Undefined array key "C" in FormatBase.php Line 103

[jens-vonberg]

Hi,

I get a PHP warning when I try to register my Windows Hello PC with TPM. The certificate from Microsoft looks like this:

array(16) {
  ["name"]=>
  string(58) "/CN=NCU-NTC-KEYID-23F4E22AD3BE374A449772954AA283AED752572E"
  ["subject"]=>
  array(1) {
    ["CN"]=>
    string(54) "NCU-NTC-KEYID-23F4E22AD3BE374A449772954AA283AED752572E"
  }
  ["hash"]=>
  string(8) "248937c7"
  ["issuer"]=>
  array(5) {
    ["C"]=>
    string(2) "US"
    ["ST"]=>
    string(10) "Washington"
    ["L"]=>
    string(7) "Redmond"
    ["O"]=>
    string(21) "Microsoft Corporation"
    ["CN"]=>
    string(45) "Microsoft TPM Root Certificate Authority 2014"
  }
  ["version"]=>
  int(2)
  ["serialNumber"]=>
  string(40) "0x3300000413300C1AA304641F12000000000413"
  ["serialNumberHex"]=>
  string(38) "3300000413300C1AA304641F12000000000413"
  ["validFrom"]=>
  string(13) "210603175156Z"
  ["validTo"]=>
  string(13) "270603175156Z"
  ["validFrom_time_t"]=>
  int(1622742716)
  ["validTo_time_t"]=>
  int(1812045116)
  ["signatureTypeSN"]=>
  string(10) "RSA-SHA256"
  ["signatureTypeLN"]=>
  string(23) "sha256WithRSAEncryption"
  ["signatureTypeNID"]=>
  int(668)
  ["purposes"]=>
  array(9) {
    [1]=>
    array(3) {
      [0]=>
      bool(false)
      [1]=>
      bool(false)
      [2]=>
      string(9) "sslclient"
    }
    [2]=>
    array(3) {
      [0]=>
      bool(false)
      [1]=>
      bool(false)
      [2]=>
      string(9) "sslserver"
    }
    [3]=>
    array(3) {
      [0]=>
      bool(false)
      [1]=>
      bool(false)
      [2]=>
      string(11) "nssslserver"
    }
    [4]=>
    array(3) {
      [0]=>
      bool(false)
      [1]=>
      bool(false)
      [2]=>
      string(9) "smimesign"
    }
    [5]=>
    array(3) {
      [0]=>
      bool(false)
      [1]=>
      bool(false)
      [2]=>
      string(12) "smimeencrypt"
    }
    [6]=>
    array(3) {
      [0]=>
      bool(false)
      [1]=>
      bool(true)
      [2]=>
      string(7) "crlsign"
    }
    [7]=>
    array(3) {
      [0]=>
      bool(true)
      [1]=>
      bool(true)
      [2]=>
      string(3) "any"
    }
    [8]=>
    array(3) {
      [0]=>
      bool(true)
      [1]=>
      bool(true)
      [2]=>
      string(10) "ocsphelper"
    }
    [9]=>
    array(3) {
      [0]=>
      bool(false)
      [1]=>
      bool(true)
      [2]=>
      string(13) "timestampsign"
    }
  }
  ["extensions"]=>
  array(8) {
    ["keyUsage"]=>
    string(35) "Digital Signature, Certificate Sign"
    ["extendedKeyUsage"]=>
    string(35) "1.3.6.1.4.1.311.21.36, 2.23.133.8.3"
    ["certificatePolicies"]=>
    string(30) "Policy: 1.3.6.1.4.1.311.21.31
"
    ["basicConstraints"]=>
    string(18) "CA:TRUE, pathlen:0"
    ["subjectKeyIdentifier"]=>
    string(59) "EB:03:CF:C6:4F:37:14:3B:05:05:48:00:9F:25:4C:64:29:F5:EB:A3"
    ["authorityKeyIdentifier"]=>
    string(66) "keyid:7A:8C:0A:CE:2F:48:62:17:E2:94:D1:AE:55:C1:52:EC:71:74:A4:56
"
    ["crlDistributionPoints"]=>
    string(114) "
Full Name:
  URI:http://www.microsoft.com/pkiops/crl/Microsoft%20TPM%20Root%20Certificate%20Authority%202014.crl
"
    ["authorityInfoAccess"]=>
    string(115) "CA Issuers - URI:http://www.microsoft.com/pkiops/certs/Microsoft%20TPM%20Root%20Certificate%20Authority%202014.crt
"
  }
}

I'll get the following PHP error: Undefined array key "C" in <b>...\vendor\lbuchs\webauthn\src\Attestation\Format\FormatBase.php</b> on line <b>103

I edited line 103 to the folowing: if (isset($certInfo['subject'][$k]) && $certInfo['subject'][$k] !== $v) {

Maybe you can check that?

Thanks for your great work on this program. I implemented it into our intranet and it works very well.

[lbuchs]

thanks, i've fixed it and changed the self signed detection procedure to a more reliable method in 4780c7b017ccc74a023c6ae05b5847e478f5b97d,