Re: [webauthn] Assertion signatures: raw or ASN.1 wrapped? (#1829) from Matthew Miller via GitHub on 2022-11-23 (public-webauthn@w3.org from November 2022)

From: Matthew Miller via GitHub <sysbot+gh@w3.org>
Date: Wed, 23 Nov 2022 14:43:26 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-1325179430-1669214605-sysbot+gh@w3.org>

For what it's worth I just finished a big refactor of my SimpleWebAuthn library to use the WebCrypto JS API for signature verification. Testing against FIDO Conformance and the test cases that I'd accumulated using real responses, it was always responses with public keys with `kty: 2` (EC2) that required the unwrapping of the raw signature bytes from an ASN.1 structure. Public keys that mapped to `kty: 1` (OKP, almost always with alg `-8` [Ed25519]) and `kty: 3` required no such manipulation. For `kty: 2` the unwrapping has needed to occur regardless of the key's `alg`.



-- 
GitHub Notification of comment by MasterKale
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1829#issuecomment-1325179430 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config

Received on Wednesday, 23 November 2022 14:43:28 UTC