Probable typo in cryptodep.js@COSE_ALG_HASH

[serianox]

By submitting this issue you are acknowledging that any information regarding this issue will be publicly available.

If you have privacy concerns, please email [email protected]

FIRST PRE CHECK

• [X] I SOLEMNLY SWEAR THAT I HAVE SEARCHED DOCUMENTATION AND WAS NOT ABLE TO RESOLVE MY ISSUE

What protocol are you implementing?

• [ ] FIDO2 Server
• [ ] CTAP2.0
• [X] CTAP2.1
• [ ] UAF 1.1
• [ ] U2F 1.1
• [ ] U2F 1.2

NOTE: UAF 1.0 certification have been officially sunset. U2F 1.2 only supported version of U2F.

What is your implementation class?

• [X] Security Key / FIDO2 / U2F authenticators
• [ ] Server
• [ ] UAF Client-ASM-Authenticator combo
• [ ] UAF Client
• [ ] UAF ASM-Authenticator

If you are platform authenticator vendor, please email [email protected]

What is the version of the tool are you using?

1.7.19-1

What is the OS and the version are you running?

For desktop tools

• [ ] OSX
• [X] Windows
• [ ] Linux

For UAF mobile tools

• [ ] iOS
• [ ] Android

Issue description

It seems there's a typo in in the hash computation for es384.

Hash computation fails with "Error: hashFunction argument is missing!"

In cryptodep.js@COSE_ALG_HASH, ECDSA w/ SHA-384 and SHA-512 are referenced as -36 and -37 resp, whereas in https://www.iana.org/assignments/cose/cose.xhtml they are referenced as -35 and -36 resp.