webauthn Unsupported format self attestation on Macbook

Unsupported format self attestation on Macbook

Open kayrules opened this issue 5 years ago • 3 comments

Hi,

This issue was previously submitted on webauthn-demo repo. i think it is more relevant to be issued here

When trying this demo via touch id on macbook, I got this error:

Failed to register: Error: Bad Request

Debugging on registration.go: line 128 showing:

unsupported format self attestation

I believe it requires packed + self (surrogate) attestation for this. There's article for the implementation by Ackermann Yuriy here

May 05 '19 01:05 kayrules

@koesie10 any news?

Aug 26 '19 09:08 RubaXa

Sorry about the lack of response. I've added packed self attestation, but I'm unfortunately not able to test it. If you are still interested, could you test whether it works correctly?

Feb 26 '20 15:02 koesie10

Hey thanks for adding this. When I tried testing I get the following error running on Macos 10.14.6

goroutine 35 [running]:
net/http.(*conn).serve.func1(0xc0003760a0)
	/usr/local/opt/go/libexec/src/net/http/server.go:1769 +0x139
panic(0x18051a0, 0xc000322f00)
	/usr/local/opt/go/libexec/src/runtime/panic.go:522 +0x1b5
reflect.Value.Elem(0x17ae3c0, 0xc000322ee0, 0x97, 0xc000322ee0, 0x20, 0x18)
	/usr/local/opt/go/libexec/src/reflect/value.go:806 +0x1c8
encoding/asn1.UnmarshalWithParams(0xc0003ea000, 0x47, 0x47, 0x17ae3c0, 0xc000322ee0, 0x0, 0x0, 0x1c0, 0x1e376c0819a4c116, 0x34b0bcb52748774c, ...)
	/usr/local/opt/go/libexec/src/encoding/asn1/asn1.go:1060 +0xc1
encoding/asn1.Unmarshal(...)
	/usr/local/opt/go/libexec/src/encoding/asn1/asn1.go:1054
github.com/koesie10/webauthn/attestation/packed.verifySelf(0xc00032a748, 0x6, 0xc0003da1c0, 0x20, 0xdf, 0x5e5fd7b500000045, 0xc0003da1e5, 0x10, 0xba, 0xc0003da1f7, ...)
	/Users/colin.seale/go/src/github.com/koesie10/webauthn/attestation/packed/packed.go:153 +0x312
github.com/koesie10/webauthn/attestation/packed.verifyPacked(0xc00032a748, 0x6, 0xc0003da1c0, 0x20, 0xdf, 0x5e5fd7b500000045, 0xc0003da1e5, 0x10, 0xba, 0xc0003da1f7, ...)
	/Users/colin.seale/go/src/github.com/koesie10/webauthn/attestation/packed/packed.go:54 +0x2ee
github.com/koesie10/webauthn/protocol.Attestation.IsValid(0xc00032a748, 0x6, 0xc0003da1c0, 0x20, 0xdf, 0x5e5fd7b500000045, 0xc0003da1e5, 0x10, 0xba, 0xc0003da1f7, ...)
	/Users/colin.seale/go/src/github.com/koesie10/webauthn/protocol/attestation.go:147 +0x136
github.com/koesie10/webauthn/protocol.IsValidAttestation(0xc000388080, 0x7a, 0xc0003261e0, 0x5b, 0x5d, 0xc00032a380, 0xa, 0xc00032a720, 0xf, 0xc000384510, ...)
	/Users/colin.seale/go/src/github.com/koesie10/webauthn/protocol/attestation.go:114 +0x197
github.com/koesie10/webauthn/webauthn.(*WebAuthn).ParseAndFinishRegistration(0xc0000105b8, 0xc000388080, 0x7a, 0xc0003261e0, 0x5b, 0x5d, 0xc00032a380, 0xa, 0xc000388100, 0x75, ...)
	/Users/colin.seale/go/src/github.com/koesie10/webauthn/webauthn/registration.go:148 +0x694
github.com/koesie10/webauthn/webauthn.(*WebAuthn).FinishRegistration(0xc0000105b8, 0xc00022aa00, 0x6269170, 0xc0002fd710, 0x1a59e00, 0xc0003140f0, 0x1a59e80, 0xc000322140, 0x10143cf, 0xc000078500)
	/Users/colin.seale/go/src/github.com/koesie10/webauthn/webauthn/registration.go:200 +0x383
crypto-bot/slackserver.(*SlackServer).FinishRegistration(0xc000124900, 0x6269170, 0xc0002fd710, 0xc00022aa00)
	/Users/colin.seale/go/src/crypto-bot/slackserver/webauthn.go:210 +0x14a
net/http.HandlerFunc.ServeHTTP(0xc000174c60, 0x6269170, 0xc0002fd710, 0xc00022aa00)
	/usr/local/opt/go/libexec/src/net/http/server.go:1995 +0x44
crypto-bot/vendor/github.com/gorilla/handlers.(*cors).ServeHTTP(0xc0002f8d80, 0x6269170, 0xc0002fd710, 0xc00022aa00)
	/Users/colin.seale/go/src/crypto-bot/vendor/github.com/gorilla/handlers/cors.go:54 +0x108a
crypto-bot/slackserver.(*SlackServer).slackSignatureMiddleware.func1(0x6269170, 0xc0002fd710, 0xc00022aa00)
	/Users/colin.seale/go/src/crypto-bot/slackserver/middleware.go:34 +0xecb
net/http.HandlerFunc.ServeHTTP(0xc00036f320, 0x6269170, 0xc0002fd710, 0xc00022aa00)
	/usr/local/opt/go/libexec/src/net/http/server.go:1995 +0x44
crypto-bot/vendor/github.com/gorilla/mux.(*Router).ServeHTTP(0xc000168240, 0x6269170, 0xc0002fd710, 0xc00022a800)
	/Users/colin.seale/go/src/crypto-bot/vendor/github.com/gorilla/mux/mux.go:212 +0xe3
crypto-bot/vendor/github.com/gorilla/handlers.loggingHandler.ServeHTTP(0x1a4a120, 0xc0000c2000, 0x1a48d00, 0xc000168240, 0x19453e8, 0x1a59d00, 0xc0001d81c0, 0xc00022a800)
	/Users/colin.seale/go/src/crypto-bot/vendor/github.com/gorilla/handlers/logging.go:45 +0x242
net/http.serverHandler.ServeHTTP(0xc000173110, 0x1a59d00, 0xc0001d81c0, 0xc00022a800)
	/usr/local/opt/go/libexec/src/net/http/server.go:2774 +0xa8
net/http.(*conn).serve(0xc0003760a0, 0x1a5c100, 0xc000372ac0)
	/usr/local/opt/go/libexec/src/net/http/server.go:1878 +0x851
created by net/http.(*Server).Serve
	/usr/local/opt/go/libexec/src/net/http/server.go:2884 +0x2f4

Mar 04 '20 16:03 ceseale

webauthn webauthn copied to clipboard

Unsupported format self attestation on Macbook

webauthn
webauthn copied to clipboard