Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Is Assertion verification same for all formats? #22

Open
RDevR99 opened this issue Apr 8, 2020 · 2 comments
Open

Is Assertion verification same for all formats? #22

RDevR99 opened this issue Apr 8, 2020 · 2 comments

Comments

@RDevR99
Copy link

RDevR99 commented Apr 8, 2020
edited
Loading

In verifyAuthenticatorAssertionResponse(), there is this condition : if(authr.fmt === 'fido-u2f') and then all the logic for verification.

However, shouldn't the logic for verifying assertions be the same for all formats?
I have commented this line out and it gives me a positive verification for android-safetynet.

So, should this if condition be there? or are things actually different for different formats?
@pratomchaip
Copy link

How did you verify the android-safetynet attestation?

@lordgape
Copy link

lordgape commented Apr 6, 2021

Does anyone know how one can verify the android-safetynet attestation?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@pratomchaip @lordgape @RDevR99