signature verification failure
116 views
Skip to first unread message
myeongeun Kwon
Nov 9, 2023, 8:50:06 PM11/9/23
to FIDO Dev (fido-dev)
Hi,
We are generating key pair and signature
MetaData:
Public Key Representation Formats : UAF_ALG_KEY_RSA_2048_PSS_DER
Authentication Algorithms : UAF_ALG_SIGN_RSASSA_PSS_SHA256_RAW
Key Pair:
val keyPairGenerator = KeyPairGenerator.getInstance(KeyProperties.KEY_ALGORITHM_RSA, KEYSTORE)
keyPairGenerator.initialize(
KeyGenParameterSpec.Builder(
"keyAlias",
KeyProperties.PURPOSE_SIGN
).setDigests(KeyProperties.DIGEST_SHA256, KeyProperties.DIGEST_SHA384, KeyProperties.DIGEST_SHA512)
.setAlgorithmParameterSpec(RSAKeyGenParameterSpec(2048, RSAKeyGenParameterSpec.F4))
.setUserAuthenticationRequired(false)
.setSignaturePaddings(KeyProperties.SIGNATURE_PADDING_RSA_PSS)
.build()
)
keyPairGenerator.generateKeyPair()
Signature:
val signature = Signature.getInstance("SHA256withRSA/PSS")
signature.setParameter(PSSParameterSpec("SHA-256", "MGF1", MGF1ParameterSpec.SHA256, 32, 1))
When attempting to pass Authentication tests for an Android app using UAF 1.1 from Protocol-Auth-Resp-3,4 we are encountering a failure in signature verification.
Can anyone help me figure out what we are doing wrong?
We are generating key pair and signature
MetaData:
Public Key Representation Formats : UAF_ALG_KEY_RSA_2048_PSS_DER
Authentication Algorithms : UAF_ALG_SIGN_RSASSA_PSS_SHA256_RAW
Key Pair:
val keyPairGenerator = KeyPairGenerator.getInstance(KeyProperties.KEY_ALGORITHM_RSA, KEYSTORE)
keyPairGenerator.initialize(
KeyGenParameterSpec.Builder(
"keyAlias",
KeyProperties.PURPOSE_SIGN
).setDigests(KeyProperties.DIGEST_SHA256, KeyProperties.DIGEST_SHA384, KeyProperties.DIGEST_SHA512)
.setAlgorithmParameterSpec(RSAKeyGenParameterSpec(2048, RSAKeyGenParameterSpec.F4))
.setUserAuthenticationRequired(false)
.setSignaturePaddings(KeyProperties.SIGNATURE_PADDING_RSA_PSS)
.build()
)
keyPairGenerator.generateKeyPair()
Signature:
val signature = Signature.getInstance("SHA256withRSA/PSS")
signature.setParameter(PSSParameterSpec("SHA-256", "MGF1", MGF1ParameterSpec.SHA256, 32, 1))
When attempting to pass Authentication tests for an Android app using UAF 1.1 from Protocol-Auth-Resp-3,4 we are encountering a failure in signature verification.
Can anyone help me figure out what we are doing wrong?
Paul Heim
Nov 14, 2023, 8:17:47 PM11/14/23
to FIDO Dev (fido-dev), myeongeun Kwon
Please forward your inquiry to to...@certification.fidoalliance.org for guidance and technical support.
Paul Heim | Certification Director | FIDO Alliance
T: +1 623-200-3994
pa...@fidoalliance.org | www.fidoalliance.org
Thank you,
Paul
T: +1 623-200-3994
pa...@fidoalliance.org | www.fidoalliance.org
Reply all
Reply to author
Forward
0 new messages