Bug 1405431 - Be more precise in WebAuthn signature verification assertion r=keeler

There's an intermittent which might be spurious because ASN.1 signatures might sometimes be less than 70 bytes, but the actual floor is probably 68 (32 + 32 + 4). It's a sanity check, so I've adjusted it down and also am now emitting the offending key bytes if this triggers again. MozReview-Commit-ID: 1wwU9Q3BUPF --HG-- extra : rebase_source : 2877deb770f8bf4bcf31dae40f75016892dc9d53
2017-10-04 11:21:18 -07:00 · 2017-10-04 11:21:18 -07:00 · 9f45608ca1
--- a/dom/webauthn/tests/u2futil.js
+++ b/dom/webauthn/tests/u2futil.js
@ -283,9 +283,9 @@ function sanitizeSigArray(arr) {
 }

 function verifySignature(key, data, derSig) {
-  if (derSig.byteLength < 70) {
-    console.log("bad sig: " + hexEncode(new Uint8Array(derSig)))
-    return Promise.reject("Invalid signature length: " + derSig.byteLength);
+  if (derSig.byteLength < 68) {
+    return Promise.reject("Invalid signature (length=" + derSig.byteLength +
+                          "): " + hexEncode(new Uint8Array(derSig)));
  }

  let sigAsn1 = org.pkijs.fromBER(derSig);