Hi! I seem to have encountered a bug in basenc. While decoding a large
base64url-encoded JSON blob, the decoder drops some characters,
rendering the output invalid JSON. I've verified against Python's
built-in base64url decoder, which correctly produces the expected result
while basenc does not.
I've attached the test case, which I've tried to minimize as much as I
can. All my attempts to remove more of the JSON values have made the bug
not trigger, or at least not as easily detectable.
Reproduction instructions:
$ uname -a
Linux HOST 5.13.4-arch1-1 #1 SMP PREEMPT Tue, 20 Jul 2021 16:58:51 +0000
x86_64 GNU/Linux
$ basenc --version
basenc (GNU coreutils) 8.32
$ cat expected-output.txt | sha256sum
fdb9a77c44e9cd612ad3a3cc210e03ea9782e342bb8293b49530e032b2e4ed0e -
$ cat actual-output.txt | sha256sum
86bce7aa1d0c2da8432cfbb6da4ad2e559012dadbd1abde711e96b2c518d2b11 -
$ basenc -d --base64 input.txt | sha256sum
86bce7aa1d0c2da8432cfbb6da4ad2e559012dadbd1abde711e96b2c518d2b11 -
$ diff actual-output.txt expected-output.txt
160c160
< "minor: 0
---
> "minor": 0
Installed from Arch Linux official repos, package version coreutils 8.32-1.
Thanks for making basenc, and please let me know if I can do anything
more to help!
/Emil
ewogICJlbnRyaWVzIjogWwogICAgewogICAgICAiYWFpZCI6ICI0ZTRlIzQwMDUiLAogICAgICAibWV0YWRhdGFTdGF0ZW1lbnQiOiB7CiAgICAgICAgImFhaWQiOiAiNGU0ZSM0MDA1IiwKICAgICAgICAiYXR0YWNobWVudEhpbnQiOiBbCiAgICAgICAgICAiaW50ZXJuYWwiCiAgICAgICAgXSwKICAgICAgICAiYXR0ZXN0YXRpb25Sb290Q2VydGlmaWNhdGVzIjogW10sCiAgICAgICAgImF0dGVzdGF0aW9uVHlwZXMiOiBbCiAgICAgICAgICAiYmFzaWNfc3Vycm9nYXRlIgogICAgICAgIF0sCiAgICAgICAgImF1dGhlbnRpY2F0aW9uQWxnb3JpdGhtcyI6IFsKICAgICAgICAgICJyc2FfZW1zYV9wa2NzMV9zaGEyNTZfcmF3IgogICAgICAgIF0sCiAgICAgICAgImF1dGhlbnRpY2F0b3JWZXJzaW9uIjogMjU2LAogICAgICAgICJkZXNjcmlwdGlvbiI6ICJUb3VjaCBJRCwgRmFjZSBJRCwgb3IgUGFzc2NvZGUiLAogICAgICAgICJrZXlQcm90ZWN0aW9uIjogWwogICAgICAgICAgImhhcmR3YXJlIiwKICAgICAgICAgICJ0ZWUiCiAgICAgICAgXSwKICAgICAgICAibGVnYWxIZWFkZXIiOiAiaHR0cHM6Ly9maWRvYWxsaWFuY2Uub3JnL21ldGFkYXRhL21ldGFkYXRhLXN0YXRlbWVudC1sZWdhbC1oZWFkZXIvIiwKICAgICAgICAibWF0Y2hlclByb3RlY3Rpb24iOiBbCiAgICAgICAgICAidGVlIgogICAgICAgIF0sCiAgICAgICAgInByb3RvY29sRmFtaWx5IjogInVhZiIsCiAgICAgICAgInB1YmxpY0tleUFsZ0FuZEVuY29kaW5ncyI6IFsKICAgICAgICAgICJyc2FfMjA0OF9yYXciCiAgICAgICAgXSwKICAgICAgICAic2NoZW1hIjogMywKICAgICAgICAidGNEaXNwbGF5IjogWwogICAgICAgICAgImFueSIKICAgICAgICBdLAogICAgICAgICJ0Y0Rpc3BsYXlDb250ZW50VHlwZSI6ICJ0ZXh0L3BsYWluIiwKICAgICAgICAidXB2IjogWwogICAgICAgICAgewogICAgICAgICAgICAibWFqb3IiOiAxLAogICAgICAgICAgICAibWlub3IiOiAwCiAgICAgICAgICB9LAogICAgICAgICAgewogICAgICAgICAgICAibWFqb3IiOiAxLAogICAgICAgICAgICAibWlub3IiOiAxCiAgICAgICAgICB9CiAgICAgICAgXSwKICAgICAgICAidXNlclZlcmlmaWNhdGlvbkRldGFpbHMiOiBbCiAgICAgICAgICBbCiAgICAgICAgICAgIHsKICAgICAgICAgICAgICAiY2FEZXNjIjogewogICAgICAgICAgICAgICAgImJhc2UiOiAxMCwKICAgICAgICAgICAgICAgICJibG9ja1Nsb3dkb3duIjogNjAsCiAgICAgICAgICAgICAgICAibWF4UmV0cmllcyI6IDUsCiAgICAgICAgICAgICAgICAibWluTGVuZ3RoIjogNAogICAgICAgICAgICAgIH0sCiAgICAgICAgICAgICAgInVzZXJWZXJpZmljYXRpb25NZXRob2QiOiAicGFzc2NvZGVfaW50ZXJuYWwiCiAgICAgICAgICAgIH0KICAgICAgICAgIF0sCiAgICAgICAgICBbCiAgICAgICAgICAgIHsKICAgICAgICAgICAgICAiYmFEZXNjIjogewogICAgICAgICAgICAgICAgImJsb2NrU2xvd2Rvd24iOiAwLAogICAgICAgICAgICAgICAgIm1heFJldHJpZXMiOiA1LAogICAgICAgICAgICAgICAgIm1heFRlbXBsYXRlcyI6IDAsCiAgICAgICAgICAgICAgICAic2VsZkF0dGVzdGVkRkFSIjogMC4wLAogICAgICAgICAgICAgICAgInNlbGZBdHRlc3RlZEZSUiI6IDAuMAogICAgICAgICAgICAgIH0sCiAgICAgICAgICAgICAgInVzZXJWZXJpZmljYXRpb25NZXRob2QiOiAiZmluZ2VycHJpbnRfaW50ZXJuYWwiCiAgICAgICAgICAgIH0KICAgICAgICAgIF0KICAgICAgICBdCiAgICAgIH0sCiAgICAgICJzdGF0dXNSZXBvcnRzIjogWwogICAgICAgIHsKICAgICAgICAgICJlZmZlY3RpdmVEYXRlIjogIjIwMTgtMDUtMTkiLAogICAgICAgICAgInN0YXR1cyI6ICJOT1RfRklET19DRVJUSUZJRUQiCiAgICAgICAgfQogICAgICBdLAogICAgICAidGltZU9mTGFzdFN0YXR1c0NoYW5nZSI6ICIyMDE4LTA1LTE5IgogICAgfSwKICAgIHsKICAgICAgImFhZ3VpZCI6ICJjNWVmNTVmZi1hZDlhLTRiOWYtYjU4MC1hZGViYWZlMDI2ZDAiLAogICAgICAibWV0YWRhdGFTdGF0ZW1lbnQiOiB7CiAgICAgICAgImFhZ3VpZCI6ICJjNWVmNTVmZi1hZDlhLTRiOWYtYjU4MC1hZGViYWZlMDI2ZDAiLAogICAgICAgICJhdHRhY2htZW50SGludCI6IFsKICAgICAgICAgICJleHRlcm5hbCIsCiAgICAgICAgICAid2lyZWQiCiAgICAgICAgXSwKICAgICAgICAiYXR0ZXN0YXRpb25Sb290Q2VydGlmaWNhdGVzIjogWwogICAgICAgICAgIk1JSURIakNDQWdhZ0F3SUJBZ0lFRzBCVDl6QU5CZ2txaGtpRzl3MEJBUXNGQURBdU1Td3dLZ1lEVlFRREV5TlpkV0pwWTI4Z1ZUSkdJRkp2YjNRZ1EwRWdVMlZ5YVdGc0lEUTFOekl3TURZek1UQWdGdzB4TkRBNE1ERXdNREF3TURCYUdBOHlNRFV3TURrd05EQXdNREF3TUZvd0xqRXNNQ29HQTFVRUF4TWpXWFZpYVdOdklGVXlSaUJTYjI5MElFTkJJRk5sY21saGJDQTBOVGN5TURBMk16RXdnZ0VpTUEwR0NTcUdTSWIzRFFFQkFRVUFBNElCRHdBd2dnRUtBb0lCQVFDL2p3WXVoQlZscWFpWVdFTXNyV0Zpc2dKK1B0TTkxZVNycEk0VEs3VTUzbXdDSWF3U0RIeTh2VW1rNU4yS0FqOWFidlQ5TlA1U01TMWhRaTN1c3hvWUdvblhRZ2ZPNlpYeVVBOWErS0FrcWRGbkJubHl1Z1NlQ09lcDhFZFpGZnNhUkZ0TWprd3o1R2N6MlB5NHZJWXZDZE1IUHR3YXowYlZ1em5ldWVJRXo2VG5RakU2M1JkdDJ6YnduZWJ3VEc1WnliZVdTd2J6eStCSjM0WkhjVWhQQVk4OXlKUVh1RTBJek1aRmNFQmJQTlJiV0VDUktnanEvL3FUOW5tRE9GVmxTUkN0MndpcVBTemx1d24rditzdVFFQnNValRHTUVkMjV0S1hYVGtOVzIxd0lXYnhlU3lVb1RYd0x2R1M2eGx3UVNnTnBrMnFYWXdmOGlYZzdWV1pBZ01CQUFHalFqQkFNQjBHQTFVZERnUVdCQlFnSXZ6MGJOR0poamdwVG9rc3lLcFA5eHY5b0RBUEJnTlZIUk1FQ0RBR0FRSC9BZ0VBTUE0R0ExVWREd0VCL3dRRUF3SUJCakFOQmdrcWhraUc5dzBCQVFzRkFBT0NBUUVBanZqdU9NRFNhK0pYRkNMeUJLc3ljWHRCVlpzSjRVZTNMYmFFc1BZNE1ZTi9oSVE1Wk01cDdFamZjbk1HNEN0WWtOc2ZOSGMwQWhCTGRxNDVyblQ4N3EvNk8zdlVFdE5NYWZiaFU2a3RoWDdZKzlYRk45TnBtWXhyK2VrVlk1eE94aThoOUpESWdvTVA0VkIxdVMwYXVuTDFJR3FyTm9vTDltbUZuTDJrTFZWZWU2L1ZSNkM1K0tTVENNQ1dwcE11SklaSUkydjlvNGRrb1o4WTdRUmpRbExmWXpkM3FHdEtidzd4YUYxVXNHLzV4VWIvQnR3YjJYMmc0SW5waUIveXQvM0NwUVhwaVdYL0s0bUJ2VUtpR24wNVpzcWVZMWd4NGcweExCcWNVOXBzbXlQeksrVnNndzJqZVJRNUpsS0R5cUUwaGViZkMxdHZGdTBDQ3JKRmN3PT0iCiAgICAgICAgXSwKICAgICAgICAiYXR0ZXN0YXRpb25UeXBlcyI6IFsKICAgICAgICAgICJiYXNpY19mdWxsIgogICAgICAgIF0sCiAgICAgICAgImF1dGhlbnRpY2F0aW9uQWxnb3JpdGhtcyI6IFsKICAgICAgICAgICJlZDI1NTE5X2VkZHNhX3NoYTUxMl9yYXciLAogICAgICAgICAgInNlY3AyNTZyMV9lY2RzYV9zaGEyNTZfcmF3IgogICAgICAgIF0sCiAgICAgICAgImF1dGhlbnRpY2F0b3JHZXRJbmZvIjogewogICAgICAgICAgImFhZ3VpZCI6ICJjNWVmNTVmZmFkOWE0YjlmYjU4MGFkZWJhZmUwMjZkMCIsCiAgICAgICAgICAiYWxnb3JpdGhtcyI6IFsKICAgICAgICAgICAgewogICAgICAgICAgICAgICJhbGciOiAtNywKICAgICAgICAgICAgICAidHlwZSI6ICJwdWJsaWMta2V5IgogICAgICAgICAgICB9LAogICAgICAgICAgICB7CiAgICAgICAgICAgICAgImFsZyI6IC04LAogICAgICAgICAgICAgICJ0eXBlIjogInB1YmxpYy1rZXkiCiAgICAgICAgICAgIH0KICAgICAgICAgIF0sCiAgICAgICAgICAiZXh0ZW5zaW9ucyI6IFsKICAgICAgICAgICAgImNyZWRQcm90ZWN0IiwKICAgICAgICAgICAgImhtYWMtc2VjcmV0IgogICAgICAgICAgXSwKICAgICAgICAgICJmaXJtd2FyZVZlcnNpb24iOiAzMjg3MDYsCiAgICAgICAgICAibWF4Q3JlZGVudGlhbENvdW50SW5MaXN0IjogOCwKICAgICAgICAgICJtYXhDcmVkZW50aWFsSWRMZW5ndGgiOiAxMjgsCiAgICAgICAgICAibWF4TXNnU2l6ZSI6IDEyMDAsCiAgICAgICAgICAibWluUElOTGVuZ3RoIjogNCwKICAgICAgICAgICJvcHRpb25zIjogewogICAgICAgICAgICAiY2xpZW50UGluIjogdHJ1ZSwKICAgICAgICAgICAgImNyZWRlbnRpYWxNZ210UHJldmlldyI6IHRydWUsCiAgICAgICAgICAgICJwbGF0IjogZmFsc2UsCiAgICAgICAgICAgICJyayI6IHRydWUsCiAgICAgICAgICAgICJ1cCI6IHRydWUKICAgICAgICAgIH0sCiAgICAgICAgICAicGluVXZBdXRoUHJvdG9jb2xzIjogWwogICAgICAgICAgICAyLAogICAgICAgICAgICAxCiAgICAgICAgICBdLAogICAgICAgICAgInRyYW5zcG9ydHMiOiBbCiAgICAgICAgICAgICJ1c2IiLAogICAgICAgICAgICAibGlnaHRuaW5nIgogICAgICAgICAgXSwKICAgICAgICAgICJ2ZXJzaW9ucyI6IFsKICAgICAgICAgICAgIlUyRl9WMiIsCiAgICAgICAgICAgICJGSURPXzJfMCIsCiAgICAgICAgICAgICJGSURPXzJfMV9QUkUiCiAgICAgICAgICBdCiAgICAgICAgfSwKICAgICAgICAiYXV0aGVudGljYXRvclZlcnNpb24iOiA1MDIwMCwKICAgICAgICAiY3J5cHRvU3RyZW5ndGgiOiAxMjgsCiAgICAgICAgImRlc2NyaXB0aW9uIjogIll1YmlLZXkgU2VyaWVzIDVDaSIsCiAgICAgICAgImtleVByb3RlY3Rpb24iOiBbCiAgICAgICAgICAiaGFyZHdhcmUiLAogICAgICAgICAgInNlY3VyZV9lbGVtZW50IgogICAgICAgIF0sCiAgICAgICAgImxlZ2FsSGVhZGVyIjogImh0dHBzOi8vZmlkb2FsbGlhbmNlLm9yZy9tZXRhZGF0YS9tZXRhZGF0YS1zdGF0ZW1lbnQtbGVnYWwtaGVhZGVyLyIsCiAgICAgICAgIm1hdGNoZXJQcm90ZWN0aW9uIjogWwogICAgICAgICAgIm9uX2NoaXAiCiAgICAgICAgXSwKICAgICAgICAicHJvdG9jb2xGYW1pbHkiOiAiZmlkbzIiLAogICAgICAgICJwdWJsaWNLZXlBbGdBbmRFbmNvZGluZ3MiOiBbCiAgICAgICAgICAiY29zZSIKICAgICAgICBdLAogICAgICAgICJzY2hlbWEiOiAzLAogICAgICAgICJ0Y0Rpc3BsYXkiOiBbXSwKICAgICAgICAidXB2IjogWwogICAgICAgICAgewogICAgICAgICAgICAibWFqb3IiOiAxLAogICAgICAgICAgICAibWlub3IiOiAwCiAgICAgICAgICB9CiAgICAgICAgXSwKICAgICAgICAidXNlclZlcmlmaWNhdGlvbkRldGFpbHMiOiBbCiAgICAgICAgICBbCiAgICAgICAgICAgIHsKICAgICAgICAgICAgICAidXNlclZlcmlmaWNhdGlvbk1ldGhvZCI6ICJwcmVzZW5jZV9pbnRlcm5hbCIKICAgICAgICAgICAgfSwKICAgICAgICAgICAgewogICAgICAgICAgICAgICJjYURlc2MiOiB7CiAgICAgICAgICAgICAgICAiYmFzZSI6IDY0LAogICAgICAgICAgICAgICAgImJsb2NrU2xvd2Rvd24iOiAwLAogICAgICAgICAgICAgICAgIm1heFJldHJpZXMiOiA4LAogICAgICAgICAgICAgICAgIm1pbkxlbmd0aCI6IDQKICAgICAgICAgICAgICB9LAogICAgICAgICAgICAgICJ1c2VyVmVyaWZpY2F0aW9uTWV0aG9kIjogInBhc3Njb2RlX2ludGVybmFsIgogICAgICAgICAgICB9LAogICAgICAgICAgICB7CiAgICAgICAgICAgICAgInVzZXJWZXJpZmljYXRpb25NZXRob2QiOiAibm9uZSIKICAgICAgICAgICAgfQogICAgICAgICAgXQogICAgICAgIF0KICAgICAgfSwKICAgICAgInN0YXR1c1JlcG9ydHMiOiBbCiAgICAgICAgewogICAgICAgICAgImNlcnRpZmljYXRlTnVtYmVyIjogIkZJRE8yMDAyMDE5MTAxNzAwMyIsCiAgICAgICAgICAiY2VydGlmaWNhdGlvbkRlc2NyaXB0b3IiOiAiWXViaUtleSA1Q2kiLAogICAgICAgICAgImNlcnRpZmljYXRpb25Qb2xpY3lWZXJzaW9uIjogIjEuMS4xIiwKICAgICAgICAgICJjZXJ0aWZpY2F0aW9uUmVxdWlyZW1lbnRzVmVyc2lvbiI6ICIxLjMiLAogICAgICAgICAgImVmZmVjdGl2ZURhdGUiOiAiMjAyMC0wNS0xMiIsCiAgICAgICAgICAic3RhdHVzIjogIkZJRE9fQ0VSVElGSUVEX0wxIgogICAgICAgIH0KICAgICAgXSwKICAgICAgInRpbWVPZkxhc3RTdGF0dXNDaGFuZ2UiOiAiMjAyMC0wNS0xMiIKICAgIH0KICBdLAogICJuZXh0VXBkYXRlIjogIjIwMjEtMDgtMDEiLAogICJubyI6IDUKfQ==
{
"entries": [
{
"aaid": "4e4e#4005",
"metadataStatement": {
"aaid": "4e4e#4005",
"attachmentHint": [
"internal"
],
"attestationRootCertificates": [],
"attestationTypes": [
"basic_surrogate"
],
"authenticationAlgorithms": [
"rsa_emsa_pkcs1_sha256_raw"
],
"authenticatorVersion": 256,
"description": "Touch ID, Face ID, or Passcode",
"keyProtection": [
"hardware",
"tee"
],
"legalHeader":
"https://fidoalliance.org/metadata/metadata-statement-legal-header/",
"matcherProtection": [
"tee"
],
"protocolFamily": "uaf",
"publicKeyAlgAndEncodings": [
"rsa_2048_raw"
],
"schema": 3,
"tcDisplay": [
"any"
],
"tcDisplayContentType": "text/plain",
"upv": [
{
"major": 1,
"minor": 0
},
{
"major": 1,
"minor": 1
}
],
"userVerificationDetails": [
[
{
"caDesc": {
"base": 10,
"blockSlowdown": 60,
"maxRetries": 5,
"minLength": 4
},
"userVerificationMethod": "passcode_internal"
}
],
[
{
"baDesc": {
"blockSlowdown": 0,
"maxRetries": 5,
"maxTemplates": 0,
"selfAttestedFAR": 0.0,
"selfAttestedFRR": 0.0
},
"userVerificationMethod": "fingerprint_internal"
}
]
]
},
"statusReports": [
{
"effectiveDate": "2018-05-19",
"status": "NOT_FIDO_CERTIFIED"
}
],
"timeOfLastStatusChange": "2018-05-19"
},
{
"aaguid": "c5ef55ff-ad9a-4b9f-b580-adebafe026d0",
"metadataStatement": {
"aaguid": "c5ef55ff-ad9a-4b9f-b580-adebafe026d0",
"attachmentHint": [
"external",
"wired"
],
"attestationRootCertificates": [
"MIIDHjCCAgagAwIBAgIEG0BT9zANBgkqhkiG9w0BAQsFADAuMSwwKgYDVQQDEyNZdWJpY28gVTJGIFJvb3QgQ0EgU2VyaWFsIDQ1NzIwMDYzMTAgFw0xNDA4MDEwMDAwMDBaGA8yMDUwMDkwNDAwMDAwMFowLjEsMCoGA1UEAxMjWXViaWNvIFUyRiBSb290IENBIFNlcmlhbCA0NTcyMDA2MzEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/jwYuhBVlqaiYWEMsrWFisgJ+PtM91eSrpI4TK7U53mwCIawSDHy8vUmk5N2KAj9abvT9NP5SMS1hQi3usxoYGonXQgfO6ZXyUA9a+KAkqdFnBnlyugSeCOep8EdZFfsaRFtMjkwz5Gcz2Py4vIYvCdMHPtwaz0bVuzneueIEz6TnQjE63Rdt2zbwnebwTG5ZybeWSwbzy+BJ34ZHcUhPAY89yJQXuE0IzMZFcEBbPNRbWECRKgjq//qT9nmDOFVlSRCt2wiqPSzluwn+v+suQEBsUjTGMEd25tKXXTkNW21wIWbxeSyUoTXwLvGS6xlwQSgNpk2qXYwf8iXg7VWZAgMBAAGjQjBAMB0GA1UdDgQWBBQgIvz0bNGJhjgpToksyKpP9xv9oDAPBgNVHRMECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAjvjuOMDSa+JXFCLyBKsycXtBVZsJ4Ue3LbaEsPY4MYN/hIQ5ZM5p7EjfcnMG4CtYkNsfNHc0AhBLdq45rnT87q/6O3vUEtNMafbhU6kthX7Y+9XFN9NpmYxr+ekVY5xOxi8h9JDIgoMP4VB1uS0aunL1IGqrNooL9mmFnL2kLVVee6/VR6C5+KSTCMCWppMuJIZII2v9o4dkoZ8Y7QRjQlLfYzd3qGtKbw7xaF1UsG/5xUb/Btwb2X2g4InpiB/yt/3CpQXpiWX/K4mBvUKiGn05ZsqeY1gx4g0xLBqcU9psmyPzK+Vsgw2jeRQ5JlKDyqE0hebfC1tvFu0CCrJFcw=="
],
"attestationTypes": [
"basic_full"
],
"authenticationAlgorithms": [
"ed25519_eddsa_sha512_raw",
"secp256r1_ecdsa_sha256_raw"
],
"authenticatorGetInfo": {
"aaguid": "c5ef55ffad9a4b9fb580adebafe026d0",
"algorithms": [
{
"alg": -7,
"type": "public-key"
},
{
"alg": -8,
"type": "public-key"
}
],
"extensions": [
"credProtect",
"hmac-secret"
],
"firmwareVersion": 328706,
"maxCredentialCountInList": 8,
"maxCredentialIdLength": 128,
"maxMsgSize": 1200,
"minPINLength": 4,
"options": {
"clientPin": true,
"credentialMgmtPreview": true,
"plat": false,
"rk": true,
"up": true
},
"pinUvAuthProtocols": [
2,
1
],
"transports": [
"usb",
"lightning"
],
"versions": [
"U2F_V2",
"FIDO_2_0",
"FIDO_2_1_PRE"
]
},
"authenticatorVersion": 50200,
"cryptoStrength": 128,
"description": "YubiKey Series 5Ci",
"keyProtection": [
"hardware",
"secure_element"
],
"legalHeader":
"https://fidoalliance.org/metadata/metadata-statement-legal-header/",
"matcherProtection": [
"on_chip"
],
"protocolFamily": "fido2",
"publicKeyAlgAndEncodings": [
"cose"
],
"schema": 3,
"tcDisplay": [],
"upv": [
{
"major": 1,
"minor": 0
}
],
"userVerificationDetails": [
[
{
"userVerificationMethod": "presence_internal"
},
{
"caDesc": {
"base": 64,
"blockSlowdown": 0,
"maxRetries": 8,
"minLength": 4
},
"userVerificationMethod": "passcode_internal"
},
{
"userVerificationMethod": "none"
}
]
]
},
"statusReports": [
{
"certificateNumber": "FIDO20020191017003",
"certificationDescriptor": "YubiKey 5Ci",
"certificationPolicyVersion": "1.1.1",
"certificationRequirementsVersion": "1.3",
"effectiveDate": "2020-05-12",
"status": "FIDO_CERTIFIED_L1"
}
],
"timeOfLastStatusChange": "2020-05-12"
}
],
"nextUpdate": "2021-08-01",
"no": 5
}
{
"entries": [
{
"aaid": "4e4e#4005",
"metadataStatement": {
"aaid": "4e4e#4005",
"attachmentHint": [
"internal"
],
"attestationRootCertificates": [],
"attestationTypes": [
"basic_surrogate"
],
"authenticationAlgorithms": [
"rsa_emsa_pkcs1_sha256_raw"
],
"authenticatorVersion": 256,
"description": "Touch ID, Face ID, or Passcode",
"keyProtection": [
"hardware",
"tee"
],
"legalHeader":
"https://fidoalliance.org/metadata/metadata-statement-legal-header/",
"matcherProtection": [
"tee"
],
"protocolFamily": "uaf",
"publicKeyAlgAndEncodings": [
"rsa_2048_raw"
],
"schema": 3,
"tcDisplay": [
"any"
],
"tcDisplayContentType": "text/plain",
"upv": [
{
"major": 1,
"minor": 0
},
{
"major": 1,
"minor": 1
}
],
"userVerificationDetails": [
[
{
"caDesc": {
"base": 10,
"blockSlowdown": 60,
"maxRetries": 5,
"minLength": 4
},
"userVerificationMethod": "passcode_internal"
}
],
[
{
"baDesc": {
"blockSlowdown": 0,
"maxRetries": 5,
"maxTemplates": 0,
"selfAttestedFAR": 0.0,
"selfAttestedFRR": 0.0
},
"userVerificationMethod": "fingerprint_internal"
}
]
]
},
"statusReports": [
{
"effectiveDate": "2018-05-19",
"status": "NOT_FIDO_CERTIFIED"
}
],
"timeOfLastStatusChange": "2018-05-19"
},
{
"aaguid": "c5ef55ff-ad9a-4b9f-b580-adebafe026d0",
"metadataStatement": {
"aaguid": "c5ef55ff-ad9a-4b9f-b580-adebafe026d0",
"attachmentHint": [
"external",
"wired"
],
"attestationRootCertificates": [
"MIIDHjCCAgagAwIBAgIEG0BT9zANBgkqhkiG9w0BAQsFADAuMSwwKgYDVQQDEyNZdWJpY28gVTJGIFJvb3QgQ0EgU2VyaWFsIDQ1NzIwMDYzMTAgFw0xNDA4MDEwMDAwMDBaGA8yMDUwMDkwNDAwMDAwMFowLjEsMCoGA1UEAxMjWXViaWNvIFUyRiBSb290IENBIFNlcmlhbCA0NTcyMDA2MzEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/jwYuhBVlqaiYWEMsrWFisgJ+PtM91eSrpI4TK7U53mwCIawSDHy8vUmk5N2KAj9abvT9NP5SMS1hQi3usxoYGonXQgfO6ZXyUA9a+KAkqdFnBnlyugSeCOep8EdZFfsaRFtMjkwz5Gcz2Py4vIYvCdMHPtwaz0bVuzneueIEz6TnQjE63Rdt2zbwnebwTG5ZybeWSwbzy+BJ34ZHcUhPAY89yJQXuE0IzMZFcEBbPNRbWECRKgjq//qT9nmDOFVlSRCt2wiqPSzluwn+v+suQEBsUjTGMEd25tKXXTkNW21wIWbxeSyUoTXwLvGS6xlwQSgNpk2qXYwf8iXg7VWZAgMBAAGjQjBAMB0GA1UdDgQWBBQgIvz0bNGJhjgpToksyKpP9xv9oDAPBgNVHRMECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAjvjuOMDSa+JXFCLyBKsycXtBVZsJ4Ue3LbaEsPY4MYN/hIQ5ZM5p7EjfcnMG4CtYkNsfNHc0AhBLdq45rnT87q/6O3vUEtNMafbhU6kthX7Y+9XFN9NpmYxr+ekVY5xOxi8h9JDIgoMP4VB1uS0aunL1IGqrNooL9mmFnL2kLVVee6/VR6C5+KSTCMCWppMuJIZII2v9o4dkoZ8Y7QRjQlLfYzd3qGtKbw7xaF1UsG/5xUb/Btwb2X2g4InpiB/yt/3CpQXpiWX/K4mBvUKiGn05ZsqeY1gx4g0xLBqcU9psmyPzK+Vsgw2jeRQ5JlKDyqE0hebfC1tvFu0CCrJFcw=="
],
"attestationTypes": [
"basic_full"
],
"authenticationAlgorithms": [
"ed25519_eddsa_sha512_raw",
"secp256r1_ecdsa_sha256_raw"
],
"authenticatorGetInfo": {
"aaguid": "c5ef55ffad9a4b9fb580adebafe026d0",
"algorithms": [
{
"alg": -7,
"type": "public-key"
},
{
"alg": -8,
"type": "public-key"
}
],
"extensions": [
"credProtect",
"hmac-secret"
],
"firmwareVersion": 328706,
"maxCredentialCountInList": 8,
"maxCredentialIdLength": 128,
"maxMsgSize": 1200,
"minPINLength": 4,
"options": {
"clientPin": true,
"credentialMgmtPreview": true,
"plat": false,
"rk": true,
"up": true
},
"pinUvAuthProtocols": [
2,
1
],
"transports": [
"usb",
"lightning"
],
"versions": [
"U2F_V2",
"FIDO_2_0",
"FIDO_2_1_PRE"
]
},
"authenticatorVersion": 50200,
"cryptoStrength": 128,
"description": "YubiKey Series 5Ci",
"keyProtection": [
"hardware",
"secure_element"
],
"legalHeader":
"https://fidoalliance.org/metadata/metadata-statement-legal-header/",
"matcherProtection": [
"on_chip"
],
"protocolFamily": "fido2",
"publicKeyAlgAndEncodings": [
"cose"
],
"schema": 3,
"tcDisplay": [],
"upv": [
{
"major": 1,
"minor: 0
}
],
"userVerificationDetails": [
[
{
"userVerificationMethod": "presence_internal"
},
{
"caDesc": {
"base": 64,
"blockSlowdown": 0,
"maxRetries": 8,
"minLength": 4
},
"userVerificationMethod": "passcode_internal"
},
{
"userVerificationMethod": "none"
}
]
]
},
"statusReports": [
{
"certificateNumber": "FIDO20020191017003",
"certificationDescriptor": "YubiKey 5Ci",
"certificationPolicyVersion": "1.1.1",
"certificationRequirementsVersion": "1.3",
"effectiveDate": "2020-05-12",
"status": "FIDO_CERTIFIED_L1"
}
],
"timeOfLastStatusChange": "2020-05-12"
}
],
"nextUpdate": "2021-08-01",
"no": 5
}