Closed billybillyjim closed 5 months ago
tvdijen
commented
5 months ago Wow, Titans.. They are the unicorns amongst the security keys.. Weren't they compromised at some point? I never got a hold of them to test with...
I'm sure we can extend the column-size.. You have any idea what the actual size is? 2048 seems too large
billybillyjim
commented
5 months ago We have two keys and they both have credentialids of length 704.
tvdijen
commented
5 months ago Aye, so 768 bytes would suffice for you and probably anyone else. Thanks for the feedback!
tvdijen
commented
5 months ago Tagging @restena-sw for second opinion; I could raise the size to 768 or to 1024 for possible 'future-proofing'. Not sure if that makes sense at all
restena-sw
commented
5 months ago Sure, if it helps with actual hardware in the field, there's no reason not to extend. 1024 sounds good.
Out of curiosity - credential ID length typically corresponds to the length of the keypair. Do you have specs on the keys being used by the Titans?
My organization has recently started testing the webauthn module with various hardware keys. Yubikeys were straightforward and worked immediately, but Google Titan Security Keys throw an error on registration:
Database error: SQLSTATE[22001]: String data, right truncated: 7 ERROR: value too long for type character varying(500)
It looks like the credentialId is too long. Is there any reason for the 500 character limit, or could it be extended? We changed the varchar size in the database to 2048 and it made the Google Titan Security Key work with no other changes.