W3C home > Mailing lists > Public > public-webauthn@w3.org > September 2017

Re: [webauthn] Sign counter alg 507

From: Rolf Lindemann via GitHub <sysbot+gh@w3.org>
Date: Fri, 08 Sep 2017 12:30:36 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-328090374-1504873825-sysbot+gh@w3.org>
Regarding https://github.com/w3c/webauthn/pull/539#issuecomment-327450132:

The following code will be merged with the attestation statement format specific verification procedure in U2F Attestation Statement format.
<section>
  <h3>Verification of authenticatorMakeCredential Response</h3>
  <p>
    Platform forwards authenticatorMakeCredential response to RP which follows following procedure to verify it
    <a href="#fig-u2f-compat-makeCredential">(Fig: Mapping: WebAuthn authenticatorMakeCredential to and from CTAP1/U2F Registration Messages)</a>:
  </p>
  <ol>
    <li>Confirms the format of attestation statement is of "fido-u2f" type.</li>
    <li>Unpack CTAP2 Authenticator Data.</li>
    <li>Verify that passed <code>rp.id</code> SHA-256 hash matches with Authenticator Data’s <code>rp.id</code> Hash field.</li>
    <li>Capture public key from the certificate.</li>
    <li>
      Convert COSE_KEY formatted credential public key to CTAP1/U2F public Key format.
      <ul>
        <li>
          Let <code>publicKeyU2F</code> represents converted CTAP1/U2F public representation of COSE_KEY and
          set first byte as 0x04 which signifies uncompressed ECC key format
        </li>
        <li>Extract "-2" (representing x coordinate) from COSE_KEY representation, confirm its size to be of 32 bytes and concatenate it with <code>publicKeyU2F</code></li>
        <li>Extract "-3" (representing y coordinate) from COSE_KEY representation, confirm its size to be of 32 bytes and concatenate it with <code>publicKeyU2F</code></li>
      </ul>
    </li>
    <li>Calculate SHA-256 (0x00 | SHA-256(<code>rp.id</code>) | clientDataHash | CredentialID | <code>publicKeyU2F</code>).</li>
    <li>Verify attestationStatement signature using above hash and public key.</li>
  </ol>
</section>

-- 
GitHub Notification of comment by rlin1
Please view or discuss this issue at https://github.com/w3c/webauthn/pull/539#issuecomment-328090374 using your GitHub account
Received on Friday, 8 September 2017 12:30:31 UTC

This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:27 UTC