search

Yubico / java-webauthn-server

Server-side Web Authentication library for Java https://www.w3.org/TR/webauthn/#rp-operations
Other
457 stars 142 forks source link

fix errornous reporting of missing TPM version & model #241

Closed ozzi- closed 1 year ago

ozzi- commented 1 year ago

This PR fixes the erroneous reporting of "Missing TPM model" & "Missing TPM version". Tested on two Lenovo Thinkpads X1 Gen9 - TPMModel=ST33HTPHAHD8 and T14 Gen3 (TPMModel=NPCT75x).

Here a debugger screenshot that tries to show the problem, your code tried to read the OIDs only from the first RDN image

Initial issue created by me: https://github.com/Yubico/java-webauthn-server/issues/240

emlun commented 1 year ago

Thanks a lot! That indeed looks like an oversight in the code, perhaps a prototype first step that we forgot to revisit and finish.

Would you mind sharing an example attestationObject that reveals the defect, so we can add it to the test cases? I've reproduced the issue with a generated attestation, but real examples from actual authenticators are much more valuable for interoperability tests. But I understand if you're not comfortable with that, seeing as you've redacted parts of your screenshots.

Either way, I'll try to get the fix released pretty soon - we can probably have an RC build out this week. After that we usually wait about 2 weeks before promoting it to an official release.

emlun commented 1 year ago

Would you like to be credited by name or GitHub username in the release notes? (or would you prefer not at all?)

ozzi- commented 1 year ago

Hi @emlun Im glad to help! I sent you the attestationObject to your email (listed on your GH profile). Concerning the credits, that would be nice.

Looking forward for the RC Cheers