Hello! In exploring Windows Hello with WebAuthn I find myself stuck at the verification procedure for the TPM attestation statement. The spec tells me to verify members of certInfo and pubArea but from reading I'm not entirely certain how to perform the correct decode on the bytes provided. The TPM spec linked is pretty difficult to parse and wasn't helpful either in terms of helping me decode the data provided.
Assuming I haven't missed the correct instructions in the spec, is this something that could be added?
Hi! This looks like a duplicate of PR #966 and issues #929 and #950. We agree that the linked spec is not fun to read, but I think we're leaning toward that not duplicating instructions from it (and risking getting them wrong) seems like a lesser evil.
Cheers! I looked over the linked PR/issues and I don't know if they address the issue about how to go about decoding the certInfo and pubInfo? I did attempt to read the TPM spec but (afaict) the linked section describes the object shape and not how to go about decoding it in an RP-type situation.

pubArea

Courtesy of @apowers313 *)
Here's some sample code too:
https://github.com/apowers313/fido2-lib/blob/master/lib/attestations/tpm.js
Drop me a line if you need any help.
Closing this issue as we should not duplicate information
I don't think this should be closed; this isn't a duplicate issue and there isn't a good/understandable resource referenced in the spec about how to properly work with the attestation data provided.
I can see this easily leading to some confusion among RPs like me ;)
Most helpful comment
pubArea
