mozilla/authenticator-rs

RegisterResult::CTAP2 needs to return serialised json blob

Firstyear opened this issue · 2 comments

RegisterResult::CTAP2 currently has the signature CTAP2(AttestationObject, CollectedClientData). However, AttestationObject contains a hash of the serialised bytes of CollectedClientData. By returning it in a struct form, the caller needs to re-serialise CollectedClientData identically as performed in the signature, which may open up instability or unreliability. Instead, RegisterResult::CTAP2 should return CTAP2(AttestationObject, Vec<u8>) where vec is the serialised CollectedClientData in byte form, which was used in the signature process of the attestation object.

@msirringhaus I can't assign the CTAP2 label to this issue, so I'll need you to do this :)

Closing this, since we don't return CollectedClientData anymore. It's now expected that the user serializes and hashes the client data prior to calling register or sign.