FIDO UAF 1.1 - Registration signature issue
71 views
Skip to first unread message
Jérôme TONNELIER
Apr 15, 2022, 9:22:30 AM4/15/22
to FIDO Dev (fido-dev)
Hello everyone,
func getSignature(for dataToSign: [UInt8], key: SecKey) throws -> [UInt8] {
let data = Data(bytes: dataToSign, count: dataToSign.count)
guard let signData = SecKeyCreateSignature(key, SecKeyAlgorithm.ecdsaSignatureMessageX962SHA256, data as CFData, nil) else {
throw FidoError.invalidBiometrics
}
return [UInt8](signData as Data)
}
We have a certified server in our company and now we are asked to make a mobile FIDO UAF Client (based on 1.1 specifications) for iOS and Android (native language)
We are stuck on the last step of the registration. When we create the signature for the surrogate tag (0x2E06), the server rejects it as its size is different than 64 bits.
Here is an example of our code, which is the same as the 3 open source solutions that we found
let data = Data(bytes: dataToSign, count: dataToSign.count)
guard let signData = SecKeyCreateSignature(key, SecKeyAlgorithm.ecdsaSignatureMessageX962SHA256, data as CFData, nil) else {
throw FidoError.invalidBiometrics
}
return [UInt8](signData as Data)
}
We think that since our server received the FIDO certification, it is the source of truth. However, there is no way for us to have control over signature size except by changing the signature algorithm.
Strangely enough, we have the same issue on iOS and Android.
Any help would be greatly appreciated.
Thx
Mayra Morales Silva
Apr 15, 2022, 10:11:23 AM4/15/22
to Jérôme TONNELIER, FIDO Dev (fido-dev)
Po favor no me envien mas correos hablado en idioma Inglés.Pues no domino el idioma Inglés y no entiendo nada de lo que me escriben y es constantemente enviandome y enviandome correos que no se cual es el objetivo y la finalidad de tantos correos que me envian.De la misma forma que ustedes quizás no entiendan el Español, de esa misma forma yo no entiendo el Inglés.Se los agradeceré...ó escriban en Español para saber que me quieren decir.Agradeciendo su atención al respecto.Queda de ustedes con saludos afectuosos.Mayi
--
You received this message because you are subscribed to the Google Groups "FIDO Dev (fido-dev)" group.
To unsubscribe from this group and stop receiving emails from it, send an email to fido-dev+u...@fidoalliance.org.
To view this discussion on the web visit https://groups.google.com/a/fidoalliance.org/d/msgid/fido-dev/59acf9af-6c1a-4997-90b9-1aaf3332a6can%40fidoalliance.org.
Reply all
Reply to author
Forward
0 new messages