New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 851057 link

Starred by 1 user
Status: Fixed
Owner:
hongjunchoi@chromium.org
Last visit > 30 days ago
Closed: Jun 2018
Cc:
kenrb@chromium.org
martinkr@google.com
engedy@chromium.org
ssoneff@google.com
kpaulhamus@chromium.org
jdoerrie@chromium.org
mknowles@chromium.org
Components:
EstimatedDays: 1
NextAction: ----
OS: Linux , Windows , Chrome , Mac
Pri: 3
Type: Bug



Sign in to add a comment

Add version string check to AuthenticatorGetInfo response

Project Member Reported by hongjunchoi@chromium.org, Jun 8 2018 
With new changes to the CTAP spec, only "FIDO_2_0" and "U2F_V_2" are allowed for strings for versions.
Project Member

Comment 1 by bugdroid1@chromium.org, Jun 18 2018 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/b5db59bcb54ab983475f0c72098fb8cf18a287a1

commit b5db59bcb54ab983475f0c72098fb8cf18a287a1
Author: Jun Choi <hongjunchoi@chromium.org>
Date: Mon Jun 18 21:52:59 2018

Enforce stricter restrictions of version response

Response to CTAP AuthenticatorGetInfo command contains supported versions.
Previously, the CTAP spec did not specify exactly which strings to expect
for versions, but with the new spec, only 2 -- "FIDO_2_0" and "U2F_V_2"
are expected to be present as versions.

Bug:  851057 
Change-Id: Iac1b3c45205a956e927aa2be3e6064c479b84481
Reviewed-on: https://chromium-review.googlesource.com/1093542
Commit-Queue: Jun Choi <hongjunchoi@chromium.org>
Reviewed-by: Jan Wilken Dörrie <jdoerrie@chromium.org>
Cr-Commit-Position: refs/heads/master@{#568180}
[modify] https://crrev.com/b5db59bcb54ab983475f0c72098fb8cf18a287a1/device/fido/authenticator_get_info_response.cc
[modify] https://crrev.com/b5db59bcb54ab983475f0c72098fb8cf18a287a1/device/fido/authenticator_get_info_response.h
[modify] https://crrev.com/b5db59bcb54ab983475f0c72098fb8cf18a287a1/device/fido/ctap_response_unittest.cc
[modify] https://crrev.com/b5db59bcb54ab983475f0c72098fb8cf18a287a1/device/fido/device_response_converter.cc
[modify] https://crrev.com/b5db59bcb54ab983475f0c72098fb8cf18a287a1/device/fido/fido_constants.cc
[modify] https://crrev.com/b5db59bcb54ab983475f0c72098fb8cf18a287a1/device/fido/fido_constants.h
[modify] https://crrev.com/b5db59bcb54ab983475f0c72098fb8cf18a287a1/device/fido/fido_task.cc

Comment 2 by hongjunchoi@chromium.org, Jun 21 2018

Status: Fixed (was: Started)

Sign in to add a comment