Remove assertion on signature length

U2F spec says signatures must be 71-73 bytes, but openssl is returning anywhere from 69-73 bytes and online services are accepting the shorter lengths. Varous documentation also indicates this form of signature uses variable length encoding and so is expected to vary more than the spec allows.
danstiner · Nov 3, 2017 · 270dd03 · 270dd03
1 parent 14e4df2
commit 270dd03
Showing 1 changed file with 0 additions and 4 deletions.
diff --git a/u2f-core/src/lib.rs b/u2f-core/src/lib.rs
@@ -1091,11 +1091,7 @@ impl CryptoOperations for SecureCryptoOperations {
         let pkey = PKey::from_ec_key(ec_key).unwrap();
         let mut signer = Signer::new(MessageDigest::sha256(), &pkey).unwrap();
         signer.update(data).unwrap();
-        // ASN.1 DSA signature
         let signature = signer.finish().unwrap();
-        // TODO can be 70 bytes, assert!(signature.len() >= 71);
-        assert!(signature.len() >= 70);
-        assert!(signature.len() <= 73);
         Ok(Box::new(RawSignature(signature)))
     }
 }