ECDSA Signature Verification.

Adolfo Botello

unread,

Dec 15, 2016, 5:07:48 PM12/15/16

to FIDO Dev (fido-dev)

Hi.

I'm having a little trouble getting my signature to verify using the conformance tool.

Signature Algorithm and Encoding = UAF_ALG_SIGN_SECP256R1_ECDSA_SHA256_DER 0x02

Hex Value

304402201a15b6aaddf9fc4e876ac8a88827365362a89d3eac3a34c52004dd3b016c6c5e02201e853e234a6e91d1aa0ab7cd67f1a5a6d84c17793baf1bfe64658e1fb2c82eb4

This is DER encoded. <3044><0220><R><0220><S>

Public Key Algorithm and Encoding = UAF_ALG_KEY_ECC_X962_RAW 0x100

Hex Value

04c9174582f754b415b9e2af4bb131ad18b6e48876084a641615b9249a4fb38af23f1f792ef087799b34480569aa43f301ccb7540f6284d7e76b0319aaf7cafd69

Because of 0x04 this is a RAW Key

And total length of the KRD is what i'm signing, including the TAG, and Length.

033ebc000b2e..-->...69

I was able to verify this on testcases as well as both client and server.

My manual testing shows that every other test case succeeded until the signature verification.

The current manual testing error is:

Reg/Auth-Resp-7-F-29:RegistrationResponse - signature verification failed

But since this is a registration, the the server is not aware of the count value to begin with, so it being 0 should be fine.

I've recently switched my uaf implementation to utilize the android keystore and I see that in Nov 4th (last month) there was a similar problem that was related to the Conformance Test and ECDSA algorithms.

Is this a similar issue? Could there be some relation to the recent switch to android keystore?

Thanks

Nischal Bansal

unread,

Dec 16, 2016, 5:36:46 AM12/16/16

to FIDO Dev (fido-dev)

Hi Adolfo,

Why are you using different algorithm for Key generation (RAW) and Signature (DER). This could be a problem.

Make sure the value, mentioned in your metadata corresponding to your public key (publicKeyAlgAndEncoding) and signature (authenticationAlgorithm).

Adolfo Botello

unread,

Dec 16, 2016, 9:33:33 AM12/16/16

to FIDO Dev (fido-dev)

Hi Nischal.

Thanks for responding.

I'll take a look and see if i can convert the DER signature to RAW.

Although, I don't see why that would be an issue which would prohibit the verification to complete successfully. Once the key is generated from whatever kind of format it has, it should be able to verify a signature in whatever format is dictated in both the TLV and the metadata.

As for the my metadata fields, I've verified that they are correctly defining publicKeyAlgAndEncoding and authenticationAlgorithm with the formats I am using. When the metadata fields are wrong, the error changes to 'Unknown format <257/258/etc>"

I would like to rule out that the ECDSA verification issue which was resolved last month is not an the same issue as this. How can I go about checking this?

https://groups.google.com/a/fidoalliance.org/forum/?utm_medium=email&utm_source=footer#!searchin/fido-dev/ECDSA/fido-dev/Uh4jYFMz0PE/v8b1mNJQAgAJ