So Test of AuthenticatorCredentialManagement(0x0A) --> enumerateCredentialsBegin subcommand the library is expecting for publickeycredentialuserentity elements name key instead of displayName while fido specfication and fido conformance Tool is expecting displayName
def test_update(client, ctap2, pin_protocol):
if not CredentialManagement.is_update_supported(ctap2.info):
pytest.skip("ClientPin update not supported")
rp = {"id": "example.com", "name": "Example RP"}
server = Fido2Server(rp)
user = {"id": b"user_id", "name": "A. User"}
create_options, state = server.register_begin(
user,
resident_key_requirement="required",
)
# Create a credential
result = client.make_credential(
{
**create_options["publicKey"],
"extensions": {"credProps": True},
}
)
auth_data = server.register_complete(state, result)
cred_id = {"id": auth_data.credential_data.credential_id, "type": "public-key"}
# Update user data
credman = get_credman(ctap2, pin_protocol)
user2 = {"id": b"user_id", "name": "A. User 2"}
credman.update_user_info(cred_id, user2)
rps = credman.enumerate_rps()
rp_id_hash = rps[0][4]
creds = credman.enumerate_creds(rp_id_hash)
assert len(creds) == 1
> assert creds[0][6] == user2
E AssertionError: assert {'id': b'user_id', 'displayName': ''} == {'id': b'user_id', 'name': 'A. User 2'}
E Common items:
E {'id': b'user_id'}
E Left contains 1 more item:
E {'displayName': ''}
E Right contains 1 more item:
E {'name': 'A. User 2'}
E Full diff:
E - {'id': b'user_id', 'name': 'A. User 2'}
E + {'displayName': '', 'id': b'user_id'}
dictionary PublicKeyCredentialUserEntity : PublicKeyCredentialEntity {
required BufferSource id;
required DOMString displayName;
};
INFO apdu:conftest.py:301 >> 801080004e0aa4010402a1015820a379a6f6eeafb9a55e378c118034e2751e682fab9f2d30ab13d2125586ce194703020458207507ed4656c7c4e298c6903c31788c5e9a42833ffef5c32fcb00b14caa888d9800
{1: 4, 2: {1: h'A379A6F6EEAFB9A55E378C118034E2751E682FAB9F2D30AB13D2125586CE1947'}, 3: 2, 4: h'7507ED4656C7C4E298C6903C31788C5E9A42833FFEF5C32FCB00B14CAA888D98'}
INFO apdu:conftest.py:303 << 00a506a262696447757365725f69646b646973706c61794e616d656007a262696458604ba91b06ae27c88a2d87efd19c1cb90abc835757438a6b9ecddbe7bd800ecf8b26970e8f03d15fb48e2c83f594b18484a9d689738dec6be3f3f15fe89556c07cec28c99533fb7eba097de5622816792fc5e76cb3bdca96024a1103c89f03e9b864747970656a7075626c69632d6b657908a5010203262001215820f14bde2e91ef926f737ea98c1659ad8ddc8f899d11caf82ca0efeb45545168dc22582046d793ce31a1f6421916894394d29311a8bae2e2cc491ab3b656dbd188ec5b7f09010a01 SW=9000
{6: {"id": h'757365725F6964', "displayName": ""}, 7: {"id": h'4BA91B06AE27C88A2D87EFD19C1CB90ABC835757438A6B9ECDDBE7BD800ECF8B26970E8F03D15FB48E2C83F594B18484A9D689738DEC6BE3F3F15FE89556C07CEC28C99533FB7EBA097DE5622816792FC5E76CB3BDCA96024A1103C89F03E9B8', "type": "public-key"}, 8: {1: 2, 3: -7, -1: 1, -2: h'F14BDE2E91EF926F737EA98C1659AD8DDC8F899D11CAF82CA0EFEB45545168DC', -3: h'46D793CE31A1F6421916894394D29311A8BAE2E2CC491AB3B656DBD188EC5B7F'}, 9: 1, 10: 1}
So i'm wondering if in case of DisplayName Credential User is empty we return name cause the FIDO Conformance Tool fail if we return publickeycredentialuserentity with id , displayName and Name it fails it's expecting only displayName so I have my suspicions about this case with its ambiguity.
So Test of AuthenticatorCredentialManagement(0x0A) --> enumerateCredentialsBegin subcommand the library is expecting for publickeycredentialuserentity elements name key instead of displayName while fido specfication and fido conformance Tool is expecting displayName
So i'm wondering if in case of DisplayName Credential User is empty we return name cause the FIDO Conformance Tool fail if we return publickeycredentialuserentity with id , displayName and Name it fails it's expecting only displayName so I have my suspicions about this case with its ambiguity.