New issue
Advanced search Search tips

Issue 827574 link

Starred by 1 user
Status: Fixed
Owner:
agl@chromium.org
Closed: Jun 2018
Cc:
kenrb@chromium.org
martinkr@google.com
engedy@chromium.org
ssoneff@google.com
kpaulhamus@chromium.org
jdoerrie@chromium.org
mknowles@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: ----
Pri: 2
Type: Bug


Participants' hotlists:
Hotlist-1


Sign in to add a comment

Check that EC public keys start with 0x04

Project Member Reported by engedy@chromium.org, Mar 30 2018 
The spec says that the client should check that EC public keys start with 0x04, but this is not currently done.

Comment 1 by kpaulhamus@chromium.org, Mar 30 2018 

Can you share where in the spec it says that? (I couldn't find it)

Comment 2 by engedy@chromium.org, Mar 30 2018 

I could not, either, but Adam did. :)

Comment 3 by engedy@chromium.org, Mar 31 2018

Labels: Hotlist-WebAuthnFixit
Project Member

Comment 4 by bugdroid1@chromium.org, Apr 4 2018 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/f24199ed239ab9318beedb5534798285a6ef04b8

commit f24199ed239ab9318beedb5534798285a6ef04b8
Author: Adam Langley <agl@chromium.org>
Date: Wed Apr 04 19:04:55 2018

//device/fido: check that EC public keys start with 0x04.

The spec says that they have to, but we weren't checking it from what I
can see.

Bug:  827574 
Change-Id: I96f1a7b5078cfc4c5e88647f47e3a60821901848
Reviewed-on: https://chromium-review.googlesource.com/982632
Commit-Queue: Adam Langley <agl@chromium.org>
Reviewed-by: Balazs Engedy <engedy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#548146}
[modify] https://crrev.com/f24199ed239ab9318beedb5534798285a6ef04b8/device/fido/ec_public_key.cc
[modify] https://crrev.com/f24199ed239ab9318beedb5534798285a6ef04b8/device/fido/ec_public_key.h

Comment 5 by kpaulhamus@chromium.org, Jun 5 2018

Status: Fixed (was: Started)

Sign in to add a comment