Bug 1405431 - Be more precise in WebAuthn signature verification assertion r?keeler
There's an intermittent which might be spurious because ASN.1 signatures might
sometimes be less than 70 bytes, but the actual floor is probably 68 (32 + 32
+ 4).
It's a sanity check, so I've adjusted it down and also am now emitting the
offending key bytes if this triggers again.
MozReview-Commit-ID: 1wwU9Q3BUPF
--- a/dom/webauthn/tests/u2futil.js
+++ b/dom/webauthn/tests/u2futil.js
@@ -278,19 +278,19 @@ function sanitizeSigArray(arr) {
arr = arr.slice(arr.length - 32)
}
let ret = new Uint8Array(32);
ret.set(arr, ret.length - arr.length);
return ret;
}
function verifySignature(key, data, derSig) {
- if (derSig.byteLength < 70) {
- console.log("bad sig: " + hexEncode(new Uint8Array(derSig)))
- return Promise.reject("Invalid signature length: " + derSig.byteLength);
+ if (derSig.byteLength < 68) {
+ return Promise.reject("Invalid signature (length=" + derSig.byteLength +
+ "): " + hexEncode(new Uint8Array(derSig)));
}
let sigAsn1 = org.pkijs.fromBER(derSig);
let sigR = new Uint8Array(sigAsn1.result.value_block.value[0].value_block.value_hex);
let sigS = new Uint8Array(sigAsn1.result.value_block.value[1].value_block.value_hex);
// The resulting R and S values from the ASN.1 Sequence must be fit into 32
// bytes. Sometimes they have leading zeros, sometimes they're too short, it