Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Failure in messages decoding during TO0 and TO1 #5

Open
Sai-Anudeep47 opened this issue Apr 10, 2023 · 7 comments
Open

Failure in messages decoding during TO0 and TO1 #5

Sai-Anudeep47 opened this issue Apr 10, 2023 · 7 comments
Assignees
Labels

Comments

@Sai-Anudeep47
Copy link

Sai-Anudeep47 commented Apr 10, 2023

Hi @herrjemand

After building and starting the FIDO Conformance Server in onprem mode, server returns "Failed to decode body" error during TO0 and TO1 protocols specifically message 22 and message 30.

Logs for such errors are attached from both FIDO Conformance Server and from FDO clients.

client_to0_msg22_fail_logs.txt

fdo_conformance_server_to0_logs.txt

client_to1_msg30_fail_logs.txt

fdo_conformance_server_to1_logs.txt

@yackermann
Copy link
Contributor

Hey @Sai-Anudeep47.

Your OwnerSign To0d is not bstr, but CBOR array.

Screenshot 2023-04-26 at 20 54 55

But it must be bstr

https://drafts.fidoalliance.org/internet-of-things-specs/stable-links-to-latest/FIDO-IoT-spec.html#rvblobsendmsg
Screenshot 2023-04-26 at 20 58 03

@GeofCooper
Copy link

GeofCooper commented May 8, 2023

Looks that way to me, too. @rftemple is taking a look.

Since we have done interop between LF-Edge and RedHat in the past, suggest that @7flying take a look to see if they have the same issue.

Why this is a "bstr .cbor": because you have to run the hash value on the CBOR and put the value into

TO0.OwnerSign.to1d...to1dBlobPayload.to1dTo0dHash

Important: the hash must be computed on the contents of the BSTR, without the bstr wrapper's own cbor encoding. I.e., the first thing included in the hash is the array[2] header 0x82.

@GeofCooper
Copy link

This is an issue with at least the LF-Edge implementation.
"Not a bug" for the test suite (actually, good job, Yuriy!)
Please keep this issue open with "wontfix" for now, so we can track the implementations that need fixes.

@7flying
Copy link

7flying commented May 9, 2023

Reference to RH's issue: fdo-rs/fido-device-onboard-rs#496

@yackermann
Copy link
Contributor

@GeofCooper Super! Let me know if you need any help!

@puiterwijk
Copy link

puiterwijk commented Jun 23, 2023

Note that TO0.OwnerSign.to0d used to be a cbor array in v1.0, so this feels like something is sending a v1.0 message to a v1.1 peer.

@pheimfido
Copy link

FDO certification will certify implementations [end products (devices), onboarding services (devices), and RV servers] beginning with FDO v1.1. All, will FIDO Certification encounter implementations against FDO v1.0? @GeofCooper @gmandyam @rftemple @puiterwijk @7flying @quanvincss

@pheimfido pheimfido added Invalid This doesn't seem right and removed wontfix labels Sep 12, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

No branches or pull requests

6 participants