc0972e732ba867b35f469d849f811e6466a6dc68f7dcc7dca39', "name": "
josiah...@satsumakiwi.sv", "displayName": "Josiah Turman"},
4: [{"alg": -7, "type": "public-key"}],
7: {"rk": true}
}
My device returns CTAP2_ERR_OPERATION_DENIED.
I feel like the MakeCredentials message should have pinUvAuthParam and pinUvAuthProtocol fields. Step 7 of the MakeCredentials algorithm seems to confirm this.
The MakeCredentials message in P-1 does contain both pinUvAuthParam and pinUvAuthProtocol fields.
Am I misunderstanding this?
kind regards
Gerry