Signature Match when validating assertions #5
Comments
|
I wasn't able to get any of the routes to controller working, so I wasn't able to debug this. The verify call looks fine but it's hard to tell if the inputs are ok without seeing them. |
|
Thank you for looking in to it. Did you check out the new branch? Index.html should work (you get some 404 but they are not affecting the attestation or assertion calls.
/Anders (from phone)
On Mon, Aug 6, 2018 at 11:17 PM +0200, "Alex Seigler" <[email protected]> wrote:
I wasn't able to get any of the routes to controller working, so I wasn't able to debug this. The verify call looks fine but it's hard to tell if the inputs are ok without seeing them.
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub, or mute the thread.
|
|
I was trying use the register user button on the login.html page, get 404 to makeCredential (on new branch). Didn't have enough time to get any further. |
|
I will look into it tomorrow morning and see if I messed something up.
/Anders (from phone)
On Mon, Aug 6, 2018 at 11:46 PM +0200, "Alex Seigler" <[email protected]> wrote:
I was trying use the register user button on the login.html page, get 404 to makeCredential (on new branch). Didn't have enough time to get any further.
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub, or mute the thread.
|
|
I figured out what you are doing. The signature is malformed. In your test code, line 132, you will find the signature is 64 bytes long, which is correct length. If you take the exact string for signature from assertionNoneResponse.json, feed that to StringToByteArray(), then feed the result of that to ParseSigData(), the result will work. Like this:
Something about how the signature was stored or how it is being retrieved from the json file is causing the problem. I understand what you are doing now with the tests, and will write some cases. |
|
Because of the custom JsonConvert we do not need to use StringToByteArray in the actual solution but I didn't realize I needed to perform the PareSigData.. We should probably add more docs to that function to explain why it parses it. 👍 Good find! |
Lots of API improvements and new endpoints for assertions have been added in the new-front branch.
However, signature matching still fails.
@aseigler Do you see anything wrong with how I extract the public key, concatenate bytes or do the verify call?
Code is here:
3e1237f#diff-16c131d9cd22eb6badda0902b79690cfR134
(line 131-133 is just dummy test code to make to test signatures)
The text was updated successfully, but these errors were encountered: