Pass FIDO2 conformance Server-ServerAuthenticatorAttestationResponse-Resp-9 P-3 test

[santiagorodriguez96]

P-3 Send a valid ServerAuthenticatorAttestationResponse with "tpm" attestation pubArea.nameAlg is not matching algorithm used for generate attested.name, and check that server succeeds

How to run FIDO2 conformance tests: https://github.com/cedarcode/webauthn-ruby/tree/master/spec/conformance.

[santiagorodriguez96]

The verification procedure is failing to verify the certificateInfo, specifically in this step:

Verify that attested contains a TPMS_CERTIFY_INFO structure as specified in [TPMv2-Part2] section 10.12.3, whose name field contains a valid Name for pubArea, as computed using the algorithm in the nameAlg field of pubArea using the procedure specified in [TPMv2-Part1] section 16. [source]

As stated in the WebAuthn spec – and as it's implemented in tpm-key_attestation – we are using the nameAlg field of the pubArea to compute the name of the public object and since, on this case, the algorithm used for generate the name in the certInfo is different from the algorithm identified by pubArea's nameAlg – and thus both nameAlgs differ –, the computed public object name is different from certInfo's name and therefore the verification fails.

The issue is that the conformance tests expect the verification to succeed given that they expect the public object name to be computed using the certInfo's nameAlg field .

However, it's currently not clear whether or not the WebAuthn spec is correct about how to verify a TPM attestation, so we might have to wait some time until this matter is clarified.

[santiagorodriguez96]

fido-alliance/conformance-test-tools-resources#773

After many discussions involving the original author Yuri Ackermann, @dturnerx , and TPM SME Monty Wiseman it has been determined that the algorithm identifier in certInfo is authoritative, and that in public area should always be the same.