search

koesie10 / webauthn

Go package for easy WebAuthn integration
MIT License
164 stars 17 forks source link

Unsupported format self attestation on Macbook #9

Open kayrules opened 5 years ago

kayrules commented 5 years ago

Hi,

This issue was previously submitted on webauthn-demo repo. i think it is more relevant to be issued here

When trying this demo via touch id on macbook, I got this error:

Failed to register: Error: Bad Request

Debugging on registration.go: line 128 showing:

unsupported format self attestation

I believe it requires packed + self (surrogate) attestation for this. There's article for the implementation by Ackermann Yuriy here

RubaXa commented 4 years ago

@koesie10 any news?

koesie10 commented 4 years ago

Sorry about the lack of response. I've added packed self attestation, but I'm unfortunately not able to test it. If you are still interested, could you test whether it works correctly?

ceseale commented 4 years ago

Hey thanks for adding this. When I tried testing I get the following error running on Macos 10.14.6

goroutine 35 [running]:
net/http.(*conn).serve.func1(0xc0003760a0)
    /usr/local/opt/go/libexec/src/net/http/server.go:1769 +0x139
panic(0x18051a0, 0xc000322f00)
    /usr/local/opt/go/libexec/src/runtime/panic.go:522 +0x1b5
reflect.Value.Elem(0x17ae3c0, 0xc000322ee0, 0x97, 0xc000322ee0, 0x20, 0x18)
    /usr/local/opt/go/libexec/src/reflect/value.go:806 +0x1c8
encoding/asn1.UnmarshalWithParams(0xc0003ea000, 0x47, 0x47, 0x17ae3c0, 0xc000322ee0, 0x0, 0x0, 0x1c0, 0x1e376c0819a4c116, 0x34b0bcb52748774c, ...)
    /usr/local/opt/go/libexec/src/encoding/asn1/asn1.go:1060 +0xc1
encoding/asn1.Unmarshal(...)
    /usr/local/opt/go/libexec/src/encoding/asn1/asn1.go:1054
github.com/koesie10/webauthn/attestation/packed.verifySelf(0xc00032a748, 0x6, 0xc0003da1c0, 0x20, 0xdf, 0x5e5fd7b500000045, 0xc0003da1e5, 0x10, 0xba, 0xc0003da1f7, ...)
    /Users/colin.seale/go/src/github.com/koesie10/webauthn/attestation/packed/packed.go:153 +0x312
github.com/koesie10/webauthn/attestation/packed.verifyPacked(0xc00032a748, 0x6, 0xc0003da1c0, 0x20, 0xdf, 0x5e5fd7b500000045, 0xc0003da1e5, 0x10, 0xba, 0xc0003da1f7, ...)
    /Users/colin.seale/go/src/github.com/koesie10/webauthn/attestation/packed/packed.go:54 +0x2ee
github.com/koesie10/webauthn/protocol.Attestation.IsValid(0xc00032a748, 0x6, 0xc0003da1c0, 0x20, 0xdf, 0x5e5fd7b500000045, 0xc0003da1e5, 0x10, 0xba, 0xc0003da1f7, ...)
    /Users/colin.seale/go/src/github.com/koesie10/webauthn/protocol/attestation.go:147 +0x136
github.com/koesie10/webauthn/protocol.IsValidAttestation(0xc000388080, 0x7a, 0xc0003261e0, 0x5b, 0x5d, 0xc00032a380, 0xa, 0xc00032a720, 0xf, 0xc000384510, ...)
    /Users/colin.seale/go/src/github.com/koesie10/webauthn/protocol/attestation.go:114 +0x197
github.com/koesie10/webauthn/webauthn.(*WebAuthn).ParseAndFinishRegistration(0xc0000105b8, 0xc000388080, 0x7a, 0xc0003261e0, 0x5b, 0x5d, 0xc00032a380, 0xa, 0xc000388100, 0x75, ...)
    /Users/colin.seale/go/src/github.com/koesie10/webauthn/webauthn/registration.go:148 +0x694
github.com/koesie10/webauthn/webauthn.(*WebAuthn).FinishRegistration(0xc0000105b8, 0xc00022aa00, 0x6269170, 0xc0002fd710, 0x1a59e00, 0xc0003140f0, 0x1a59e80, 0xc000322140, 0x10143cf, 0xc000078500)
    /Users/colin.seale/go/src/github.com/koesie10/webauthn/webauthn/registration.go:200 +0x383
crypto-bot/slackserver.(*SlackServer).FinishRegistration(0xc000124900, 0x6269170, 0xc0002fd710, 0xc00022aa00)
    /Users/colin.seale/go/src/crypto-bot/slackserver/webauthn.go:210 +0x14a
net/http.HandlerFunc.ServeHTTP(0xc000174c60, 0x6269170, 0xc0002fd710, 0xc00022aa00)
    /usr/local/opt/go/libexec/src/net/http/server.go:1995 +0x44
crypto-bot/vendor/github.com/gorilla/handlers.(*cors).ServeHTTP(0xc0002f8d80, 0x6269170, 0xc0002fd710, 0xc00022aa00)
    /Users/colin.seale/go/src/crypto-bot/vendor/github.com/gorilla/handlers/cors.go:54 +0x108a
crypto-bot/slackserver.(*SlackServer).slackSignatureMiddleware.func1(0x6269170, 0xc0002fd710, 0xc00022aa00)
    /Users/colin.seale/go/src/crypto-bot/slackserver/middleware.go:34 +0xecb
net/http.HandlerFunc.ServeHTTP(0xc00036f320, 0x6269170, 0xc0002fd710, 0xc00022aa00)
    /usr/local/opt/go/libexec/src/net/http/server.go:1995 +0x44
crypto-bot/vendor/github.com/gorilla/mux.(*Router).ServeHTTP(0xc000168240, 0x6269170, 0xc0002fd710, 0xc00022a800)
    /Users/colin.seale/go/src/crypto-bot/vendor/github.com/gorilla/mux/mux.go:212 +0xe3
crypto-bot/vendor/github.com/gorilla/handlers.loggingHandler.ServeHTTP(0x1a4a120, 0xc0000c2000, 0x1a48d00, 0xc000168240, 0x19453e8, 0x1a59d00, 0xc0001d81c0, 0xc00022a800)
    /Users/colin.seale/go/src/crypto-bot/vendor/github.com/gorilla/handlers/logging.go:45 +0x242
net/http.serverHandler.ServeHTTP(0xc000173110, 0x1a59d00, 0xc0001d81c0, 0xc00022a800)
    /usr/local/opt/go/libexec/src/net/http/server.go:2774 +0xa8
net/http.(*conn).serve(0xc0003760a0, 0x1a5c100, 0xc000372ac0)
    /usr/local/opt/go/libexec/src/net/http/server.go:1878 +0x851
created by net/http.(*Server).Serve
    /usr/local/opt/go/libexec/src/net/http/server.go:2884 +0x2f4