search

mylofi / webauthn-local-client

Browser-only utils for locally managing WebAuthn (passkey) API
https://mylofi.github.io/webauthn-local-client/
MIT License
116 stars 4 forks source link

auth verification seems to fail in firefox #11

Open getify opened 2 months ago

getify commented 2 months ago

DOMException: Data provided to an operation does not meet requirements

algo -257, so using subtleCrypto instead of sodium

getify commented 2 months ago

Investigated. Unfortunately, I don't think this is a bug with WALC, but with FF (and seems to affect at least windows and linux, perhaps also mac?).

Seems that the public-key (SPKI format) being returned from AuthenticatorAttestationResponse.getPublicKey() (algo COSE of -257) is not compatible with the crypto.subtle.importKey() for SPKI format and RSASSA-PKCS1-v1_5 algorithm.

See filed bug with FF for tracking/updates.

getify commented 2 months ago

Update: looks like the FF folks verified that they do in fact have a bug, and they're fixing it.

getify commented 1 month ago

Update: FF has landed a patch fixing this bug. Just waiting on a stable FF release with that update in it.

getify commented 1 month ago

At the time of this comment, FF 130 is stable.

Update: FF 132 is expected to have this fix in it, which my rough estimate puts at 6-12 weeks from now.

getify commented 2 weeks ago

Expected: Oct 29

https://developer.mozilla.org/en-US/docs/Mozilla/Firefox/Releases/132