Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix crash on unknown COSEAlgorithmIdentifier in FIDO MDS #388

Merged
merged 1 commit into from
Nov 25, 2024

Conversation

emlun
Copy link
Member

@emlun emlun commented Nov 25, 2024

Fixes #387.

I chose to do it this way instead of adding a COSEAlgorithmIdentifier constant primarily because doing that would advertise support for verifying PS256 signatures, which is not included in this change. This will also be more robust to future MDS entries adding more unknown algorithm values.

@emlun emlun added the bug Something isn't working label Nov 25, 2024
@emlun emlun requested a review from fdennis November 25, 2024 11:51
@emlun emlun changed the base branch from main to release-2.5 November 25, 2024 12:55
@emlun emlun merged commit e562c01 into release-2.5 Nov 25, 2024
10 checks passed
@emlun emlun deleted the fido-mds-new-alg branch November 25, 2024 13:04
Comment on lines +412 to +419
.flatMap(
pkcpiuv -> {
if (pkcpiuv != null && pkcpiuv.value != null) {
return Stream.of(pkcpiuv.value);
} else {
return Stream.empty();
}
})

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
.flatMap(
pkcpiuv -> {
if (pkcpiuv != null && pkcpiuv.value != null) {
return Stream.of(pkcpiuv.value);
} else {
return Stream.empty();
}
})
.filter(Objects::nonNull)
.filter(pkcpiuv -> pkcpiuv.value != null)

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This would also need an additional .map(pkcpiuv -> pkcpiuv.value) step to extract the value, so I think I prefer keeping these lexically grouped since they are not independent operations (e.g., removing one of the .filter steps would cause a crash).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Something isn't working
Development

Successfully merging this pull request may close these issues.

FIDO metadata failure: Unknown COSE algorithm identifier: -37
2 participants