search

lbuchs / WebAuthn

A simple PHP WebAuthn (FIDO2/Passkey) server library
https://webauthn.lubu.ch
MIT License
419 stars 75 forks source link

Display AAGUID on screen? #47

Closed wagner-robert closed 2 years ago

wagner-robert commented 2 years ago

Any way to get the AAGUID field shown on the screen with registered credentials? Is appears blank.

https://support.yubico.com/hc/en-us/articles/360016648959-YubiKey-Hardware-FIDO2-AAGUIDs

New AAGUIDs will be issued for new YubiKey products which support FIDO2, or when existing YubiKey products have FIDO2 features added or removed.

Product Name or Laser Marking Firmware FIDO2 AAGUID FIDO U2F Security Key All N/A YubiKey 4 (Series) All N/A YubiKey FIPS (4 Series) 4.4 N/A YubiKey 5 (USB-A, No NFC) 5.1 cb69481e-8ff7-4039-93ec-0a2729a154a8 YubiKey 5 (USB-A, No NFC) 5.2, 5.4 ee882879-721c-4913-9775-3dfcce97072a YubiKey 5 NFC 5.1 fa2b99dc-9e39-4257-8f92-4a30d23c4118 YubiKey 5 NFC 5.2, 5.4 2fc0579f-8113-47ea-b116-bb5a8db9202a YubiKey 5 NFC FIPS 5.4 c1f9a0bc-1dd2-404a-b27f-8e29047a43fd YubiKey 5 Nano 5.1 cb69481e-8ff7-4039-93ec-0a2729a154a8 YubiKey 5 Nano 5.2, 5.4 ee882879-721c-4913-9775-3dfcce97072a YubiKey 5 Nano FIPS 5.4 73bb0cd4-e502-49b8-9c6f-b59445bf720b YubiKey 5C 5.1 cb69481e-8ff7-4039-93ec-0a2729a154a8 YubiKey 5C 5.2, 5.4 ee882879-721c-4913-9775-3dfcce97072a YubiKey 5C FIPS 5.4 73bb0cd4-e502-49b8-9c6f-b59445bf720b YubiKey 5C Nano 5.1 cb69481e-8ff7-4039-93ec-0a2729a154a8 YubiKey 5C Nano 5.2, 5.4 ee882879-721c-4913-9775-3dfcce97072a YubiKey 5C Nano FIPS 5.4 73bb0cd4-e502-49b8-9c6f-b59445bf720b YubiKey 5C NFC 5.2, 5.4 2fc0579f-8113-47ea-b116-bb5a8db9202a YubiKey 5C NFC FIPS 5.4 c1f9a0bc-1dd2-404a-b27f-8e29047a43fd YubiKey 5Ci 5.2, 5.4 c5ef55ff-ad9a-4b9f-b580-adebafe026d0 YubiKey 5Ci FIPS 5.4 85203421-48f9-4355-9bc8-8a53846e5083 Security Key By Yubico 5.1 f8a011f3-8c0a-4d15-8006-17111f9edc7d Security Key By Yubico 5.2 b92c3f9a-c014-4056-887f-140a2501163b Security Key NFC 5.1 6d44ba9b-f6ec-2e49-b930-0c8fe920cb73 Security Key NFC 5.2 149a2021-8ef6-4133-96b8-81f8d5b7f1f5

FIDO MDS:

FIDO2 AAGUID Description 149a2021-8ef6-4133-96b8-81f8d5b7f1f5 Security Key by Yubico with NFC 2fc0579f-8113-47ea-b116-bb5a8db9202a YubiKey 5 Series with NFC 6d44ba9b-f6ec-2e49-b930-0c8fe920cb73 Security Key by Yubico with NFC 73bb0cd4-e502-49b8-9c6f-b59445bf720b YubiKey 5 FIPS Series 85203421-48f9-4355-9bc8-8a53846e5083 YubiKey 5Ci FIPS b92c3f9a-c014-4056-887f-140a2501163b Security Key by Yubico c1f9a0bc-1dd2-404a-b27f-8e29047a43fd YubiKey 5 FIPS Series with NFC c5ef55ff-ad9a-4b9f-b580-adebafe026d0 YubiKey 5Ci cb69481e-8ff7-4039-93ec-0a2729a154a8 YubiKey 5 Series ee882879-721c-4913-9775-3dfcce97072a YubiKey 5 Series f8a011f3-8c0a-4d15-8006-17111f9edc7d Security Key by Yubico fa2b99dc-9e39-4257-8f92-4a30d23c4118 YubiKey 5 Series with NFC

wagner-robert commented 2 years ago

Some improvement with adding bin2hex to the $data->credentialId and $data->AAGUID lines as the data coming across is binary. $data->credentialId = bin2hex($attestationObject->getAuthenticatorData(()->getCredentialId()); and $data->AAGUID = bin2hex($attestationObject->getAuthenticatorData(()->getAAGUID()); in WebAuthn.php
the Hex matches the correct one from Yubico.

lbuchs commented 2 years ago

fixed at d84f661e38