Closed jens-vonberg closed 1 year ago
Hi,
I get a PHP warning when I try to register my Windows Hello PC with TPM. The certificate from Microsoft looks like this:
array(16) { ["name"]=> string(58) "/CN=NCU-NTC-KEYID-23F4E22AD3BE374A449772954AA283AED752572E" ["subject"]=> array(1) { ["CN"]=> string(54) "NCU-NTC-KEYID-23F4E22AD3BE374A449772954AA283AED752572E" } ["hash"]=> string(8) "248937c7" ["issuer"]=> array(5) { ["C"]=> string(2) "US" ["ST"]=> string(10) "Washington" ["L"]=> string(7) "Redmond" ["O"]=> string(21) "Microsoft Corporation" ["CN"]=> string(45) "Microsoft TPM Root Certificate Authority 2014" } ["version"]=> int(2) ["serialNumber"]=> string(40) "0x3300000413300C1AA304641F12000000000413" ["serialNumberHex"]=> string(38) "3300000413300C1AA304641F12000000000413" ["validFrom"]=> string(13) "210603175156Z" ["validTo"]=> string(13) "270603175156Z" ["validFrom_time_t"]=> int(1622742716) ["validTo_time_t"]=> int(1812045116) ["signatureTypeSN"]=> string(10) "RSA-SHA256" ["signatureTypeLN"]=> string(23) "sha256WithRSAEncryption" ["signatureTypeNID"]=> int(668) ["purposes"]=> array(9) { [1]=> array(3) { [0]=> bool(false) [1]=> bool(false) [2]=> string(9) "sslclient" } [2]=> array(3) { [0]=> bool(false) [1]=> bool(false) [2]=> string(9) "sslserver" } [3]=> array(3) { [0]=> bool(false) [1]=> bool(false) [2]=> string(11) "nssslserver" } [4]=> array(3) { [0]=> bool(false) [1]=> bool(false) [2]=> string(9) "smimesign" } [5]=> array(3) { [0]=> bool(false) [1]=> bool(false) [2]=> string(12) "smimeencrypt" } [6]=> array(3) { [0]=> bool(false) [1]=> bool(true) [2]=> string(7) "crlsign" } [7]=> array(3) { [0]=> bool(true) [1]=> bool(true) [2]=> string(3) "any" } [8]=> array(3) { [0]=> bool(true) [1]=> bool(true) [2]=> string(10) "ocsphelper" } [9]=> array(3) { [0]=> bool(false) [1]=> bool(true) [2]=> string(13) "timestampsign" } } ["extensions"]=> array(8) { ["keyUsage"]=> string(35) "Digital Signature, Certificate Sign" ["extendedKeyUsage"]=> string(35) "1.3.6.1.4.1.311.21.36, 2.23.133.8.3" ["certificatePolicies"]=> string(30) "Policy: 1.3.6.1.4.1.311.21.31 " ["basicConstraints"]=> string(18) "CA:TRUE, pathlen:0" ["subjectKeyIdentifier"]=> string(59) "EB:03:CF:C6:4F:37:14:3B:05:05:48:00:9F:25:4C:64:29:F5:EB:A3" ["authorityKeyIdentifier"]=> string(66) "keyid:7A:8C:0A:CE:2F:48:62:17:E2:94:D1:AE:55:C1:52:EC:71:74:A4:56 " ["crlDistributionPoints"]=> string(114) " Full Name: URI:http://www.microsoft.com/pkiops/crl/Microsoft%20TPM%20Root%20Certificate%20Authority%202014.crl " ["authorityInfoAccess"]=> string(115) "CA Issuers - URI:http://www.microsoft.com/pkiops/certs/Microsoft%20TPM%20Root%20Certificate%20Authority%202014.crt " } }
I'll get the following PHP error: Undefined array key "C" in <b>...\vendor\lbuchs\webauthn\src\Attestation\Format\FormatBase.php</b> on line <b>103
Undefined array key "C" in <b>...\vendor\lbuchs\webauthn\src\Attestation\Format\FormatBase.php</b> on line <b>103
I edited line 103 to the folowing: if (isset($certInfo['subject'][$k]) && $certInfo['subject'][$k] !== $v) {
if (isset($certInfo['subject'][$k]) && $certInfo['subject'][$k] !== $v) {
Maybe you can check that?
Thanks for your great work on this program. I implemented it into our intranet and it works very well.
thanks, i've fixed it and changed the self signed detection procedure to a more reliable method in 4780c7b017ccc74a023c6ae05b5847e478f5b97d,
Hi,
I get a PHP warning when I try to register my Windows Hello PC with TPM. The certificate from Microsoft looks like this:
I'll get the following PHP error:
Undefined array key "C" in <b>...\vendor\lbuchs\webauthn\src\Attestation\Format\FormatBase.php</b> on line <b>103
I edited line 103 to the folowing:
if (isset($certInfo['subject'][$k]) && $certInfo['subject'][$k] !== $v) {
Maybe you can check that?
Thanks for your great work on this program. I implemented it into our intranet and it works very well.