RegisterResult::CTAP2 needs to return serialised json blob
Firstyear opened this issue · 2 comments
RegisterResult::CTAP2 currently has the signature CTAP2(AttestationObject, CollectedClientData)
. However, AttestationObject contains a hash of the serialised bytes of CollectedClientData. By returning it in a struct form, the caller needs to re-serialise CollectedClientData identically as performed in the signature, which may open up instability or unreliability. Instead, RegisterResult::CTAP2 should return CTAP2(AttestationObject, Vec<u8>)
where vec is the serialised CollectedClientData in byte form, which was used in the signature process of the attestation object.
@msirringhaus I can't assign the CTAP2 label to this issue, so I'll need you to do this :)
Closing this, since we don't return CollectedClientData
anymore. It's now expected that the user serializes and hashes the client data prior to calling register or sign.