Skip to content
Snippets Groups Projects
Commit a64d5d41 authored by Fabian Kaczmarczyck's avatar Fabian Kaczmarczyck
Browse files

accept the algorithm identifier used by OpenSSH

parent 690db41d
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
src/ctap/data_formats.rs
+ 3
1
View file @ a64d5d41
......@@ -462,6 +462,8 @@ pub struct CoseKey(pub BTreeMap<cbor::KeyType, cbor::Value>);
// here: https://www.iana.org/assignments/cose/cose.xhtml#algorithms
// In fact, this is just used for compatibility with older specification versions.
const ECDH_ALGORITHM: i64 = -25;
// This is the identifier used by OpenSSH. To be compatible, we accept both.
const ES256_ALGORITHM: i64 = -7;
const EC2_KEY_TYPE: i64 = 2;
const P_256_CURVE: i64 = 1;
......@@ -497,7 +499,7 @@ impl TryFrom<CoseKey> for ecdh::PubKey {
return Err(Ctap2StatusCode::CTAP2_ERR_UNSUPPORTED_ALGORITHM);
}
let algorithm = read_integer(ok_or_missing(cose_key.0.get(&cbor_int!(3)))?)?;
if algorithm != ECDH_ALGORITHM {
if algorithm != ECDH_ALGORITHM && algorithm != ES256_ALGORITHM {
return Err(Ctap2StatusCode::CTAP2_ERR_UNSUPPORTED_ALGORITHM);
}
let curve = read_integer(ok_or_missing(cose_key.0.get(&cbor_int!(-1)))?)?;
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment