myeongeun Kwon
unread,Nov 9, 2023, 8:50:06 PM11/9/23Sign in to reply to author
Sign in to forward
You do not have permission to delete messages in this group
Either email addresses are anonymous for this group or you need the view member email addresses permission to view the original message
to FIDO Dev (fido-dev)
Hi,
We are generating key pair and signature
MetaData:
Public Key Representation Formats : UAF_ALG_KEY_RSA_2048_PSS_DER
Authentication Algorithms : UAF_ALG_SIGN_RSASSA_PSS_SHA256_RAW
Key Pair:
val keyPairGenerator = KeyPairGenerator.getInstance(KeyProperties.KEY_ALGORITHM_RSA, KEYSTORE)
keyPairGenerator.initialize(
KeyGenParameterSpec.Builder(
"keyAlias",
KeyProperties.PURPOSE_SIGN
).setDigests(KeyProperties.DIGEST_SHA256, KeyProperties.DIGEST_SHA384, KeyProperties.DIGEST_SHA512)
.setAlgorithmParameterSpec(RSAKeyGenParameterSpec(2048, RSAKeyGenParameterSpec.F4))
.setUserAuthenticationRequired(false)
.setSignaturePaddings(KeyProperties.SIGNATURE_PADDING_RSA_PSS)
.build()
)
keyPairGenerator.generateKeyPair()
Signature:
val signature = Signature.getInstance("SHA256withRSA/PSS")
signature.setParameter(PSSParameterSpec("SHA-256", "MGF1", MGF1ParameterSpec.SHA256, 32, 1))
When attempting to pass Authentication tests for an Android app using UAF 1.1 from Protocol-Auth-Resp-3,4 we are encountering a failure in signature verification.
Can anyone help me figure out what we are doing wrong?