search

MasterKale / SimpleWebAuthn

WebAuthn, Simplified. A collection of TypeScript-first libraries for simpler WebAuthn integration. Supports modern browsers, Node, Deno, and more.
https://simplewebauthn.dev
MIT License
1.62k stars 137 forks source link

failed test in packages/server #492

Closed kazudotdev closed 10 months ago

kazudotdev commented 11 months ago

Describe the issue

verifySignature in server/helers/verifySignature.ts are failed.

should verify an assertion response => ./src/authentication/verifyAuthenticationResponse.test.ts:22:6
error: Error: Cannot get schema for 'c' target
    at U.get (https://esm.sh/v135/@peculiar/asn1-schema@2.3.6/denonext/asn1-schema.mjs:2:5738)
    at Function.fromASN (https://esm.sh/v135/@peculiar/asn1-schema@2.3.6/denonext/asn1-schema.mjs:2:8561)
    at Function.parse (https://esm.sh/v135/@peculiar/asn1-schema@2.3.6/denonext/asn1-schema.mjs:2:8469)
    at unwrapEC2Signature (file:///Users/xxx/workspace/deno/SimpleWebAuthn/packages/server/src/helpers/iso/isoCrypto/unwrapEC2Signature.ts:10:37)
    at Module.verify (file:///Users/xxx/workspace/deno/SimpleWebAuthn/packages/server/src/helpers/iso/isoCrypto/verify.ts:26:32)
    at verifySignature (file:///Users/xxx/workspace/deno/SimpleWebAuthn/packages/server/src/helpers/verifySignature.ts:43:15)
    at verifyAuthenticationResponse (file:///Users/xxx/workspace/deno/SimpleWebAuthn/packages/server/src/authentication/verifyAuthenticationResponse.ts:240:21)
    at eventLoopTick (ext:core/01_core.js:183:11)
    at async file:///Users/xxx/workspace/deno/SimpleWebAuthn/packages/server/src/authentication/verifyAuthenticationResponse.test.ts:23:24

Reproduction Steps

  1. Go to packages/server
  2. rm deno.lock because of invalid hash code in lock file. 
    error: The source code is invalid, as it does not match the expected hash in the lock file.
Specifier: https://esm.sh/@peculiar/asn1-android@2.3.6
Lock file: /Users/xxx/workspace/deno/SimpleWebAuthn/packages/server/deno.lock
  3. run "deno test -A src/"
  4. exception in verifySignature

Expected behavior

Passed all of tests

Code Samples + WebAuthn Options and Responses

Dependencies

SimpleWebAuthn Libraries

@simplewebauthn/server@8.3.5

Additional context

I updated version of peculiar library from 2.3.6 to 2.3.8.

diff --git a/packages/server/src/deps.ts b/packages/server/src/deps.ts
index c5f4ad2..b1cdbe5 100644
--- a/packages/server/src/deps.ts
+++ b/packages/server/src/deps.ts
@@ -27,7 +27,7 @@ export { default as base64 } from 'https://deno.land/x/b64@1.1.27/src/base64.js'
 export { fetch as crossFetch } from 'https://esm.sh/cross-fetch@4.0.0';

 // @peculiar libraries
-export { AsnParser, AsnSerializer } from 'https://esm.sh/@peculiar/asn1-schema@2.3.6';
+export { AsnParser, AsnSerializer } from 'https://esm.sh/@peculiar/asn1-schema@2.3.8';
 export {
   AuthorityKeyIdentifier,
   BasicConstraints,
@@ -44,13 +44,13 @@ export {
   Name,
   SubjectAlternativeName,
   SubjectKeyIdentifier,
-} from 'https://esm.sh/@peculiar/asn1-x509@2.3.6';
+} from 'https://esm.sh/@peculiar/asn1-x509@2.3.8';
 export {
   ECDSASigValue,
   ECParameters,
   id_ecPublicKey,
   id_secp256r1,
   id_secp384r1,
-} from 'https://esm.sh/@peculiar/asn1-ecc@2.3.6';
-export { RSAPublicKey } from 'https://esm.sh/@peculiar/asn1-rsa@2.3.6';
-export { id_ce_keyDescription, KeyDescription } from 'https://esm.sh/@peculiar/asn1-android@2.3.6';
+} from 'https://esm.sh/@peculiar/asn1-ecc@2.3.8';
+export { RSAPublicKey } from 'https://esm.sh/@peculiar/asn1-rsa@2.3.8';
+export { id_ce_keyDescription, KeyDescription } from 'https://esm.sh/@peculiar/asn1-android@2.3.8';

Then, all of test passed like below.

$ deno test -A src/
running 9 tests from ./src/authentication/generateAuthenticationOptions.test.ts
should generate credential request options suitable for sending via JSON ... ok (0ms)
defaults to 60 seconds if no timeout is specified ... ok (0ms)
:
:
ok | 144 passed (8 steps) | 0 failed | 3 ignored (9s)
danopia commented 11 months ago

I have the same stack trace from a proper app, when logging in with a google keychain passkey. Is this just a dep update? I'm using the latest of simplewebauthn (v8.3.5) on deno

Error: Cannot get schema for 'c' target
    at U.get (https://esm.sh/v135/@peculiar/asn1-schema@2.3.6/denonext/asn1-schema.mjs:2:5738)
    at Function.fromASN (https://esm.sh/v135/@peculiar/asn1-schema@2.3.6/denonext/asn1-schema.mjs:2:8561)
    at Function.parse (https://esm.sh/v135/@peculiar/asn1-schema@2.3.6/denonext/asn1-schema.mjs:2:8469)
    at unwrapEC2Signature (https://deno.land/x/simplewebauthn@v8.3.5/packages/server/src/helpers/iso/isoCrypto/unwrapEC2Signature.ts:10:37)
    at Module.verify (https://deno.land/x/simplewebauthn@v8.3.5/packages/server/src/helpers/iso/isoCrypto/verify.ts:26:32)
    at verifySignature (https://deno.land/x/simplewebauthn@v8.3.5/packages/server/src/helpers/verifySignature.ts:43:15)
    at verifyAuthenticationResponse (https://deno.land/x/simplewebauthn@v8.3.5/packages/server/src/authentication/verifyAuthenticationResponse.ts:240:21)
    at eventLoopTick (ext:core/01_core.js:178:11)
    at async serveLoginRoute (file:///code/danopia/dist-app-deno/webapp/server/serve-login-flow.ts:283:28)
    at async Server.<anonymous> (file:///code/danopia/dist-app-deno/webapp/server/main.ts:59:12)
MasterKale commented 11 months ago

FYI I haven't forgotten about this, it's just the holidays. I'll have some down time next week and plan on addressing this and some issues then ✌️

danopia commented 11 months ago

Thank you for the quick response @MasterKale! Happy holidays

MasterKale commented 10 months ago

This issue should be resolved in the latest @simplewebauthn/server@8.3.6. Thank you for your patience 🙇‍♂️