Fix COSE type of key-agreement keys.

The key-agreement keys in the PIN protocol use COSE type -25. I'm not sure if that's written down anywhere, but it's what everything else does and it's an ECDH type rather than an ECDSA type.
2019-04-20 16:37:54 -07:00
parent a5f794c0ff
commit 73f538dd0e
2 changed files with 3 additions and 3 deletions
--- a/fido2/cose_key.h
+++ b/fido2/cose_key.h
@@ -16,7 +16,7 @@
 #define COSE_KEY_KTY_EC2        2
 #define COSE_KEY_CRV_P256       1

-
-#define COSE_ALG_ES256              -7
+#define COSE_ALG_ES256            -7
+#define COSE_ALG_ECDH_ES_HKDF_256 -25

 #endif
--- a/fido2/ctap.c
+++ b/fido2/ctap.c
@@ -1476,7 +1476,7 @@ uint8_t ctap_client_pin(CborEncoder * encoder, uint8_t * request, int length)

            ret = cbor_encode_int(&map, RESP_keyAgreement);
            check_ret(ret);
-            ret = ctap_add_cose_key(&map, KEY_AGREEMENT_PUB, KEY_AGREEMENT_PUB+32, PUB_KEY_CRED_PUB_KEY, COSE_ALG_ES256);
+            ret = ctap_add_cose_key(&map, KEY_AGREEMENT_PUB, KEY_AGREEMENT_PUB+32, PUB_KEY_CRED_PUB_KEY, COSE_ALG_ECDH_ES_HKDF_256);
            check_retr(ret);

            break;