Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Verification of publicKey missing in section 3.5 Verifying an Attestation Statement #37

Closed
equalsJeffH opened this issue Mar 13, 2016 · 1 comment
Closed

Verification of publicKey missing in section 3.5 Verifying an Attestation Statement #37

equalsJeffH opened this issue Mar 13, 2016 · 1 comment
Labels
priority:high stat:OKtoDo
Milestone
Last Working Draft

Comments

@equalsJeffH
Copy link
Contributor

Originally submitted by: rlin1, on: Friday Jan 08, 2016 at 09:06 GMT

the verification of the publicKey is missing.
Idea:
Get publicKey from Credential structure.
Depending on core.type do:
(1) "packed": compare with core.rawData.publicKey
(2) "tpm": compute digest of publicKEy and compare against TPMS_ATTEST.qualifiedSigner or TPM_CERTIFY_INFO/TPM_CERTIFY_INFO2.pubKeyDigest.
(3) "safetynet": compare with header.clientData.publicKey
@equalsJeffH equalsJeffH added this to the ms-fido-v2.0-w3c milestone Mar 13, 2016
@equalsJeffH equalsJeffH removed this from the ms-fido-v2.0-w3c milestone Mar 13, 2016
@nadalin nadalin added this to the SPWD milestone Mar 30, 2016
@vijaybh
Copy link
Contributor

vijaybh commented May 6, 2016

I believe this was resolved by #76 which removed a lot of the complexity described here. Please reactivate if you believe this is not the case.

@vijaybh vijaybh closed this as completed May 6, 2016
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
priority:high stat:OKtoDo
Projects
None yet
Milestone
Last Working Draft
Development

No branches or pull requests
3 participants
@equalsJeffH @nadalin @vijaybh