search

davidearl / webauthn

An implementation of webauthn in PHP on the server side (e.g Yubico 2 and Google Titan keys)
https://webauthn.davidearl.uk
MIT License
129 stars 24 forks source link

Firefox has started returning an error on registration #54

Closed davidearl closed 2 years ago

davidearl commented 2 years ago

registration failed: Bad Request: cannot decode key response (8)

davidearl commented 2 years ago

Problem located and worked around.

Looking at the data returned by FireFox it appeared the length of the credID field was turning up too early in the structure returned by FireFox. That led me to a search which yielded this very recent post: https://www.antradar.com/blog-firefox-webauthn-incompability indicating there is a FF bug where it only (now) sends one byte where the spec says it should send 16 bytes.

My fix is not quite the same as theirs - if it fails I try it again on the shorter length.

This must be a recent change in FF, as it used to work until not long ago.