Wrong signature length

Hi!

I do not see why signature field's size is set to 77 here. I could not find any reference to that number, and the CTAP spec mentions 72 as the maximum length. Moreover the expected value is in a comment. If this is not a typo, can you elaborate on the reason?

https://github.com/solokeys/ctap-types/blob/7fa0f08b1fcb0ad9ba6ab08edd8e2b138f96f6e1/src/sizes.rs#L8-L9
https://github.com/solokeys/ctap-types/blob/7fa0f08b1fcb0ad9ba6ab08edd8e2b138f96f6e1/src/ctap2/get_assertion.rs#L78-L87


Relevant CTAP specification excerpt:
- https://fidoalliance.org/specs/fido-v2.1-rd-20210309/#u2f-authenticatorGetAssertion-interoperability , point 5 states
> Set 0x03 with signature field from CTAP1/U2F authentication response message. Note: An ASN.1-encoded ECDSA signature value ranges over 8–72 bytes in length. [[U2FRawMsgs]](https://fidoalliance.org/specs/fido-v2.1-rd-20210309/#biblio-u2frawmsgs) incorrectly states a different length range.

Trussed has its own limits hardcoded [1][2]:
```rust
pub const MAX_SIGNATURE_LENGTH: usize = 72;
pub type Signature = Bytes<MAX_SIGNATURE_LENGTH>;
```

[1] - https://github.com/trussed-dev/trussed/blob/258fe26ce89cd3bb4d84f192f3fe256193946886/src/types.rs#L529
[2] - https://github.com/trussed-dev/trussed/blob/258fe26ce89cd3bb4d84f192f3fe256193946886/src/config.rs#L47


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Wrong signature length #6

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Wrong signature length #6

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions