CCU2F icon indicating copy to clipboard operation
CCU2F copied to clipboard

Published 20 hours ago verified publisher icon tsenger

Demos are having trouble working with the applet

Open gregorjohannson opened this issue 5 years ago • 1 comments

I've successfully managed to install the applet on a JC 3.0.4 card from Idemia (Oberthur), following GP spec 2.2.1. The attestation certificate was used from the README examples.

The proprietary dependencies were swapped as follows:

  1. KeyBuidlerX.TYPE_AES_STATIC -> KeyBuilder.TYPE_AES
  2. KeyAgreementX.ALG_EC_SVDP_DH_PLAIN_XY -> KeyAgreement.ALG_EC_SVDP_DH_PLAIN

http://u2fdemo.appspot.com can register the authenticator, but testing fails. https://demo.yubico.com/u2f is not capable of registering at all.

Do you have any ideas for what I might be doing wrong?

gregorjohannson avatar Apr 18 '19 12:04 gregorjohannson

Hi, I think the first swap (KeyBuidlerX.TYPE_AES_STATIC -> KeyBuilder.TYPE_AES) is fine. But the result in the KeyAgreement is different if you use ALG_EC_SVDP_DH_PLAIN instead of ALG_EC_SVDP_DH_PLAIN_XY.

  • ALG_EC_SVDP_DH_PLAIN only returns the x coordinate of the point (32 bytes), while
  • ALG_EC_SVDP_DH_PLAIN_XY returns the x and the y coordinate (65 bytes).

see also this article

It is possible to calculate the y coordinate to a given x coordinate. But unfortunately I'm not hat deep in elliptic curves.

tsenger avatar Apr 18 '19 14:04 tsenger