webauthn-open-source / fido2-server-demo Goto Github PK
View Code? Open in Web Editor NEWA set of FIDO2 / WebAuthn demo servers
A set of FIDO2 / WebAuthn demo servers
using chrome canary and yubico security key
tried to register new user, answered 'block' when prompted whether to share make & model of authnr, registration modal dialog remained up. just sat there. manually closed dialog.
subsequent login attempt says user 'foobar2' no exist.
chrome console log:
Register form submit.
webauthn-simple-app.js:329 SENDING: {"username":"foobar2"}
webauthn-simple-app.js:102 serverMsg {status: 200, response: {…}}
webauthn-simple-app.js:187 server response {challenge: "oToaP8Wv7J6GjZDZUI9Elq3gLa2bn56G1i9a+7BOFOLbnOzqaKhG7YH4t8TSHmgNhJrCy1Dm5C2x+gE4lhbBNw==", timeout: 60000, binaryEncoding: "base64", success: true}
webauthn-simple-app.js:426 base64_2ab
webauthn-simple-app.js:432 A1 3A 1A 3F C5 AF EC 9E 86 8D 90 D9 50 8F 44 96
webauthn-simple-app.js:432 AD E0 2D AD 9B 9F 9E 86 D6 2F 5A FB B0 4E 14 E2
webauthn-simple-app.js:432 DB 9C EC EA 68 A8 46 ED 81 F8 B7 C4 D2 1E 68 0D
webauthn-simple-app.js:432 84 9A C2 CB 50 E6 E4 2D B1 FA 01 38 96 16 C1 37
webauthn-simple-app.js:215 credentials.create options: {publicKey: {…}}
webauthn-simple-app.js:426 challenge
webauthn-simple-app.js:432 A1 3A 1A 3F C5 AF EC 9E 86 8D 90 D9 50 8F 44 96
webauthn-simple-app.js:432 AD E0 2D AD 9B 9F 9E 86 D6 2F 5A FB B0 4E 14 E2
webauthn-simple-app.js:432 DB 9C EC EA 68 A8 46 ED 81 F8 B7 C4 D2 1E 68 0D
webauthn-simple-app.js:432 84 9A C2 CB 50 E6 E4 2D B1 FA 01 38 96 16 C1 37
webauthn-simple-app.js:426 user.id
webauthn-simple-app.js:438 66 6F 6F 62 61 72 32
ux-events.js:78 caught user presence start!
webauthn-simple-app.js:138 REGISTER FAILED!
DOMException: The operation either timed out or was not allowed. See: https://w3c.github.io/webauthn/#sec-assertion-privacy.
ux-events.js:91 Caught Registration complete!
ux-events.js:92 e w.Event {originalEvent: CustomEvent, type: "webauthn-register-complete", isDefaultPrevented: ƒ, target: document, currentTarget: document, …}
ux-events.js:111 modal still visble
ux-events.js:48 Registration complete: undefined
ux-events.js:54 Login form submit.
webauthn-simple-app.js:329 SENDING: {"username":"foobar2"}
webauthn-simple-app.js:356 POST https://webauthn.org/webauthn/login/challenge 400 (Bad Request)
(anonymous) @ webauthn-simple-app.js:356
WebAuthnApp.send @ webauthn-simple-app.js:327
WebAuthnApp.getLoginChallenge @ webauthn-simple-app.js:293
WebAuthnApp.login @ webauthn-simple-app.js:147
(anonymous) @ ux-events.js:59
dispatch @ jquery-3.3.1.min.js:2
y.handle @ jquery-3.3.1.min.js:2
webauthn-simple-app.js:149 serverMsg {success: false, errorMsg: "login failed: Error: error finding user: foobar2"}
webauthn-simple-app.js:180 LOGIN FAILED!
Error: Server responded with status: login failed: Error: error finding user: foobar2
at webauthn-simple-app.js:151
ux-events.js:91 Caught Login complete!
ux-events.js:92 e CustomEvent {isTrusted: false, detail: {…}, type: "webauthn-login-complete", target: document, currentTarget: document, …}
ux-events.js:117 hiding...
ux-events.js:61 Login complete: undefined
Hello,
errror when i run command "npm start"
how i can solve them?
thank you
ERROR: TypeError: process.getuid is not a function
at path_to_lib\fido2-server-demo\node_modules\simple-component-manager\lib\component-director.js:206:25
at new Promise ()
at ComponentDirector.installComponents ( path_to_lib\fido2-server-demo\node_modules\simple-component-manager\lib\component-director.js:187:16)
at Function.start ( path_to_lib\fido2-server-demo\node_modules\simple-component-manager\lib\component-director.js:49:22)
at processTicksAndRejections (internal/process/task_queues.js:97:5)
(node:15180) UnhandledPromiseRejectionWarning: TypeError: process.getuid is not a function
at path_to_lib\fido2-server-demo\node_modules\simple-component-manager\lib\component-director.js:206:25
at new Promise ()
at ComponentDirector.installComponents ( path_to_lib\fido2-server-demo\node_modules\simple-component-manager\lib\component-director.js:187:16)
at Function.start ( path_to_lib\fido2-server-demo\node_modules\simple-component-manager\lib\component-director.js:49:22)
at processTicksAndRejections (internal/process/task_queues.js:97:5)
(node:15180) UnhandledPromiseRejectionWarning: Unhandled promise rejection. This error originated either by throwing inside of an async function without a catch block, or by rejecting a promise which was not handled with .catch(). To terminate the node process on unhandled promise rejection, use the CLI flag --unhandled-rejections=strict
(see https://nodejs.org/api/cli.html#cli_unhandled_rejections_mode). (rejection id: 2)
(node:15180) [DEP0018] DeprecationWarning: Unhandled promise rejections are deprecated. In the future, promise rejections that are not handled will terminate the Node.js process with a non-zero exit code.
Current certificate installed on https://webauthn.org expired today:
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:7e:a8:63:78:35:32:23:42:33:26:9a:30:52:94:c8:11:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, O=Let's Encrypt, CN=Let's Encrypt Authority X3
Validity
Not Before: Apr 10 05:46:52 2018 GMT
Not After : Jul 9 05:46:52 2018 GMT
Subject: CN=webauthn.org
Hi,
I tried to register with an self made U2F token and got the following error:
Error: registration failed: expected U2F attestation certificate to be x.509v3
Registration error: Error: registration failed: expected U2F attestation certificate to be x.509v3
First I thought it was an issue with the device and I opened an issue here. Then after reading the FIDO2 specifications I think it is not necessary to provide a x.509v3 attestation certificate.
Other demo sites are working fine:
yubico.com
webauthn.io
Here the full output of the debug terminal:
WEBAUTHN DEBUG TERMINAL
-----------------------
REGISTER START:
Sending Message to Server:
>>>>>>>>>>>>>>>>
{"username":"test1234","displayName":"test1234"}
>>>>>>>>>>>>>>>>
Received Message from Server:
<<<<<<<< [ STATUS 200 ] <<<<<<<<
{"status":"ok","errorMessage":"","rp":{"name":"WebAuthn.org"},"user":{"name":"test1234","id":"JVBq7f5oIwpbrRU0bTxvlg","displayName":"test1234"},"challenge":"h8vscUKHr-QQvln7YaEoeIe691IuIFbgyLlWeEsA_FewJ-iLc0tuq81pPvIJtxFEgiG7daloLN4LJ-rV8BWK9A","pubKeyCredParams":[{"type":"public-key","alg":-7},{"type":"public-key","alg":-257}],"timeout":60000,"attestation":"direct"}
<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
WebAuthn navigator.credentials.create() options:
[CreateOptions] {
rp: {
name: "WebAuthn.org",
},
user: {
name: "test1234",
id: [ArrayBuffer] (16 bytes)
25 50 6A ED FE 68 23 0A 5B AD 15 34 6D 3C 6F 96,
displayName: "test1234",
},
challenge: [ArrayBuffer] (64 bytes)
87 CB EC 71 42 87 AF E4 10 BE 59 FB 61 A1 28 78
87 BA F7 52 2E 20 56 E0 C8 B9 56 78 4B 00 FC 57
B0 27 E8 8B 73 4B 6E AB CD 69 3E F2 09 B7 11 44
82 21 BB 75 A9 68 2C DE 0B 27 EA D5 F0 15 8A F4,
pubKeyCredParams: [
{
type: "public-key",
alg: -7,
},
{
type: "public-key",
alg: -257,
},
],
timeout: 60000,
attestation: "direct",
}
WAITING FOR USER PRESENCE...
USER PRESENCE DONE.
WebAuthn navigator.credentials.create() result:
[CredentialAttestation] {
rawId: [ArrayBuffer] (64 bytes)
D5 12 7C 54 27 26 82 E9 1F 56 6E 74 F9 97 52 1B
5A A7 DF 7C B2 D7 03 2E 68 60 B3 08 D8 26 4E 23
77 6C 2B D8 60 91 BB 15 13 DF 0F 38 8E 21 68 47
7F 51 3E 8F F2 BB 17 48 DC D8 1C 1C 7F BA 0F A2,
id: [ArrayBuffer] (64 bytes)
D5 12 7C 54 27 26 82 E9 1F 56 6E 74 F9 97 52 1B
5A A7 DF 7C B2 D7 03 2E 68 60 B3 08 D8 26 4E 23
77 6C 2B D8 60 91 BB 15 13 DF 0F 38 8E 21 68 47
7F 51 3E 8F F2 BB 17 48 DC D8 1C 1C 7F BA 0F A2,
response: {
clientDataJSON: [ArrayBuffer] (159 bytes)
7B 22 63 68 61 6C 6C 65 6E 67 65 22 3A 22 68 38
76 73 63 55 4B 48 72 2D 51 51 76 6C 6E 37 59 61
45 6F 65 49 65 36 39 31 49 75 49 46 62 67 79 4C
6C 57 65 45 73 41 5F 46 65 77 4A 2D 69 4C 63 30
74 75 71 38 31 70 50 76 49 4A 74 78 46 45 67 69
47 37 64 61 6C 6F 4C 4E 34 4C 4A 2D 72 56 38 42
57 4B 39 41 22 2C 22 6F 72 69 67 69 6E 22 3A 22
68 74 74 70 73 3A 2F 2F 77 65 62 61 75 74 68 6E
2E 6F 72 67 22 2C 22 74 79 70 65 22 3A 22 77 65
62 61 75 74 68 6E 2E 63 72 65 61 74 65 22 7D,
attestationObject: [ArrayBuffer] (611 bytes)
A3 63 66 6D 74 68 66 69 64 6F 2D 75 32 66 67 61
74 74 53 74 6D 74 A2 63 73 69 67 58 48 30 46 02
21 00 C8 27 7D 02 24 F1 66 FF D9 23 54 86 A1 23
63 38 91 82 E0 DD 38 FE F2 51 F9 FF 3C 46 51 41
7A 91 02 21 00 F3 39 29 7F DD 25 B9 A5 2C EC AF
0E 22 DF 32 1D 77 6A 13 E8 A5 5A F6 C0 DB 41 1C
D0 04 F4 D4 7C 63 78 35 63 81 59 01 27 30 82 01
23 30 81 C9 02 14 6C F9 0C 9E 22 BD DF 03 66 B5
B9 63 29 EC 86 CF 80 D2 13 50 30 0A 06 08 2A 86
48 CE 3D 04 03 02 30 14 31 12 30 10 06 03 55 04
03 0C 09 55 32 46 20 54 6F 6B 65 6E 30 1E 17 0D
31 39 30 33 30 37 32 30 31 32 32 39 5A 17 0D 32
39 30 33 30 34 32 30 31 32 32 39 5A 30 14 31 12
30 10 06 03 55 04 03 0C 09 55 32 46 20 54 6F 6B
65 6E 30 59 30 13 06 07 2A 86 48 CE 3D 02 01 06
08 2A 86 48 CE 3D 03 01 07 03 42 00 04 E4 EA 69
5E A7 36 D6 EC FF F9 9B 2B B1 F0 39 91 CB 11 97
29 5B E4 30 08 28 DA 17 FF CC F4 D0 5B 05 93 82
1A 1E 2F 57 30 9A 2A C1 56 37 0D 6A 95 BE 62 39
55 3A 7A C7 55 FB F9 B5 5D 2A B8 AA 87 30 0A 06
08 2A 86 48 CE 3D 04 03 02 03 49 00 30 46 02 21
00 CD EA 3B 6D 2E 03 78 A1 2A E4 B2 B2 F7 4C 50
2E B4 86 CC A3 6B 8E 10 2B 64 8A 84 4D 4E E9 FD
89 02 21 00 94 B7 20 3E E7 EB 5C D8 7F 74 E5 35
20 A4 F0 45 0D 87 93 F6 3F CE 8F CD 88 10 E6 45
C7 B0 76 EB 68 61 75 74 68 44 61 74 61 58 C4 95
69 08 8F 1E CE E3 23 29 54 03 5D BD 10 D7 CA E3
91 30 5A 27 51 B5 59 BB 8F D7 CB B2 29 BD D4 41
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 40 D5 12 7C 54 27 26 82 E9 1F 56
6E 74 F9 97 52 1B 5A A7 DF 7C B2 D7 03 2E 68 60
B3 08 D8 26 4E 23 77 6C 2B D8 60 91 BB 15 13 DF
0F 38 8E 21 68 47 7F 51 3E 8F F2 BB 17 48 DC D8
1C 1C 7F BA 0F A2 A5 01 02 03 26 20 01 21 58 20
32 F4 4C 31 A2 AC 13 A5 68 6D 00 3A 29 8C 02 19
AD 65 B8 2F 74 CB B9 FE 2D 4D BE 3C 1C 3D 71 0E
22 58 20 D1 C8 23 59 24 FD DA D0 8C 32 32 75 49
F3 F4 7E 51 C0 17 CD 74 7D B5 2E CB 44 6A F7 FD
AF 04 64,
},
}
Sending Message to Server:
>>>>>>>>>>>>>>>>
{"rawId":"1RJ8VCcmgukfVm50-ZdSG1qn33yy1wMuaGCzCNgmTiN3bCvYYJG7FRPfDziOIWhHf1E-j_K7F0jc2Bwcf7oPog","id":"1RJ8VCcmgukfVm50-ZdSG1qn33yy1wMuaGCzCNgmTiN3bCvYYJG7FRPfDziOIWhHf1E-j_K7F0jc2Bwcf7oPog","response":{"clientDataJSON":"eyJjaGFsbGVuZ2UiOiJoOHZzY1VLSHItUVF2bG43WWFFb2VJZTY5MUl1SUZiZ3lMbFdlRXNBX0Zld0otaUxjMHR1cTgxcFB2SUp0eEZFZ2lHN2RhbG9MTjRMSi1yVjhCV0s5QSIsIm9yaWdpbiI6Imh0dHBzOi8vd2ViYXV0aG4ub3JnIiwidHlwZSI6IndlYmF1dGhuLmNyZWF0ZSJ9","attestationObject":"o2NmbXRoZmlkby11MmZnYXR0U3RtdKJjc2lnWEgwRgIhAMgnfQIk8Wb_2SNUhqEjYziRguDdOP7yUfn_PEZRQXqRAiEA8zkpf90luaUs7K8OIt8yHXdqE-ilWvbA20Ec0AT01HxjeDVjgVkBJzCCASMwgckCFGz5DJ4ivd8DZrW5Yynshs-A0hNQMAoGCCqGSM49BAMCMBQxEjAQBgNVBAMMCVUyRiBUb2tlbjAeFw0xOTAzMDcyMDEyMjlaFw0yOTAzMDQyMDEyMjlaMBQxEjAQBgNVBAMMCVUyRiBUb2tlbjBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABOTqaV6nNtbs__mbK7HwOZHLEZcpW-QwCCjaF__M9NBbBZOCGh4vVzCaKsFWNw1qlb5iOVU6esdV-_m1XSq4qocwCgYIKoZIzj0EAwIDSQAwRgIhAM3qO20uA3ihKuSysvdMUC60hsyja44QK2SKhE1O6f2JAiEAlLcgPufrXNh_dOU1IKTwRQ2Hk_Y_zo_NiBDmRcewdutoYXV0aERhdGFYxJVpCI8ezuMjKVQDXb0Q18rjkTBaJ1G1WbuP18uyKb3UQQAAAAAAAAAAAAAAAAAAAAAAAAAAAEDVEnxUJyaC6R9WbnT5l1IbWqfffLLXAy5oYLMI2CZOI3dsK9hgkbsVE98POI4haEd_UT6P8rsXSNzYHBx_ug-ipQECAyYgASFYIDL0TDGirBOlaG0AOimMAhmtZbgvdMu5_i1NvjwcPXEOIlgg0cgjWST92tCMMjJ1SfP0flHAF810fbUuy0Rq9_2vBGQ"}}
>>>>>>>>>>>>>>>>
Received Message from Server:
<<<<<<<< [ STATUS 400 ] <<<<<<<<
{"status":"failed","errorMessage":"registration failed: expected U2F attestation certificate to be x.509v3"}
<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
Error: registration failed: expected U2F attestation certificate to be x.509v3
Registration error: Error: registration failed: expected U2F attestation certificate to be x.509v3
REGISTER DONE.
Hi, I am testing the WebAuthn registration at https://webauthn.org/ from various OS / browser combinations. On Ubuntu 18.04, I was successful using Firefox 60.0.2, but not using the latest Chromium Stable 67.0.3396.62, which is also supposed to support WebAuthn. The website doesn't return any error on loading, and also when pressing the "Register" button. The "Perform User Verification" dialog pops up, but the key never flashes to indicate a request, and the verification eventually times out (at ux-events.js:42). The browser does not indicate any special action to take. I tried switching the Web Authentication API flags in Chromium, but no effect.
I honestly don't know where to put this bug report: Firefox, Chrome, here, or Yubikey. So I hope if this isn't your problem you can quickly recognize and close.
First, I have a Yubikey Neo. On Firefox, I plug in the key into the USB slot, and create register a new username. The operation stalls (for roughly a minutes) with the following message:
and then fails with a timeout. The WebAuthn log is provided below:
ebAuthn Debug Terminal
-----------------------
Register start:
Sending Message to Server:
>>>>>>>>>>>>>>>>
{"username":"yoyoyo846","displayName":"yoyoyo846"}
>>>>>>>>>>>>>>>>
Received Message from Server:
<<<<<<<< [ STATUS 200 ] <<<<<<<<
{"status":"ok","errorMessage":"","rp":{"name":"WebAuthn.org"},"user":{"name":"yoyoyo846","id":"w1FAXXWTlCQ02PctWidDyg","displayName":"yoyoyo846"},"challenge":"LqvpXReK7-V3PX98zX4ZhHqQC6Q2_qq-KTNv35afLjbMAygH966v-Abb7BFotX9JNZmFX67nCs8vatdV73Jdbw","pubKeyCredParams":[{"type":"public-key","alg":-7},{"type":"public-key","alg":-257}],"timeout":60000,"attestation":"direct"}
<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
WebAuthn navigator.credentials.create() options:
[CreateOptions] {
rp: {
name: "WebAuthn.org",
},
user: {
name: "yoyoyo846",
id: [ArrayBuffer] (16 bytes)
C3 51 40 5D 75 93 94 24 34 D8 F7 2D 5A 27 43 CA,
displayName: "yoyoyo846",
},
challenge: [ArrayBuffer] (64 bytes)
2E AB E9 5D 17 8A EF E5 77 3D 7F 7C CD 7E 19 84
7A 90 0B A4 36 FE AA BE 29 33 6F DF 96 9F 2E 36
CC 03 28 07 F7 AE AF F8 06 DB EC 11 68 B5 7F 49
35 99 85 5F AE E7 0A CF 2F 6A D7 55 EF 72 5D 6F,
pubKeyCredParams: [
{
type: "public-key",
alg: -7,
},
{
type: "public-key",
alg: -257,
},
],
timeout: 60000,
attestation: "direct",
}
Waiting for user presence...
User presence done.
AbortError: The operation was aborted.
Registration error: AbortError: The operation was aborted.
Register done.
I suspected that this is a bug against Firefox, but I get the same exact message on Chrome. However, I got Chrome to go through successfully once, but it took a long time. Maybe the timeout is too low?
Other things to note: The pop up message says "If you have a U2F token, it should be flashing now. " It was indeed flashing. The Firefox flag security.webauth.u2f
was set to true, per the Yubikey docs. OS: MacOS Mojave 10.14. Firefox version: 62.0.3, Chrome version: 69.0.3491.100.
..perhaps they should not be.
also, may want to enforce PRECIS https://tools.ietf.org/html/rfc8265 UsernameCasePreserved Profile on username string before storing it, and then enforce UsernameCaseMapped Profile on presented (what user types in) and reference (what u have stored) strings when comparing.
Expired: Sunday, June 16, 2019 at 09:45:01 Eastern Daylight Time
Using my FIDO U2F token, I get this error when trying to register. Both on Chrome and Firefox on Ubuntu 18 LTS / Gnome:
Failed!
Error: registration failed: clientData origin did not match expected origin
after my token flashes and I press the button.
(Using this token: https://www.key-id.com/key-id-secure-online-accounts/)
Registration and login with the same token on https://webauthn.io on the other hand works fine.
When I open the webpage I get the error message:
"This server could not prove that it is webauthn.org; its security certificate expired 5 days ago."
Details of the certificate:
Issued On Monday, September 17, 2018 at 8:46:24 PM
Expires On Sunday, December 16, 2018 at 7:46:24 PM
cool dudes love issues
Hello, I had met some problems.
the following enviroments of my app are:
I had changed the scm-config.json
from 8443 to 9898
, and I configured proxy_pass to
redirect https://auth.abc.cn
to https://127.0.0.1:9898
, because the port 443
is used by httpd.
As expected, it will work fine, but it failed.
When I regist, it will log HTTP 400: registration failed: clientData origin did not match expected origin
.
I had added some logs to print variables origin
and expectedOrigin
.
origin: https://auth.abc.cn
expected Origin: https://auth.abc.cn:9898
Now I only have to comment the judge sentences and it will work file.
/xx/node_modules/component-fido2/node_modules/fido2-lib/lib/validator.js
:
if (origin !== expectedOrigin) {
// throw new Error("clientData origin did not match expected origin");
}
Here is my scm-config.json
:
// scm-config
//
// this is a JSON file that allows JavaScript-style comments
{
// setuid and setgid are only required if running with sudo
// you can delete these lines and run without sudo if your http/https ports don't require special privledges
// "setuid": 1,
// "setgid": 1,
"components": [
{
"name": "http",
"type": "generic",
"package": "component-web",
"pre-config": [
{
"set-port": 8888
}
],
"post-config": [
{
"set-redirect": {
"destProtocol": "https",
"destPort": 9898,
"destTemporary": false
}
}
]
},
{
"name": "https",
"type": "generic",
"package": "component-web",
"pre-config": [
{
"set-port": 9898,
"set-https": true,
"set-domain": "localhost",
"set-body-parser": "json",
"set-enable-session": true
},
{
// demo UI for WebAuthn
"add-static": {
"path": "/",
"dir": "webauthn-yubiclone"
}
},
{
// serve up swagger UI
"add-static": {
"path": "/swagger",
"dir": "fido2-swagger"
}
}
]
},
{
"name": "cert-manager",
"type": "generic",
"package": "component-certs-static",
"pre-config": [
{
"set-cert-file": "data/node_modules/component-certs-static/test/helpers/certs/cert.pem",
"set-key-file": "data/node_modules/component-certs-static/test/helpers/certs/key.pem"
}
]
},
{
"name": "fido2",
"type": "generic",
"package": "/Users/apowers/Projects/fido2-stack/component-fido2",
"pre-config": [
{
"enable-dangerous-open-registration": true,
"enable-dangerous-xmit-debug-info": true,
"set-service-name": "WebAuthn.org"
}
]
},
{
"name": "uds",
"type": "generic",
"package": "/Users/apowers/Projects/components/component-uds-json"
},
{
"name": "logger",
"type": "logger",
"package": "component-logger-winston",
"pre-config": [
{
"set-level": "silly",
"add-transport": [
{
// log to the screen...
"type": "console",
"colorize": true
},
{
// ...and log to a file
// see winston's npm page for more transport configuration options
"type": "file",
"filename": "scm.log"
}
]
}
]
}
]
}
Here is my httpd configuration:
<VirtualHost *:443>
ServerName auth.abc.cn
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/auth.abc.cn/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/auth.abc.cn/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/auth.abc.cn/chain.pem
ProxyPreserveHost On
ProxyRequests off
SSLProxyEngine on
SSLProxyVerify none
SSLProxyCheckPeerName off
SSLProxyCheckPeerCN off
SSLProxyCheckPeerExpire off
ProxyPass / https://127.0.0.1:9898/
ProxyPassReverse / https://127.0.0.1:9898/
</VirtualHost>
How can I fix this problem? Thank you!
Can someone confirm that this is the site's error? Because after base64 decoding the raw byte string of userHandle, the result is only 15 bytes, but the userHandle is actually 16 bytes. The user name is: yulun_test_1.
USER PRESENCE DONE.
WebAuthn navigator.credentials.get() result:
[CredentialAssertion] {
rawId: [ArrayBuffer] (64 bytes)
39 35 36 39 30 38 38 66 31 65 63 65 65 33 32 33
32 39 35 34 30 33 35 64 62 64 31 30 64 37 63 61
36 62 37 34 64 30 64 61 30 31 33 66 65 62 66 35
38 38 34 64 62 66 32 36 35 36 61 32 62 33 37 34,
id: [ArrayBuffer] (64 bytes)
39 35 36 39 30 38 38 66 31 65 63 65 65 33 32 33
32 39 35 34 30 33 35 64 62 64 31 30 64 37 63 61
36 62 37 34 64 30 64 61 30 31 33 66 65 62 66 35
38 38 34 64 62 66 32 36 35 36 61 32 62 33 37 34,
response: {
clientDataJSON: [ArrayBuffer] (156 bytes)
7B 22 63 68 61 6C 6C 65 6E 67 65 22 3A 22 71 59
7A 52 36 72 47 58 37 55 59 49 54 52 34 6F 39 73
59 49 61 76 69 4E 79 68 39 61 67 49 73 75 49 45
74 66 4E 37 4F 75 33 35 76 58 38 55 4A 32 4B 64
77 6D 47 69 35 37 49 6B 65 79 4B 55 64 48 41 30
4D 37 71 41 73 73 4B 35 4D 49 6A 49 62 72 78 7A
4D 49 62 51 22 2C 22 6F 72 69 67 69 6E 22 3A 22
68 74 74 70 73 3A 2F 2F 77 65 62 61 75 74 68 6E
2E 6F 72 67 22 2C 22 74 79 70 65 22 3A 22 77 65
62 61 75 74 68 6E 2E 67 65 74 22 7D,
authenticatorData: [ArrayBuffer] (37 bytes)
95 69 08 8F 1E CE E3 23 29 54 03 5D BD 10 D7 CA
E3 91 30 5A 27 51 B5 59 BB 8F D7 CB B2 29 BD D4
05 00 00 00 01,
signature: [ArrayBuffer] (71 bytes)
30 45 02 21 00 84 64 9C FC 5B 51 13 07 C1 F0 5E
F0 19 57 B5 6D 13 11 93 AD DE 78 8E 37 B7 02 BA
4F B3 BE 3D 88 02 20 11 05 C6 B5 D8 8C 85 1D F1
FC 09 5C E6 00 57 66 BF 34 FD 32 AF 6A 8D 11 FA
AC 7E 8B 3D 62 56 C4,
userHandle: [ArrayBuffer] (16 bytes)
FF B1 1B B9 68 3D DA 5E B6 91 85 F7 2F 61 13 F6,
},
}
Sending Message to Server:
>>>>>>>>>>>>>>>>
{"rawId":"OTU2OTA4OGYxZWNlZTMyMzI5NTQwMzVkYmQxMGQ3Y2E2Yjc0ZDBkYTAxM2ZlYmY1ODg0ZGJmMjY1NmEyYjM3NA","id":"OTU2OTA4OGYxZWNlZTMyMzI5NTQwMzVkYmQxMGQ3Y2E2Yjc0ZDBkYTAxM2ZlYmY1ODg0ZGJmMjY1NmEyYjM3NA","response":{"clientDataJSON":"eyJjaGFsbGVuZ2UiOiJxWXpSNnJHWDdVWUlUUjRvOXNZSWF2aU55aDlhZ0lzdUlFdGZON091MzV2WDhVSjJLZHdtR2k1N0lrZXlLVWRIQTBNN3FBc3NLNU1Jaklicnh6TUliUSIsIm9yaWdpbiI6Imh0dHBzOi8vd2ViYXV0aG4ub3JnIiwidHlwZSI6IndlYmF1dGhuLmdldCJ9","authenticatorData":"lWkIjx7O4yMpVANdvRDXyuORMFonUbVZu4_Xy7IpvdQFAAAAAQ","signature":"MEUCIQCEZJz8W1ETB8HwXvAZV7VtExGTrd54jje3ArpPs749iAIgEQXGtdiMhR3x_Alc5gBXZr80_TKvao0R-qx-iz1iVsQ","userHandle":"_7EbuWg92l62kYX3L2ET9g"}}
>>>>>>>>>>>>>>>>
Received Message from Server:
<<<<<<<< [ STATUS 400 ] <<<<<<<<
{"status":"failed","errorMessage":"login failed: unable to validate userHandle"}
<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
Error: login failed: unable to validate userHandle
Login error: Error: login failed: unable to validate userHandle
LOGIN DONE.```
Doesn't with fingerprint.
Error: registration failed: no support for attestation format: android-safetynet
Registration error: Error: registration failed: no support for attestation format: android-safetynet
MDS component that fetches TOC and all metadata statements and feeds them into the fido2-lib MDS API.
Moved from w3c/webauthn#1169:
Today I tried to use the Webauthn.org site to register an account using the latest version of chrome from my 2016 macbook pro (first one with the touchbar). I chose the option to use my fingerprint sensor. The touchbar gave me a status message to use the fingerprint sensor but when I do, Chrome pops up a messaage asking for permission to share my usb security key make and type with webauthn. Regardless of whether or not I permit this the registration fails with the message in the subject line of this post.
In case it helps, I'm running Mac OS Mojave 10.14.3
Hello, just tried https://webauthn.org/ on MacBookPro 2018 Mojave with Chrome 70.0.3538.102 and got the following error:
WEBAUTHN DEBUG TERMINAL
-----------------------
REGISTER START:
Sending Message to Server:
>>>>>>>>>>>>>>>>
{"username":"tutu","displayName":"tutu"}
>>>>>>>>>>>>>>>>
Received Message from Server:
<<<<<<<< [ STATUS 200 ] <<<<<<<<
{"status":"ok","errorMessage":"","rp":{"name":"WebAuthn.org"},"user":{"name":"tutu","id":"pa2Xu7Vw-UB9zqaCozFVPA","displayName":"tutu"},"challenge":"a_tyDU67zG2yLOa9FjG-wZUjacoCItfdoHQHxWMs3sFzFSZ3obybQ2FLq-0WygsUNS7GNHcVB97fM6bsaZ1LFg","pubKeyCredParams":[{"type":"public-key","alg":-7},{"type":"public-key","alg":-257}],"timeout":60000,"attestation":"direct"}
<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
WebAuthn navigator.credentials.create() options:
[CreateOptions] {
rp: {
name: "WebAuthn.org",
},
user: {
name: "tutu",
id: [ArrayBuffer] (16 bytes)
A5 AD 97 BB B5 70 F9 40 7D CE A6 82 A3 31 55 3C,
displayName: "tutu",
},
challenge: [ArrayBuffer] (64 bytes)
6B FB 72 0D 4E BB CC 6D B2 2C E6 BD 16 31 BE C1
95 23 69 CA 02 22 D7 DD A0 74 07 C5 63 2C DE C1
73 15 26 77 A1 BC 9B 43 61 4B AB ED 16 CA 0B 14
35 2E C6 34 77 15 07 DE DF 33 A6 EC 69 9D 4B 16,
pubKeyCredParams: [
{
type: "public-key",
alg: -7,
},
{
type: "public-key",
alg: -257,
},
],
timeout: 60000,
attestation: "direct",
}
WAITING FOR USER PRESENCE...
USER PRESENCE DONE.
WebAuthn navigator.credentials.create() result:
[CredentialAttestation] {
rawId: [ArrayBuffer] (57 bytes)
00 02 E4 11 47 61 2C 28 B9 A4 CB 32 BC 29 82 D8
28 A0 D4 33 96 9D E8 D0 38 31 5D C0 53 08 88 5B
BC D0 AB B4 75 F0 F9 02 FD E7 78 51 3E 50 A3 DF
AF 67 D6 FC 59 BB 08 DC 01,
id: [ArrayBuffer] (57 bytes)
00 02 E4 11 47 61 2C 28 B9 A4 CB 32 BC 29 82 D8
28 A0 D4 33 96 9D E8 D0 38 31 5D C0 53 08 88 5B
BC D0 AB B4 75 F0 F9 02 FD E7 78 51 3E 50 A3 DF
AF 67 D6 FC 59 BB 08 DC 01,
response: {
clientDataJSON: [ArrayBuffer] (159 bytes)
7B 22 63 68 61 6C 6C 65 6E 67 65 22 3A 22 61 5F
74 79 44 55 36 37 7A 47 32 79 4C 4F 61 39 46 6A
47 2D 77 5A 55 6A 61 63 6F 43 49 74 66 64 6F 48
51 48 78 57 4D 73 33 73 46 7A 46 53 5A 33 6F 62
79 62 51 32 46 4C 71 2D 30 57 79 67 73 55 4E 53
37 47 4E 48 63 56 42 39 37 66 4D 36 62 73 61 5A
31 4C 46 67 22 2C 22 6F 72 69 67 69 6E 22 3A 22
68 74 74 70 73 3A 2F 2F 77 65 62 61 75 74 68 6E
2E 6F 72 67 22 2C 22 74 79 70 65 22 3A 22 77 65
62 61 75 74 68 6E 2E 63 72 65 61 74 65 22 7D,
attestationObject: [ArrayBuffer] (303 bytes)
A3 63 66 6D 74 66 70 61 63 6B 65 64 67 61 74 74
53 74 6D 74 A2 63 61 6C 67 26 63 73 69 67 58 47
30 45 02 20 30 AB DF DF 24 63 27 59 27 20 40 72
F1 94 71 76 FD E2 C8 FF 83 27 FF 9E CE BB 8F 39
D2 6D CF C9 02 21 00 F7 8A 4F 65 5C BE C6 E8 0A
AB 55 E2 E6 D3 DC 16 D6 F2 5B FB 47 38 C8 12 D2
D6 03 FC 75 DC C6 CD 68 61 75 74 68 44 61 74 61
58 BD 95 69 08 8F 1E CE E3 23 29 54 03 5D BD 10
D7 CA E3 91 30 5A 27 51 B5 59 BB 8F D7 CB B2 29
BD D4 45 5B EB F0 EA 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 39 00 02 E4 11 47 61 2C
28 B9 A4 CB 32 BC 29 82 D8 28 A0 D4 33 96 9D E8
D0 38 31 5D C0 53 08 88 5B BC D0 AB B4 75 F0 F9
02 FD E7 78 51 3E 50 A3 DF AF 67 D6 FC 59 BB 08
DC 01 A5 01 02 03 26 20 01 21 58 20 97 18 0C A6
FB 1D 16 39 FB 78 28 B1 2D FE B5 37 15 A7 5A E9
5D E3 18 A4 69 9C CE 0B 10 8D 71 1E 22 58 20 8F
B0 BB 36 73 44 35 83 D1 E3 4D 20 27 96 0E D2 4B
7C 53 60 2C B4 79 62 7E E3 BB 02 39 4F 85 77,
},
}
Sending Message to Server:
>>>>>>>>>>>>>>>>
{"rawId":"AALkEUdhLCi5pMsyvCmC2Cig1DOWnejQODFdwFMIiFu80Ku0dfD5Av3neFE-UKPfr2fW_Fm7CNwB","id":"AALkEUdhLCi5pMsyvCmC2Cig1DOWnejQODFdwFMIiFu80Ku0dfD5Av3neFE-UKPfr2fW_Fm7CNwB","response":{"clientDataJSON":"eyJjaGFsbGVuZ2UiOiJhX3R5RFU2N3pHMnlMT2E5RmpHLXdaVWphY29DSXRmZG9IUUh4V01zM3NGekZTWjNvYnliUTJGTHEtMFd5Z3NVTlM3R05IY1ZCOTdmTTZic2FaMUxGZyIsIm9yaWdpbiI6Imh0dHBzOi8vd2ViYXV0aG4ub3JnIiwidHlwZSI6IndlYmF1dGhuLmNyZWF0ZSJ9","attestationObject":"o2NmbXRmcGFja2VkZ2F0dFN0bXSiY2FsZyZjc2lnWEcwRQIgMKvf3yRjJ1knIEBy8ZRxdv3iyP-DJ_-ezruPOdJtz8kCIQD3ik9lXL7G6AqrVeLm09wW1vJb-0c4yBLS1gP8ddzGzWhhdXRoRGF0YVi9lWkIjx7O4yMpVANdvRDXyuORMFonUbVZu4_Xy7IpvdRFW-vw6gAAAAAAAAAAAAAAAAAAAAAAOQAC5BFHYSwouaTLMrwpgtgooNQzlp3o0DgxXcBTCIhbvNCrtHXw-QL953hRPlCj369n1vxZuwjcAaUBAgMmIAEhWCCXGAym-x0WOft4KLEt_rU3Fada6V3jGKRpnM4LEI1xHiJYII-wuzZzRDWD0eNNICeWDtJLfFNgLLR5Yn7juwI5T4V3"}}
>>>>>>>>>>>>>>>>
Received Message from Server:
<<<<<<<< [ STATUS 400 ] <<<<<<<<
{"status":"failed","errorMessage":"registration failed: packed attestation: self attestation not implemented, please open a GitHub issue."}
<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
Error: registration failed: packed attestation: self attestation not implemented, please open a GitHub issue.
Registration error: Error: registration failed: packed attestation: self attestation not implemented, please open a GitHub issue.
REGISTER DONE.
REGISTER START:
Sending Message to Server:
{"username":"ss","displayName":"ss"}
Received Message from Server:
<<<<<<<< [ STATUS 200 ] <<<<<<<<
{"status":"ok","errorMessage":"","rp":{"name":"WebAuthn.org"},"user":{"name":"ss","id":"ZJ2834Ncfgwt8XtTSsWFGw","displayName":"ss"},"challenge":"6HvBdEMvcTxH0IcZJF-6pU_eon1x1W7GDbZ9kBb-gpzbYn9y7ofRyKkUz7suOWvqDh9TXhUIuGQKG6tL4xXl0w","pubKeyCredParams":[{"type":"public-key","alg":-7},{"type":"public-key","alg":-257}],"timeout":60000,"attestation":"direct"}
<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
WebAuthn navigator.credentials.create() options:
[CreateOptions] {
rp: {
name: "WebAuthn.org",
},
user: {
name: "ss",
id: [ArrayBuffer] (16 bytes)
64 9D BC DF 83 5C 7E 0C 2D F1 7B 53 4A C5 85 1B,
displayName: "ss",
},
challenge: [ArrayBuffer] (64 bytes)
E8 7B C1 74 43 2F 71 3C 47 D0 87 19 24 5F BA A5
4F DE A2 7D 71 D5 6E C6 0D B6 7D 90 16 FE 82 9C
DB 62 7F 72 EE 87 D1 C8 A9 14 CF BB 2E 39 6B EA
0E 1F 53 5E 15 08 B8 64 0A 1B AB 4B E3 15 E5 D3,
pubKeyCredParams: [
{
type: "public-key",
alg: -7,
},
{
type: "public-key",
alg: -257,
},
],
timeout: 60000,
attestation: "direct",
}
WAITING FOR USER PRESENCE...
USER PRESENCE DONE.
WebAuthn navigator.credentials.create() result:
[CredentialAttestation] {
rawId: [ArrayBuffer] (32 bytes)
DF F1 77 8D 1F BE 84 B5 9D 6A FD 85 0A 75 BB 18
6B 21 9B C0 C8 96 E7 FE 97 85 87 02 E8 C0 67 57,
id: [ArrayBuffer] (32 bytes)
DF F1 77 8D 1F BE 84 B5 9D 6A FD 85 0A 75 BB 18
6B 21 9B C0 C8 96 E7 FE 97 85 87 02 E8 C0 67 57,
response: {
clientDataJSON: [ArrayBuffer] (179 bytes)
7B 22 74 79 70 65 22 3A 22 77 65 62 61 75 74 68
6E 2E 63 72 65 61 74 65 22 2C 22 63 68 61 6C 6C
65 6E 67 65 22 3A 22 36 48 76 42 64 45 4D 76 63
54 78 48 30 49 63 5A 4A 46 2D 36 70 55 5F 65 6F
6E 31 78 31 57 37 47 44 62 5A 39 6B 42 62 2D 67
70 7A 62 59 6E 39 79 37 6F 66 52 79 4B 6B 55 7A
37 73 75 4F 57 76 71 44 68 39 54 58 68 55 49 75
47 51 4B 47 36 74 4C 34 78 58 6C 30 77 22 2C 22
6F 72 69 67 69 6E 22 3A 22 68 74 74 70 73 3A 2F
2F 77 65 62 61 75 74 68 6E 2E 6F 72 67 22 2C 22
63 72 6F 73 73 4F 72 69 67 69 6E 22 3A 66 61 6C
73 65 7D,
attestationObject: [ArrayBuffer] (662 bytes)
A3 63 66 6D 74 66 70 61 63 6B 65 64 67 61 74 74
53 74 6D 74 A2 63 61 6C 67 39 01 00 63 73 69 67
59 01 00 BA EF CB 8C 4C 6F E9 03 3E EF 17 4C A8
FA 6D 6F 14 35 0C 91 97 DC 79 40 EB 9D 6A 1E 42
91 C5 78 F1 F1 F9 8A 1A 24 C9 72 64 96 F9 6E E9
67 67 DF 11 42 05 63 2A 3E 3C 0B F4 6F FF C1 26
D5 C1 C1 BE FD CF A7 B2 BF CC AE B1 34 0F 62 5B
C4 F1 3E E9 4A 38 8F E0 C5 6F 72 23 37 13 F0 EA
9A DB 69 39 10 10 6F B4 1C 7A 10 29 15 5B E2 C9
57 68 12 E9 24 C5 6B F8 53 73 3D 53 C9 44 93 D9
CD 15 5C 48 74 A3 9E F9 66 6E 35 88 B5 63 9A AD
D8 45 06 8E B4 A0 5D 48 EC 9E ED 65 35 47 F4 5A
F0 F5 09 FE E3 19 1B 44 28 50 D1 19 31 96 2C 41
D6 A1 0B E0 4C 8E DB F1 25 1E 4D 57 B2 CD A0 D7
A8 3F 8E 7A B8 27 1E 05 26 23 50 76 E8 B5 15 C2
98 20 C7 34 12 6A D9 A6 61 6F 90 AF A0 3C 7F CA
BC 0D B0 88 18 0A 96 C9 D4 B5 48 EE BA 94 71 79
6B 0B 1C 43 BA 58 10 EB 0F C5 C3 68 BA 14 AF 9D
8B 40 96 68 61 75 74 68 44 61 74 61 59 01 67 95
69 08 8F 1E CE E3 23 29 54 03 5D BD 10 D7 CA E3
91 30 5A 27 51 B5 59 BB 8F D7 CB B2 29 BD D4 45
00 00 00 00 60 28 B0 17 B1 D4 4C 02 B4 B3 AF CD
AF C9 6B B2 00 20 DF F1 77 8D 1F BE 84 B5 9D 6A
FD 85 0A 75 BB 18 6B 21 9B C0 C8 96 E7 FE 97 85
87 02 E8 C0 67 57 A4 01 03 03 39 01 00 20 59 01
00 EA 07 A4 68 91 98 70 79 D9 B6 AB 17 9A 7B 3F
BD 76 A7 3A 23 E7 F1 5C E6 BA B8 4B 20 14 09 83
F8 86 EA C4 BA CE FD C1 C4 38 E0 8E 3D E5 15 68
AA DF 27 FC C8 75 17 10 9E DB 56 C6 F0 92 B4 D0
8C BC 89 3D 07 3B 73 58 40 41 64 3B 6B CE 08 FE
E2 10 86 2E DC D7 A1 86 A9 08 70 A6 05 E5 A4 DD
6F C4 97 6F 26 F6 08 78 AD 4C 2A A0 3F 1D 3B 6D
C4 FD B0 2E C2 87 1B 92 82 15 D5 F1 C8 88 93 AB
65 07 41 F5 EB 7E 42 07 D9 D8 A5 2D 95 96 2E 33
AF 35 49 7D BC 75 E2 83 40 56 CD 40 B7 78 19 7A
96 16 E5 76 F1 B1 96 94 87 BF 39 39 9B 7C 9B D9
13 C7 57 04 00 34 4E F3 73 ED 56 C3 9C 07 CB 21
49 2E 45 48 A8 B7 78 9F 2B CE 06 7A F4 8C 3E 87
64 89 2C 94 03 2B E0 C7 68 21 3A 5B 1D 48 01 F7
A3 34 CA AA A0 1C 58 D7 13 E8 D4 B0 21 9F 80 8F
9F 80 23 40 E4 54 D4 AE C0 0B EC D5 E8 A8 EC F5
79 21 43 01 00 01,
},
}
Sending Message to Server:
{"rawId":"3_F3jR--hLWdav2FCnW7GGshm8DIluf-l4WHAujAZ1c","id":"3_F3jR--hLWdav2FCnW7GGshm8DIluf-l4WHAujAZ1c","response":{"clientDataJSON":"eyJ0eXBlIjoid2ViYXV0aG4uY3JlYXRlIiwiY2hhbGxlbmdlIjoiNkh2QmRFTXZjVHhIMEljWkpGLTZwVV9lb24xeDFXN0dEYlo5a0JiLWdwemJZbjl5N29mUnlLa1V6N3N1T1d2cURoOVRYaFVJdUdRS0c2dEw0eFhsMHciLCJvcmlnaW4iOiJodHRwczovL3dlYmF1dGhuLm9yZyIsImNyb3NzT3JpZ2luIjpmYWxzZX0","attestationObject":"o2NmbXRmcGFja2VkZ2F0dFN0bXSiY2FsZzkBAGNzaWdZAQC678uMTG_pAz7vF0yo-m1vFDUMkZfceUDrnWoeQpHFePHx-YoaJMlyZJb5bulnZ98RQgVjKj48C_Rv_8Em1cHBvv3Pp7K_zK6xNA9iW8TxPulKOI_gxW9yIzcT8Oqa22k5EBBvtBx6ECkVW-LJV2gS6STFa_hTcz1TyUST2c0VXEh0o575Zm41iLVjmq3YRQaOtKBdSOye7WU1R_Ra8PUJ_uMZG0QoUNEZMZYsQdahC-BMjtvxJR5NV7LNoNeoP456uCceBSYjUHbotRXCmCDHNBJq2aZhb5CvoDx_yrwNsIgYCpbJ1LVI7rqUcXlrCxxDulgQ6w_Fw2i6FK-di0CWaGF1dGhEYXRhWQFnlWkIjx7O4yMpVANdvRDXyuORMFonUbVZu4_Xy7IpvdRFAAAAAGAosBex1EwCtLOvza_Ja7IAIN_xd40fvoS1nWr9hQp1uxhrIZvAyJbn_peFhwLowGdXpAEDAzkBACBZAQDqB6RokZhwedm2qxeaez-9dqc6I-fxXOa6uEsgFAmD-IbqxLrO_cHEOOCOPeUVaKrfJ_zIdRcQnttWxvCStNCMvIk9BztzWEBBZDtrzgj-4hCGLtzXoYapCHCmBeWk3W_El28m9gh4rUwqoD8dO23E_bAuwocbkoIV1fHIiJOrZQdB9et-QgfZ2KUtlZYuM681SX28deKDQFbNQLd4GXqWFuV28bGWlIe_OTmbfJvZE8dXBAA0TvNz7VbDnAfLIUkuRUiot3ifK84GevSMPodkiSyUAyvgx2ghOlsdSAH3ozTKqqAcWNcT6NSwIZ-Aj5-AI0DkVNSuwAvs1eio7PV5IUMBAAE"}}
Received Message from Server:
<<<<<<<< [ STATUS 400 ] <<<<<<<<
{"status":"failed","errorMessage":"registration failed: packed attestation: unknown algorithm: -257"}
<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
Error: registration failed: packed attestation: unknown algorithm: -257
Registration error: Error: registration failed: packed attestation: unknown algorithm: -257
REGISTER DONE.
Hi, I have installed your project on a Ubuntu 18.04 VM and followed your instructions for the configuration. Everything works well and I can register / login using U2F authenticators on various OS and browsers.
Until I test on MS Edge (version 44.17741.1000.0, part of Windows 10 Insider Release). As expected during Fido2 registration, I get the Hello registration screen, asking to scan the fingerprint on the laptop, but then I get a "rpIdHash mismatch" error, which I can trace to component-fido2/lib/main.js line 116 [https://github.com/apowers313/component-fido2/blob/b8f61c1f4b5cf0bf84f2fa30809e2c8f1f7795cc/lib/main.js#L116]. If I replace rpName with rpId on that line, the registration works. The login however, doesn't even reach the Hello process, and just asks to insert a USB key.
When I try the same test on webauthn.org, everything works well and the login does go through Hello (although it fails at the end with "unable to validate userHandle"). Is your site using a more recent code base than the github repo? Or could there be something wrong with my setup?
The certificate chain on webauthn.org is incomplete. I noticed because FIrefox mobile won't load your site. See also https://www.ssllabs.com/ssltest/analyze?d=webauthn.org
Moving this out of #5 to it's own issue.
@silverstar235 wrote:
Hello, why I can not run fido2-server-demo, in command line, i met this issue: "process.getuid is not a function..." error from component-director.js. In addition, debugging code with index.js has been lost the lib/main.js. I am using Node 8 8.11.1 and npm version 5.6.0
If you are running windows, the problem is that windows doesn't support getuid. You can comment out the uid commands in your config file (like this)and that should fix it.
Let me know if that doesn't fix your problem or if you aren't running windows.
Hello,
when compiling with OpenSSL 1.1.0h, I've the following errors:
../src/core/bn.cpp:37:29: error: invalid use of incomplete type ‘const BIGNUM {aka const struct bignum_st}’
constant_time_le_size_t(in->dmax, i), in->dmax - 1, i)];
^~
...
../src/core/bn.cpp:37:43: error: invalid use of incomplete type ‘const BIGNUM {aka const struct bignum_st}’
constant_time_le_size_t(in->dmax, i), in->dmax - 1, i)];
^~
...
../src/core/bn.cpp:39:62: error: invalid use of incomplete type ‘const BIGNUM {aka const struct bignum_st}’
return constant_time_select_ulong(constant_time_le_size_t(in->top, i), 0, l);
^~
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.