我正在开发iOS BLE身份验证器。到目前为止,我可以使用NONE证明进行注册。当我尝试进行身份验证时,收到“签名无效的编码”。
因为我想做NONE和SURROGATE,所以遵循https://www.w3.org/TR/webauthn/第6.4.5节。打包证明,FIDO U2F证明和断言签名的签名格式。它陈述了以下内容,
对于COSEAlgorithmIdentifier -7(ES256)和其他基于ECDSA的算法,签名值被编码为ASN.1 DER Ecdsa-Sig-Value,如[RFC3279] 2.2.3节中所定义。
Example:
30 44; SEQUENCE (68 Bytes) 02 20; INTEGER (32 Bytes)
| 3d 46 28 7b 8c 6e 8c 8c 26 1c 1b 88 f2 73 b0 9a
| 32 a6 cf 28 09 fd 6e 30 d5 a7 9f 26 37 00 8f 54
02 20 ; INTEGER (32 Bytes)
| 4e 72 23 6e a3 90 a9 a1 7b cf 5f 7a 09 d6 3a b2
| 17 6c 92 bb 8e 36 c0 41 98 a2 7b 90 9b 6e 8f 13
我的iOS编码签名: 30450221008dec31cc36160522df4419935dd0aa6b5c198b946a90b19a47fd8927d57ceb6502201de973a69e7927e7eadace24bf7de352f38f5e0280c2364f3c108d28ec1d7fa1
Android编码签名: 304502200ea2e7de7c97c4594148b9a0bc6bd8dcffdf3a5e4cbab2d20f186039768db75d022100e627ac5c71c082f85d5bea2afd212fddd80438e5cfebf1d3d02e149512ebc528
当我将android签名传递给Java服务器时,它已成功验证。但是iOS总是会引发以下错误。
at com.xxx.fido2.processor.TestSignature.main(TestSignature.java:21) .
Caused by: java.security.SignatureException: Invalid encoding for signature .
at sun.security.ec.ECDSASignature.decodeSignature(ECDSASignature.java:468) .
Caused by: java.security.SignatureException: Invalid encoding for signature .
at sun.security.ec.ECDSASignature.engineVerify(ECDSASignature.java:390) .
... 4 more .
Caused by: java.io.IOException: Sequence tag error .
Caused by: java.io.IOException: Sequence tag error .
Caused by: java.security.SignatureException: Invalid encoding for signature .
at sun.security.ec.ECDSASignature.engineVerify(ECDSASignature.java:390) .
... 4 more .
Caused by: java.io.IOException: Sequence tag error .
Caused by: java.io.IOException: Sequence tag error .
任何帮助将不胜感激。预先感谢。