steveperrycreative
commented
5 years ago I can confirm the same issue with YubiKey NFC 5 series and Chrome 73.0.3683.86. The demos also work fine for me.
Open ckosmowski opened 5 years ago
steveperrycreative
commented
5 years ago I can confirm the same issue with YubiKey NFC 5 series and Chrome 73.0.3683.86. The demos also work fine for me.
kg0r0
commented
5 years ago I met the same issue.
The completed-demo branch supports only fido-u2f attestation . https://github.com/fido-alliance/webauthn-demo/blob/completed-demo/utils.js#L201
Please confirm attestation format of your authenticator. It is probably packed attestation format.
If you want to know about packed attestation, you should see below. https://medium.com/@herrjemand/verifying-fido2-packed-attestation-a067a9b2facd
steveperrycreative
commented
5 years ago Please confirm attestation format of your authenticator. It is probably packed attestation format.
Yep it looks like you are correct, at least in my case.
kg0r0
commented
5 years ago It seems like the master branch is verifying packed attestation. It's better confirm below. https://github.com/fido-alliance/webauthn-demo/blob/master/utils.js#L227
steveperrycreative
commented
5 years ago Well spotted. If you swap out the /utils.js on the completed-demo branch with the one linked above from master the code works.
gyszalai
commented
5 years ago If the utils.js is replaced with the one from the master branch, my yubikey 5c works, but the built-in touch id of my mac doesn't. The built-in touch id uses packed format with surrogate assertion.
wichopy
commented
4 years ago Is there a library that handles common devices like mac touch ID?
jcaple
commented
4 years ago Yubikey 5 NFC, Mac OS X, Google Chrome Version 77.0.3865.90 (Official Build) (64-bit), Node v10.16.0. Replaced utils.js with version from master branch. Had to also install '@fidm/x509' and 'iso-3166-1'. This all seems kinda sketch but it worked.
inorganik
commented
4 years ago I was able to get this to work with my Mac Touch ID by adding support for self-signed attestation.
Here's the diff, sorry for all the whitespace changes, I auto-formatted in vscode.
https://github.com/fido-alliance/webauthn-demo/pull/17
the changes you want start on line 277 in utils.js in that else if block
vforv
commented
2 years ago How to make this work for iPhone touch or face scan login?
With the completed-demo branch i get the "Can not authenticate signature" error whenever i try to register. I am Using Yubico Security Key NFC and chrome 73.0.3683.75.
The demos at https://webauthn.io/ and https://webauthn.org/ however are working well.