search

web-auth / webauthn-framework

FIDO-U2F / FIDO2 / Webauthn Framework
MIT License
422 stars 54 forks source link

Not compatible with PHP 8.1, due to fgrosse/phpasn1 dependency #195

Closed TimWolla closed 2 years ago

TimWolla commented 2 years ago

Describe the bug

I've already casually mentioned it in #189: The dependency for ASN.1 processing is not currently compatible with PHP 8.1 and it does not appear to still be maintained by the author.

There is an upstream PR fixing PHP 8.1 compatibility: fgrosse/PHPASN1#87. However upstream's CI is not compatible with PHP 8.0 and still relies on the effectively dead Travis (I've opened an upstream PR myself: fgrosse/PHPASN1#86).

Long story short: It might be necessary to switch to another ASN.1 library.

To Reproduce

  1. Use PHP 8.1.
  2. Attempt authentication using a YubiKey 5 NFC.
  3. Validation of the assertion fails in web-auth/cose-lib/src/Key/Ec2Key::asPEM() as that method relies on the ASN.1 library.

Expected behavior

I expect the authentication to work.

Screenshots

n/a

Desktop (please complete the following information):

n/a

Smartphone (please complete the following information):

n/a

Additional context

I've a tentative patch to fix the encoder in the Ec2Key class by manually constructing the DER locally. I'd be happy to contribute this, because Ec2Key is what's commonly required for WebAuthn with the usual keys out there.

However while it is feasible to construct the DER for the Ec2Key by hand, this is considerably less fun for RsaKey and parsing as required in AndroidKeyAttestationStatementSupport is even worse. So my current patch would not be a full solution.

Happy to hear your feedback.

Spomky commented 2 years ago

Hi,

Thank you for reporting this issue. In the last v3.3 commits, I activated tests on PHP 8.1 and everything is fine. It looks like this use case is not tested. I will investigate on it.

TimWolla commented 2 years ago

It looks like this use case is not tested. I will investigate on it.

I believe GitHub Actions by default does not show deprecation notices. See my issue in this repository: https://github.com/MyIntervals/emogrifier/issues/1117

These are the results of running the tests locally (in Docker):

root@69c8355c27c4:/pwd# php --version
PHP 8.1.0RC5 (cli) (built: Oct 28 2021 22:27:16) (NTS)
Copyright (c) The PHP Group
Zend Engine v4.1.0-dev, Copyright (c) Zend Technologies
root@69c8355c27c4:/pwd# vendor/bin/phpunit 
PHPUnit 9.5.10 by Sebastian Bergmann and contributors.

Testing 
..........................E
Deprecated: Return type of FG\ASN1\Construct::count($mode = FG\ASN1\COUNT_NORMAL) should either be compatible with Countable::count(): int, or the #[\ReturnTypeWillChange] attribute should be used to temporarily suppress the notice in /pwd/vendor/fgrosse/phpasn1/lib/ASN1/Construct.php on line 182

Deprecated: Return type of FG\ASN1\Construct::offsetExists($offset) should either be compatible with ArrayAccess::offsetExists(mixed $offset): bool, or the #[\ReturnTypeWillChange] attribute should be used to temporarily suppress the notice in /pwd/vendor/fgrosse/phpasn1/lib/ASN1/Construct.php on line 64

Deprecated: Return type of FG\ASN1\Construct::offsetGet($offset) should either be compatible with ArrayAccess::offsetGet(mixed $offset): mixed, or the #[\ReturnTypeWillChange] attribute should be used to temporarily suppress the notice in /pwd/vendor/fgrosse/phpasn1/lib/ASN1/Construct.php on line 69

Deprecated: Return type of FG\ASN1\Construct::offsetSet($offset, $value) should either be compatible with ArrayAccess::offsetSet(mixed $offset, mixed $value): void, or the #[\ReturnTypeWillChange] attribute should be used to temporarily suppress the notice in /pwd/vendor/fgrosse/phpasn1/lib/ASN1/Construct.php on line 74

Deprecated: Return type of FG\ASN1\Construct::offsetUnset($offset) should either be compatible with ArrayAccess::offsetUnset(mixed $offset): void, or the #[\ReturnTypeWillChange] attribute should be used to temporarily suppress the notice in /pwd/vendor/fgrosse/phpasn1/lib/ASN1/Construct.php on line 83

Deprecated: Return type of FG\ASN1\Construct::current() should either be compatible with Iterator::current(): mixed, or the #[\ReturnTypeWillChange] attribute should be used to temporarily suppress the notice in /pwd/vendor/fgrosse/phpasn1/lib/ASN1/Construct.php on line 44

Deprecated: Return type of FG\ASN1\Construct::next() should either be compatible with Iterator::next(): void, or the #[\ReturnTypeWillChange] attribute should be used to temporarily suppress the notice in /pwd/vendor/fgrosse/phpasn1/lib/ASN1/Construct.php on line 54

Deprecated: Return type of FG\ASN1\Construct::key() should either be compatible with Iterator::key(): mixed, or the #[\ReturnTypeWillChange] attribute should be used to temporarily suppress the notice in /pwd/vendor/fgrosse/phpasn1/lib/ASN1/Construct.php on line 49

Deprecated: Return type of FG\ASN1\Construct::valid() should either be compatible with Iterator::valid(): bool, or the #[\ReturnTypeWillChange] attribute should be used to temporarily suppress the notice in /pwd/vendor/fgrosse/phpasn1/lib/ASN1/Construct.php on line 59

Deprecated: Return type of FG\ASN1\Construct::rewind() should either be compatible with Iterator::rewind(): void, or the #[\ReturnTypeWillChange] attribute should be used to temporarily suppress the notice in /pwd/vendor/fgrosse/phpasn1/lib/ASN1/Construct.php on line 39
E...I.EEEE.ESSSSS.FF.FFF..E.......E.  63 / 163 ( 38%)
............................
Deprecated: Return type of Webauthn\AuthenticationExtensions\AuthenticationExtension::jsonSerialize() should either be compatible with JsonSerializable::jsonSerialize(): mixed, or the #[\ReturnTypeWillChange] attribute should be used to temporarily suppress the notice in /pwd/src/webauthn/src/AuthenticationExtensions/AuthenticationExtension.php on line 55
.............................
Deprecated: Return type of Webauthn\Tests\Unit\TrustPath\FooTrustPath::jsonSerialize() should either be compatible with JsonSerializable::jsonSerialize(): mixed, or the #[\ReturnTypeWillChange] attribute should be used to temporarily suppress the notice in /pwd/tests/library/Unit/TrustPath/FooTrustPath.php on line 28
....E
Deprecated: DOMElement::setAttribute(): Passing null to parameter #2 ($value) of type string is deprecated in /pwd/vendor/symfony/dependency-injection/Dumper/XmlDumper.php on line 146

Deprecated: DOMElement::setAttribute(): Passing null to parameter #2 ($value) of type string is deprecated in /pwd/vendor/symfony/dependency-injection/Dumper/XmlDumper.php on line 146

Deprecated: DOMElement::setAttribute(): Passing null to parameter #2 ($value) of type string is deprecated in /pwd/vendor/symfony/dependency-injection/Dumper/XmlDumper.php on line 146

Deprecated: DOMElement::setAttribute(): Passing null to parameter #2 ($value) of type string is deprecated in /pwd/vendor/symfony/dependency-injection/Dumper/XmlDumper.php on line 146

Deprecated: DOMElement::setAttribute(): Passing null to parameter #2 ($value) of type string is deprecated in /pwd/vendor/symfony/dependency-injection/Dumper/XmlDumper.php on line 146

Deprecated: DOMElement::setAttribute(): Passing null to parameter #2 ($value) of type string is deprecated in /pwd/vendor/symfony/dependency-injection/Dumper/XmlDumper.php on line 146

Deprecated: DOMElement::setAttribute(): Passing null to parameter #2 ($value) of type string is deprecated in /pwd/vendor/symfony/dependency-injection/Dumper/XmlDumper.php on line 146

Deprecated: DOMElement::setAttribute(): Passing null to parameter #2 ($value) of type string is deprecated in /pwd/vendor/symfony/dependency-injection/Dumper/XmlDumper.php on line 146

Deprecated: DOMElement::setAttribute(): Passing null to parameter #2 ($value) of type string is deprecated in /pwd/vendor/symfony/dependency-injection/Dumper/XmlDumper.php on line 146

Deprecated: DOMElement::setAttribute(): Passing null to parameter #2 ($value) of type string is deprecated in /pwd/vendor/symfony/dependency-injection/Dumper/XmlDumper.php on line 146
. 126 / 163 ( 77%)
.......E..............F.E............                           163 / 163 (100%)

Time: 00:30.683, Memory: 74.73 MB

There were 12 errors:

1) Cose\Tests\Unit\Signature\ES256KSignatureTest::es256KSignAndVerify
RuntimeException: Requires GMP or bcmath extension.

/pwd/vendor/fgrosse/phpasn1/lib/Utility/BigInteger.php:62
/pwd/vendor/fgrosse/phpasn1/lib/ASN1/Universal/Integer.php:55
/pwd/vendor/fgrosse/phpasn1/lib/ASN1/Universal/Integer.php:50
/pwd/vendor/fgrosse/phpasn1/lib/ASN1/ASNObject.php:157
/pwd/vendor/fgrosse/phpasn1/lib/ASN1/ASNObject.php:175
/pwd/vendor/fgrosse/phpasn1/lib/ASN1/Construct.php:92
/pwd/vendor/fgrosse/phpasn1/lib/ASN1/ASNObject.php:157
/pwd/vendor/fgrosse/phpasn1/lib/ASN1/ASNObject.php:119
/pwd/vendor/fgrosse/phpasn1/lib/ASN1/ASNObject.php:111
/pwd/src/cose/src/Key/Ec2Key.php:115
/pwd/src/cose/src/Algorithm/Signature/ECDSA/ECDSA.php:26
/pwd/tests/cose/unit/Signature/ES256KSignatureTest.php:38

2) Cose\Tests\Unit\Signature\RSA15SignatureTest::rS256
RuntimeException: Requires GMP or bcmath extension.

/pwd/vendor/fgrosse/phpasn1/lib/Utility/BigInteger.php:62
/pwd/vendor/fgrosse/phpasn1/lib/ASN1/Universal/Integer.php:55
/pwd/vendor/fgrosse/phpasn1/lib/ASN1/Universal/Integer.php:50
/pwd/vendor/fgrosse/phpasn1/lib/ASN1/ASNObject.php:157
/pwd/vendor/fgrosse/phpasn1/lib/ASN1/ASNObject.php:175
/pwd/vendor/fgrosse/phpasn1/lib/ASN1/Construct.php:92
/pwd/vendor/fgrosse/phpasn1/lib/ASN1/ASNObject.php:157
/pwd/vendor/fgrosse/phpasn1/lib/ASN1/ASNObject.php:119
/pwd/vendor/fgrosse/phpasn1/lib/ASN1/ASNObject.php:111
/pwd/src/cose/src/Key/RsaKey.php:183
/pwd/src/cose/src/Algorithm/Signature/RSA/RSA.php:40
/pwd/tests/cose/unit/Signature/RSA15SignatureTest.php:50

3) Webauthn\Tests\Functional\AppleAttestationStatementTest::anAppleAttestationCanBeVerified
RuntimeException: Requires GMP or bcmath extension.

/pwd/vendor/fgrosse/phpasn1/lib/Utility/BigInteger.php:62
/pwd/vendor/fgrosse/phpasn1/lib/ASN1/Base128.php:20
/pwd/vendor/fgrosse/phpasn1/lib/ASN1/Universal/ObjectIdentifier.php:76
/pwd/vendor/fgrosse/phpasn1/lib/ASN1/ASNObject.php:112
/pwd/vendor/fgrosse/phpasn1/lib/ASN1/Construct.php:102
/pwd/vendor/fgrosse/phpasn1/lib/ASN1/ASNObject.php:112
/pwd/vendor/fgrosse/phpasn1/lib/ASN1/Construct.php:102
/pwd/vendor/fgrosse/phpasn1/lib/ASN1/ASNObject.php:112
/pwd/src/cose/src/Key/Ec2Key.php:126
/pwd/src/webauthn/src/AttestationStatement/AppleAttestationStatementSupport.php:101
/pwd/src/webauthn/src/AttestationStatement/AppleAttestationStatementSupport.php:76
/pwd/src/webauthn/src/AuthenticatorAttestationResponseValidator.php:195
/pwd/tests/library/Functional/AppleAttestationStatementTest.php:74

4) Webauthn\Tests\Functional\AssertionTest::anAssertionCanBeVerified
RuntimeException: Requires GMP or bcmath extension.

/pwd/vendor/fgrosse/phpasn1/lib/Utility/BigInteger.php:62
/pwd/vendor/fgrosse/phpasn1/lib/ASN1/Base128.php:20
/pwd/vendor/fgrosse/phpasn1/lib/ASN1/Universal/ObjectIdentifier.php:76
/pwd/vendor/fgrosse/phpasn1/lib/ASN1/ASNObject.php:112
/pwd/vendor/fgrosse/phpasn1/lib/ASN1/Construct.php:102
/pwd/vendor/fgrosse/phpasn1/lib/ASN1/ASNObject.php:112
/pwd/vendor/fgrosse/phpasn1/lib/ASN1/Construct.php:102
/pwd/vendor/fgrosse/phpasn1/lib/ASN1/ASNObject.php:112
/pwd/src/cose/src/Key/Ec2Key.php:126
/pwd/src/cose/src/Algorithm/Signature/ECDSA/ECDSA.php:37
/pwd/src/webauthn/src/AuthenticatorAssertionResponseValidator.php:198
/pwd/tests/library/Functional/AssertionTest.php:68

5) Webauthn\Tests\Functional\AssertionTest::anAssertionWithTokenBindingCanBeVerified
RuntimeException: Requires GMP or bcmath extension.

/pwd/vendor/fgrosse/phpasn1/lib/Utility/BigInteger.php:62
/pwd/vendor/fgrosse/phpasn1/lib/ASN1/Base128.php:20
/pwd/vendor/fgrosse/phpasn1/lib/ASN1/Universal/ObjectIdentifier.php:76
/pwd/vendor/fgrosse/phpasn1/lib/ASN1/ASNObject.php:112
/pwd/vendor/fgrosse/phpasn1/lib/ASN1/Construct.php:102
/pwd/vendor/fgrosse/phpasn1/lib/ASN1/ASNObject.php:112
/pwd/vendor/fgrosse/phpasn1/lib/ASN1/Construct.php:102
/pwd/vendor/fgrosse/phpasn1/lib/ASN1/ASNObject.php:112
/pwd/src/cose/src/Key/Ec2Key.php:126
/pwd/src/cose/src/Algorithm/Signature/ECDSA/ECDSA.php:37
/pwd/src/webauthn/src/AuthenticatorAssertionResponseValidator.php:198
/pwd/tests/library/Functional/AssertionTest.php:111

6) Webauthn\Tests\Functional\AssertionTest::anAssertionWithUserHandleCanBeVerified
RuntimeException: Requires GMP or bcmath extension.

/pwd/vendor/fgrosse/phpasn1/lib/Utility/BigInteger.php:62
/pwd/vendor/fgrosse/phpasn1/lib/ASN1/Base128.php:20
/pwd/vendor/fgrosse/phpasn1/lib/ASN1/Universal/ObjectIdentifier.php:76
/pwd/vendor/fgrosse/phpasn1/lib/ASN1/ASNObject.php:112
/pwd/vendor/fgrosse/phpasn1/lib/ASN1/Construct.php:102
/pwd/vendor/fgrosse/phpasn1/lib/ASN1/ASNObject.php:112
/pwd/vendor/fgrosse/phpasn1/lib/ASN1/Construct.php:102
/pwd/vendor/fgrosse/phpasn1/lib/ASN1/ASNObject.php:112
/pwd/src/cose/src/Key/Ec2Key.php:126
/pwd/src/cose/src/Algorithm/Signature/ECDSA/ECDSA.php:37
/pwd/src/webauthn/src/AuthenticatorAssertionResponseValidator.php:198
/pwd/tests/library/Functional/AssertionTest.php:154

7) Webauthn\Tests\Functional\AttestationTest::anAttestationSignedWithEcDSA521ShouldBeVerified
RuntimeException: Requires GMP or bcmath extension.

/pwd/vendor/fgrosse/phpasn1/lib/Utility/BigInteger.php:62
/pwd/vendor/fgrosse/phpasn1/lib/ASN1/Base128.php:20
/pwd/vendor/fgrosse/phpasn1/lib/ASN1/Universal/ObjectIdentifier.php:76
/pwd/vendor/fgrosse/phpasn1/lib/ASN1/ASNObject.php:112
/pwd/vendor/fgrosse/phpasn1/lib/ASN1/Construct.php:102
/pwd/vendor/fgrosse/phpasn1/lib/ASN1/ASNObject.php:112
/pwd/vendor/fgrosse/phpasn1/lib/ASN1/Construct.php:102
/pwd/vendor/fgrosse/phpasn1/lib/ASN1/ASNObject.php:112
/pwd/src/cose/src/Key/Ec2Key.php:126
/pwd/src/cose/src/Algorithm/Signature/ECDSA/ECDSA.php:37
/pwd/src/webauthn/src/AttestationStatement/PackedAttestationStatementSupport.php:192
/pwd/src/webauthn/src/AttestationStatement/PackedAttestationStatementSupport.php:88
/pwd/src/webauthn/src/AuthenticatorAttestationResponseValidator.php:195
/pwd/tests/library/Functional/AttestationTest.php:51

8) Webauthn\Tests\Functional\PackedAttestationStatementTest::aPackedAttestationWithSelfStatementCanBeVerified
RuntimeException: Requires GMP or bcmath extension.

/pwd/vendor/fgrosse/phpasn1/lib/Utility/BigInteger.php:62
/pwd/vendor/fgrosse/phpasn1/lib/ASN1/Base128.php:20
/pwd/vendor/fgrosse/phpasn1/lib/ASN1/Universal/ObjectIdentifier.php:76
/pwd/vendor/fgrosse/phpasn1/lib/ASN1/ASNObject.php:112
/pwd/vendor/fgrosse/phpasn1/lib/ASN1/Construct.php:102
/pwd/vendor/fgrosse/phpasn1/lib/ASN1/ASNObject.php:112
/pwd/vendor/fgrosse/phpasn1/lib/ASN1/Construct.php:102
/pwd/vendor/fgrosse/phpasn1/lib/ASN1/ASNObject.php:112
/pwd/src/cose/src/Key/Ec2Key.php:126
/pwd/src/cose/src/Algorithm/Signature/ECDSA/ECDSA.php:37
/pwd/src/webauthn/src/AttestationStatement/PackedAttestationStatementSupport.php:192
/pwd/src/webauthn/src/AttestationStatement/PackedAttestationStatementSupport.php:88
/pwd/src/webauthn/src/AuthenticatorAttestationResponseValidator.php:195
/pwd/tests/library/Functional/PackedAttestationStatementTest.php:114

9) Webauthn\Tests\Functional\W10Test::anAssertionCanBeVerified
RuntimeException: Requires GMP or bcmath extension.

/pwd/vendor/fgrosse/phpasn1/lib/Utility/BigInteger.php:62
/pwd/vendor/fgrosse/phpasn1/lib/ASN1/Universal/Integer.php:55
/pwd/vendor/fgrosse/phpasn1/lib/ASN1/Universal/Integer.php:50
/pwd/vendor/fgrosse/phpasn1/lib/ASN1/ASNObject.php:157
/pwd/vendor/fgrosse/phpasn1/lib/ASN1/ASNObject.php:175
/pwd/vendor/fgrosse/phpasn1/lib/ASN1/Construct.php:92
/pwd/vendor/fgrosse/phpasn1/lib/ASN1/ASNObject.php:157
/pwd/vendor/fgrosse/phpasn1/lib/ASN1/ASNObject.php:119
/pwd/vendor/fgrosse/phpasn1/lib/ASN1/ASNObject.php:111
/pwd/src/cose/src/Key/RsaKey.php:183
/pwd/src/cose/src/Algorithm/Signature/RSA/RSA.php:40
/pwd/src/webauthn/src/AuthenticatorAssertionResponseValidator.php:198
/pwd/tests/library/Functional/W10Test.php:139

10) Webauthn\Bundle\Tests\Functional\Assertion\AssertionTest::anAssertionResponseCanBeLoadedAndVerified
RuntimeException: Requires GMP or bcmath extension.

/pwd/vendor/fgrosse/phpasn1/lib/Utility/BigInteger.php:62
/pwd/vendor/fgrosse/phpasn1/lib/ASN1/Base128.php:20
/pwd/vendor/fgrosse/phpasn1/lib/ASN1/Universal/ObjectIdentifier.php:76
/pwd/vendor/fgrosse/phpasn1/lib/ASN1/ASNObject.php:112
/pwd/vendor/fgrosse/phpasn1/lib/ASN1/Construct.php:102
/pwd/vendor/fgrosse/phpasn1/lib/ASN1/ASNObject.php:112
/pwd/vendor/fgrosse/phpasn1/lib/ASN1/Construct.php:102
/pwd/vendor/fgrosse/phpasn1/lib/ASN1/ASNObject.php:112
/pwd/src/cose/src/Key/Ec2Key.php:126
/pwd/src/cose/src/Algorithm/Signature/ECDSA/ECDSA.php:37
/pwd/src/webauthn/src/AuthenticatorAssertionResponseValidator.php:198
/pwd/src/symfony/src/Service/AuthenticatorAssertionResponseValidator.php:51
/pwd/tests/symfony/functional/Assertion/AssertionTest.php:72

11) Webauthn\Bundle\Tests\Functional\Attestation\PackedAttestationStatementTest::aPackedAttestationWithSelfStatementCanBeVerified
RuntimeException: Requires GMP or bcmath extension.

/pwd/vendor/fgrosse/phpasn1/lib/Utility/BigInteger.php:62
/pwd/vendor/fgrosse/phpasn1/lib/ASN1/Base128.php:20
/pwd/vendor/fgrosse/phpasn1/lib/ASN1/Universal/ObjectIdentifier.php:76
/pwd/vendor/fgrosse/phpasn1/lib/ASN1/ASNObject.php:112
/pwd/vendor/fgrosse/phpasn1/lib/ASN1/Construct.php:102
/pwd/vendor/fgrosse/phpasn1/lib/ASN1/ASNObject.php:112
/pwd/vendor/fgrosse/phpasn1/lib/ASN1/Construct.php:102
/pwd/vendor/fgrosse/phpasn1/lib/ASN1/ASNObject.php:112
/pwd/src/cose/src/Key/Ec2Key.php:126
/pwd/src/cose/src/Algorithm/Signature/ECDSA/ECDSA.php:37
/pwd/src/webauthn/src/AttestationStatement/PackedAttestationStatementSupport.php:192
/pwd/src/webauthn/src/AttestationStatement/PackedAttestationStatementSupport.php:88
/pwd/src/webauthn/src/AuthenticatorAttestationResponseValidator.php:195
/pwd/src/symfony/src/Service/AuthenticatorAttestationResponseValidator.php:48
/pwd/tests/symfony/functional/Attestation/PackedAttestationStatementTest.php:71

12) Webauthn\Bundle\Tests\Functional\MetadataService\MetadataServiceTest::theMetadataTOCPayloadCanBeRetrieved
RuntimeException: Requires GMP or bcmath extension.

/pwd/vendor/fgrosse/phpasn1/lib/Utility/BigInteger.php:62
/pwd/vendor/fgrosse/phpasn1/lib/ASN1/Base128.php:42
/pwd/vendor/fgrosse/phpasn1/lib/ASN1/Universal/ObjectIdentifier.php:132
/pwd/vendor/fgrosse/phpasn1/lib/ASN1/Universal/ObjectIdentifier.php:94
/pwd/vendor/fgrosse/phpasn1/lib/ASN1/ASNObject.php:227
/pwd/vendor/fgrosse/phpasn1/lib/ASN1/Construct.php:167
/pwd/vendor/fgrosse/phpasn1/lib/ASN1/ASNObject.php:233
/pwd/vendor/fgrosse/phpasn1/lib/ASN1/Construct.php:167
/pwd/vendor/fgrosse/phpasn1/lib/ASN1/ASNObject.php:233
/pwd/vendor/web-token/jwt-key-mgmt/KeyConverter/ECKey.php:83
/pwd/vendor/web-token/jwt-key-mgmt/KeyConverter/ECKey.php:48
/pwd/vendor/web-token/jwt-key-mgmt/KeyConverter/KeyConverter.php:201
/pwd/vendor/web-token/jwt-key-mgmt/KeyConverter/KeyConverter.php:93
/pwd/vendor/web-token/jwt-key-mgmt/KeyConverter/KeyConverter.php:70
/pwd/vendor/web-token/jwt-key-mgmt/KeyConverter/KeyConverter.php:162
/pwd/vendor/web-token/jwt-key-mgmt/JWKFactory.php:323
/pwd/src/metadata-service/src/MetadataService.php:273
/pwd/src/metadata-service/src/MetadataService.php:226
/pwd/src/metadata-service/src/MetadataService.php:185
/pwd/src/metadata-service/src/MetadataService.php:177
/pwd/tests/symfony/functional/MetadataService/MetadataServiceTest.php:56

--

There were 6 failures:

1) Webauthn\Tests\Functional\MetadataStatementTest::theAttestationCannotBeVerified with data set #0 ('{"status":"ok","errorMessage"...60000}', '{"id":"t3IDC1YBBBNHrz5XYAsORO...-key"}', 'The hash cannot be verified. ...jected')
Failed asserting that exception message 'The Metadata Statement for the AAGUID "87c6affb-e772-4566-b632-424550c747dc" is missing' contains 'The hash cannot be verified. The metadata statement shall be rejected'.

2) Webauthn\Tests\Functional\MetadataStatementTest::theAttestationCannotBeVerified with data set #1 ('{"status":"ok","errorMessage"...60000}', '{"id":"E6BLnfZCaZt5rCHpj528Mh...-key"}', 'The authenticator is compromi...e used')
Failed asserting that exception message 'The Metadata Statement for the AAGUID "5bed7647-21f6-4ed9-9bdb-3345b774ac48" is missing' contains 'The authenticator is compromised and cannot be used'.

3) Webauthn\Tests\Functional\MetadataStatementTest::theAttestationCannotBeVerified with data set #3 ('{"status":"ok","errorMessage"...60000}', '{"id":"g8J1PqurocrP_-oKxEeOk9...-key"}', 'Invalid certificate or certif... chain')
Failed asserting that exception message 'The Metadata Statement for the AAGUID "424433f7-2710-4592-aabc-b3997958b079" is missing' contains 'Invalid certificate or certificate chain'.

4) Webauthn\Tests\Functional\MetadataStatementTest::theAttestationCannotBeVerified with data set #4 ('{"status":"ok","errorMessage"...60000}', '{"id":"IU6CcyRAYUFOvz2vrZaZqE...-key"}', 'Invalid certificate or certif... chain')
Failed asserting that exception message 'The Metadata Statement for the AAGUID "3b50d04a-c451-4d76-b623-6df93ab9c885" is missing' contains 'Invalid certificate or certificate chain'.

5) Webauthn\Tests\Functional\MetadataStatementTest::theAttestationCannotBeVerified with data set #5 ('{"status":"ok","errorMessage"...60000}', '{"id":"KeFtFgx3uneln_CsRy-M2K...-key"}', 'Invalid certificate or certif... chain')
Failed asserting that exception message 'The Metadata Statement for the AAGUID "ff5559d4-8619-448f-8fd1-2fb504a90d6d" is missing' contains 'Invalid certificate or certificate chain'.

6) Webauthn\Bundle\Tests\Functional\Firewall\SecuredAreaTest::aUserCanBeAuthenticatedAndAccessToTheProtectedResource
Failed asserting that 401 matches expected 200.

/pwd/tests/symfony/functional/Firewall/SecuredAreaTest.php:110

ERRORS!
Tests: 163, Assertions: 809, Errors: 12, Failures: 6, Skipped: 5, Incomplete: 1.
xmav commented 2 years ago

Hi @Spomky! Do you have updates by any chance ?

xmav commented 2 years ago

Is there a chance that similar compatibility issue will be fixed in https://github.com/web-token/jwt-framework soon?

Spomky commented 2 years ago

Hi @xmav,

I am working on it, but no ETA at the moment. I noted in the log the following message:

RuntimeException: Requires GMP or bcmath extension.

Could you please install one of the extensions and let me know the result?

TimWolla commented 2 years ago

Could you please install one of the extensions and let me know the result?

Whoops, sorry about this. It does not change much about the deprecation notices in PHP 8.1. It appears that they do not lead to test failure, though:

root@76478de12fde:/pwd# php --version
PHP 8.1.0 (cli) (built: Dec  2 2021 12:11:39) (NTS)
Copyright (c) The PHP Group
Zend Engine v4.1.0, Copyright (c) Zend Technologies
root@76478de12fde:/pwd# php -i |grep -i gmp
Additional .ini files parsed => /usr/local/etc/php/conf.d/docker-php-ext-gmp.ini,
gmp
gmp support => enabled
GMP version => 6.2.1
root@76478de12fde:/pwd# vendor/bin/phpunit 
PHPUnit 9.5.10 by Sebastian Bergmann and contributors.

Testing 
...........................
Deprecated: Return type of FG\ASN1\Construct::count($mode = FG\ASN1\COUNT_NORMAL) should either be compatible with Countable::count(): int, or the #[\ReturnTypeWillChange] attribute should be used to temporarily suppress the notice in /pwd/vendor/fgrosse/phpasn1/lib/ASN1/Construct.php on line 182

Deprecated: Return type of FG\ASN1\Construct::offsetExists($offset) should either be compatible with ArrayAccess::offsetExists(mixed $offset): bool, or the #[\ReturnTypeWillChange] attribute should be used to temporarily suppress the notice in /pwd/vendor/fgrosse/phpasn1/lib/ASN1/Construct.php on line 64

Deprecated: Return type of FG\ASN1\Construct::offsetGet($offset) should either be compatible with ArrayAccess::offsetGet(mixed $offset): mixed, or the #[\ReturnTypeWillChange] attribute should be used to temporarily suppress the notice in /pwd/vendor/fgrosse/phpasn1/lib/ASN1/Construct.php on line 69

Deprecated: Return type of FG\ASN1\Construct::offsetSet($offset, $value) should either be compatible with ArrayAccess::offsetSet(mixed $offset, mixed $value): void, or the #[\ReturnTypeWillChange] attribute should be used to temporarily suppress the notice in /pwd/vendor/fgrosse/phpasn1/lib/ASN1/Construct.php on line 74

Deprecated: Return type of FG\ASN1\Construct::offsetUnset($offset) should either be compatible with ArrayAccess::offsetUnset(mixed $offset): void, or the #[\ReturnTypeWillChange] attribute should be used to temporarily suppress the notice in /pwd/vendor/fgrosse/phpasn1/lib/ASN1/Construct.php on line 83

Deprecated: Return type of FG\ASN1\Construct::current() should either be compatible with Iterator::current(): mixed, or the #[\ReturnTypeWillChange] attribute should be used to temporarily suppress the notice in /pwd/vendor/fgrosse/phpasn1/lib/ASN1/Construct.php on line 44

Deprecated: Return type of FG\ASN1\Construct::next() should either be compatible with Iterator::next(): void, or the #[\ReturnTypeWillChange] attribute should be used to temporarily suppress the notice in /pwd/vendor/fgrosse/phpasn1/lib/ASN1/Construct.php on line 54

Deprecated: Return type of FG\ASN1\Construct::key() should either be compatible with Iterator::key(): mixed, or the #[\ReturnTypeWillChange] attribute should be used to temporarily suppress the notice in /pwd/vendor/fgrosse/phpasn1/lib/ASN1/Construct.php on line 49

Deprecated: Return type of FG\ASN1\Construct::valid() should either be compatible with Iterator::valid(): bool, or the #[\ReturnTypeWillChange] attribute should be used to temporarily suppress the notice in /pwd/vendor/fgrosse/phpasn1/lib/ASN1/Construct.php on line 59

Deprecated: Return type of FG\ASN1\Construct::rewind() should either be compatible with Iterator::rewind(): void, or the #[\ReturnTypeWillChange] attribute should be used to temporarily suppress the notice in /pwd/vendor/fgrosse/phpasn1/lib/ASN1/Construct.php on line 39
....I.......SSSSS...................  63 / 163 ( 38%)
............................
Deprecated: Return type of Webauthn\AuthenticationExtensions\AuthenticationExtension::jsonSerialize() should either be compatible with JsonSerializable::jsonSerialize(): mixed, or the #[\ReturnTypeWillChange] attribute should be used to temporarily suppress the notice in /pwd/src/webauthn/src/AuthenticationExtensions/AuthenticationExtension.php on line 55
.............................
Deprecated: Return type of Webauthn\Tests\Unit\TrustPath\FooTrustPath::jsonSerialize() should either be compatible with JsonSerializable::jsonSerialize(): mixed, or the #[\ReturnTypeWillChange] attribute should be used to temporarily suppress the notice in /pwd/tests/library/Unit/TrustPath/FooTrustPath.php on line 28
.....
Deprecated: DOMElement::setAttribute(): Passing null to parameter #2 ($value) of type string is deprecated in /pwd/vendor/symfony/dependency-injection/Dumper/XmlDumper.php on line 146

Deprecated: DOMElement::setAttribute(): Passing null to parameter #2 ($value) of type string is deprecated in /pwd/vendor/symfony/dependency-injection/Dumper/XmlDumper.php on line 146

Deprecated: DOMElement::setAttribute(): Passing null to parameter #2 ($value) of type string is deprecated in /pwd/vendor/symfony/dependency-injection/Dumper/XmlDumper.php on line 146

Deprecated: DOMElement::setAttribute(): Passing null to parameter #2 ($value) of type string is deprecated in /pwd/vendor/symfony/dependency-injection/Dumper/XmlDumper.php on line 146

Deprecated: DOMElement::setAttribute(): Passing null to parameter #2 ($value) of type string is deprecated in /pwd/vendor/symfony/dependency-injection/Dumper/XmlDumper.php on line 146

Deprecated: DOMElement::setAttribute(): Passing null to parameter #2 ($value) of type string is deprecated in /pwd/vendor/symfony/dependency-injection/Dumper/XmlDumper.php on line 146

Deprecated: DOMElement::setAttribute(): Passing null to parameter #2 ($value) of type string is deprecated in /pwd/vendor/symfony/dependency-injection/Dumper/XmlDumper.php on line 146

Deprecated: DOMElement::setAttribute(): Passing null to parameter #2 ($value) of type string is deprecated in /pwd/vendor/symfony/dependency-injection/Dumper/XmlDumper.php on line 146

Deprecated: DOMElement::setAttribute(): Passing null to parameter #2 ($value) of type string is deprecated in /pwd/vendor/symfony/dependency-injection/Dumper/XmlDumper.php on line 146

Deprecated: DOMElement::setAttribute(): Passing null to parameter #2 ($value) of type string is deprecated in /pwd/vendor/symfony/dependency-injection/Dumper/XmlDumper.php on line 146
. 126 / 163 ( 77%)
..................F...F..............                           163 / 163 (100%)

Time: 00:01.615, Memory: 78.73 MB

There were 2 failures:

1) Webauthn\Bundle\Tests\Functional\Firewall\RegistrationAreaTest::aValidRegistrationResultRequestIsCorrectlyManaged
Failed asserting that two strings are equal.
--- Expected
+++ Actual
@@ @@
-'error'
+'ok'

/pwd/tests/symfony/functional/Firewall/RegistrationAreaTest.php:292

2) Webauthn\Bundle\Tests\Functional\Firewall\SecuredAreaTest::aUserCanBeAuthenticatedAndAccessToTheProtectedResource
Failed asserting that 401 matches expected 200.

/pwd/tests/symfony/functional/Firewall/SecuredAreaTest.php:110

FAILURES!
Tests: 163, Assertions: 853, Failures: 2, Skipped: 5, Incomplete: 1.
Spomky commented 2 years ago

Thank you for the feedback @TimWolla. In any cases I really think we can get rid of fgrosse@phpasn1. This is a good library, but only few features are used and such dependency does not help when upgrading for one PHP version to another. I think it is worth integrating some parts of the library that are used here.

TimWolla commented 2 years ago

I think it is worth integrating some parts of the library that are used here.

I can give a PoC implementation for Ec2Key, but this is not a complete implementation. It probably also makes sense to get the CI green first, because including this.

andrewbess commented 2 years ago

Hello @TimWolla @Spomky The fgrosse/phpasn1 extension has been released https://packagist.org/packages/fgrosse/phpasn1#v2.3.1

TimWolla commented 2 years ago

Yes. For your reference I ran the updated tests:

root@6117a862d036:/pwd# vendor/bin/phpunit 
PHPUnit 9.5.10 by Sebastian Bergmann and contributors.

Testing 
...............................I.......SSSSS...................  63 / 163 ( 38%)
............................
Deprecated: Return type of Webauthn\AuthenticationExtensions\AuthenticationExtension::jsonSerialize() should either be compatible with JsonSerializable::jsonSerialize(): mixed, or the #[\ReturnTypeWillChange] attribute should be used to temporarily suppress the notice in /pwd/src/webauthn/src/AuthenticationExtensions/AuthenticationExtension.php on line 55
.............................
Deprecated: Return type of Webauthn\Tests\Unit\TrustPath\FooTrustPath::jsonSerialize() should either be compatible with JsonSerializable::jsonSerialize(): mixed, or the #[\ReturnTypeWillChange] attribute should be used to temporarily suppress the notice in /pwd/tests/library/Unit/TrustPath/FooTrustPath.php on line 28
.....
Deprecated: DOMElement::setAttribute(): Passing null to parameter #2 ($value) of type string is deprecated in /pwd/vendor/symfony/dependency-injection/Dumper/XmlDumper.php on line 146

Deprecated: DOMElement::setAttribute(): Passing null to parameter #2 ($value) of type string is deprecated in /pwd/vendor/symfony/dependency-injection/Dumper/XmlDumper.php on line 146

Deprecated: DOMElement::setAttribute(): Passing null to parameter #2 ($value) of type string is deprecated in /pwd/vendor/symfony/dependency-injection/Dumper/XmlDumper.php on line 146

Deprecated: DOMElement::setAttribute(): Passing null to parameter #2 ($value) of type string is deprecated in /pwd/vendor/symfony/dependency-injection/Dumper/XmlDumper.php on line 146

Deprecated: DOMElement::setAttribute(): Passing null to parameter #2 ($value) of type string is deprecated in /pwd/vendor/symfony/dependency-injection/Dumper/XmlDumper.php on line 146

Deprecated: DOMElement::setAttribute(): Passing null to parameter #2 ($value) of type string is deprecated in /pwd/vendor/symfony/dependency-injection/Dumper/XmlDumper.php on line 146

Deprecated: DOMElement::setAttribute(): Passing null to parameter #2 ($value) of type string is deprecated in /pwd/vendor/symfony/dependency-injection/Dumper/XmlDumper.php on line 146

Deprecated: DOMElement::setAttribute(): Passing null to parameter #2 ($value) of type string is deprecated in /pwd/vendor/symfony/dependency-injection/Dumper/XmlDumper.php on line 146

Deprecated: DOMElement::setAttribute(): Passing null to parameter #2 ($value) of type string is deprecated in /pwd/vendor/symfony/dependency-injection/Dumper/XmlDumper.php on line 146

Deprecated: DOMElement::setAttribute(): Passing null to parameter #2 ($value) of type string is deprecated in /pwd/vendor/symfony/dependency-injection/Dumper/XmlDumper.php on line 146
. 126 / 163 ( 77%)
..................F...F..............                           163 / 163 (100%)

Time: 00:01.778, Memory: 78.73 MB

There were 2 failures:

1) Webauthn\Bundle\Tests\Functional\Firewall\RegistrationAreaTest::aValidRegistrationResultRequestIsCorrectlyManaged
Failed asserting that two strings are equal.
--- Expected
+++ Actual
@@ @@
-'error'
+'ok'

/pwd/tests/symfony/functional/Firewall/RegistrationAreaTest.php:292

2) Webauthn\Bundle\Tests\Functional\Firewall\SecuredAreaTest::aUserCanBeAuthenticatedAndAccessToTheProtectedResource
Failed asserting that 401 matches expected 200.

/pwd/tests/symfony/functional/Firewall/SecuredAreaTest.php:110

FAILURES!
Tests: 163, Assertions: 853, Failures: 2, Skipped: 5, Incomplete: 1.

A few tests to webauthn-framework itself are required, but this looks much better now.

stale[bot] commented 2 years ago

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

github-actions[bot] commented 1 year ago

This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.