Hello everyone,
We have a certified server in our company and now we are asked to make a mobile FIDO UAF Client (based on 1.1 specifications) for iOS and Android (native language)
We are stuck on the last step of the registration. When we create the signature for the surrogate tag (0x2E06), the server rejects it as its size is different than 64 bits.
Here is an example of our code, which is the same as the 3 open source solutions that we found
func getSignature(for dataToSign: [UInt8], key: SecKey) throws -> [UInt8] {
let data = Data(bytes: dataToSign, count: dataToSign.count)
guard let signData = SecKeyCreateSignature(key, SecKeyAlgorithm.ecdsaSignatureMessageX962SHA256, data as CFData, nil) else {
throw FidoError.invalidBiometrics
}
return [UInt8](signData as Data)
}We think that since our server received the FIDO certification, it is the source of truth. However, there is no way for us to have control over signature size except by changing the signature algorithm.
Strangely enough, we have the same issue on iOS and Android.
Any help would be greatly appreciated.
Thx