Replies: 1 comment 1 reply
-
Hi @kimura-ym! Sorry for the late response! This is interesting! I'll try to reproduce the issue with a Windows Hello authenticator but it seems it might be an issue with |
Beta Was this translation helpful? Give feedback.
1 reply
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
I am trying to register a Windows Hello authenticator, but when I specify "attestation": "direct" in the return when issuing a challenge,
"unknown keyword: :curve" error occurs.
The stack trace at the time of the error is as follows
I just followed the code below in debugging,
https://github.com/cedarcode/tpm-key_attestation/blob/c84b4513a5f4fbcced370c48400ab30a9d028351/lib/tpm/certify_validator.rb#L47
The initialization parameters for openssl_signature_algorithm_class were as follows
On the other hand, the openssl side only accepts hash_function, so I assume you are getting an "unknown keyword: :curve" error.
https://github.com/cedarcode/openssl-signature_algorithm/blob/323447bf039c769462b25c89d0df0e9e10dcc5a0/lib/openssl/signature_ algorithm/rsa.rb#L39
Maybe,
https://github.com/cedarcode/openssl-signature_algorithm/blob/323447bf039c769462b25c89d0df0e9e10dcc5a0/lib/openssl/signature_ algorithm/ecdsa.rb#L69
but since the hash_function is "SHA1", I don't think this one works either.
How can an attestation statement in tpm format be verified?
Beta Was this translation helpful? Give feedback.
All reactions