|
@@ -380,8 +380,8 @@ discard block |
|
|
block discarded – undo |
|
380
|
380
|
* §8.2 Step 2 Bullet 1: check signature |
|
381
|
381
|
*/ |
|
382
|
382
|
$retCode = openssl_verify($sigdata, $stmtDecoded['sig'], $keyResource, "sha256"); |
|
383
|
|
- if ( $retCode !== 1) { |
|
384
|
|
- $this->fail("Packed signature mismatch (return code $retCode, for :authdata:".$attestationArray['authData']." - :clientDataHash:".$this->clientDataHash." - :signature:".$stmtDecoded['sig']."), attestation failed."); |
|
|
383
|
+ if ($retCode !== 1) { |
|
|
384
|
+ $this->fail("Packed signature mismatch (return code $retCode, for :authdata:" . $attestationArray['authData'] . " - :clientDataHash:" . $this->clientDataHash . " - :signature:" . $stmtDecoded['sig'] . "), attestation failed."); |
|
385
|
385
|
} |
|
386
|
386
|
$this->pass("x5c sig check passed."); |
|
387
|
387
|
} |
|
@@ -482,7 +482,7 @@ discard block |
|
|
block discarded – undo |
|
482
|
482
|
} |
|
483
|
483
|
|
|
484
|
484
|
// Keymaster 3 - KeyMint ??? |
|
485
|
|
- private const ORIGINS_3 = [ // https://source.android.com/docs/security/features/keystore/tags#origin |
|
|
485
|
+ private const ORIGINS_3 = [// https://source.android.com/docs/security/features/keystore/tags#origin |
|
486
|
486
|
0 => "GENERATED", |
|
487
|
487
|
1 => "DERIVED", |
|
488
|
488
|
2 => "IMPORTED", |
|
@@ -700,7 +700,7 @@ discard block |
|
|
block discarded – undo |
|
700
|
700
|
* STEP 13 of the validation procedure in § 7.1 of the spec: is the algorithm the expected one? |
|
701
|
701
|
*/ |
|
702
|
702
|
if (in_array($arrayPK['3'], self::PK_ALGORITHM)) { // we requested -7 or -257, so want to see it here |
|
703
|
|
- $this->algo = (int)$arrayPK['3']; |
|
|
703
|
+ $this->algo = (int) $arrayPK['3']; |
|
704
|
704
|
$this->pass("Public Key Algorithm is expected (" . implode(' or ', WebAuthnRegistrationEvent::PK_ALGORITHM) . ")."); |
|
705
|
705
|
} else { |
|
706
|
706
|
$this->fail("Public Key Algorithm mismatch!"); |
simplesamlphp /
simplesamlphp-module-webauthn
