search

web-auth / webauthn-framework

FIDO-U2F / FIDO2 / Webauthn Framework
MIT License
422 stars 54 forks source link

The trust path type "WebauthnTrustPathEmptyTrustPath" is not supported #484

Closed Jorgu5 closed 1 year ago

Jorgu5 commented 1 year ago

Version(s) affected

4.7.1

Description

When i'm trying to get my credentials from database with PublicKeyCredentialSource::createFromArray it fails on trustpath key. My credential source before unserialization looks like that

    s:21:"publicKeyCredentialId";
    s:43:"1B3Qny7doDKxMIEAde9GU1zsvfge1TN5005344TZx_s";

    s:4:"type";
    s:10:"public-key";

    s:10:"transports";
    a:1:{
        i:0;
        s:8:"internal";
    }

    s:15:"attestationType";
    s:4:"none";

    s:9:"trustPath";
    a:1:{
        s:4:"type";
        s:31:"WebauthnTrustPathEmptyTrustPath";
    }

    s:6:"aaguid";
    s:36:"00000000-0000-0000-0000-000000000000";

    s:19:"credentialPublicKey";
    s:103:"pQECAyYgASFYIMbvEiZF9Ly6yKffYrfTqmPQwQSOqCmaYfIiD0R5KC7yIlggvRtMhy8dXDWNS_sXkrHNaDwn6rlqsMaOcDq4g3qQ7AI";

    s:10:"userHandle";
    s:32:"b1A4ck9yVDVTT09BelE2dFdrT3dyUT09";

    s:7:"counter";
    i:0;

    s:7:"otherUI";
    N;
}

In TrustPathLoader.php I can see, that it throws an error when it checks if WebauthnTrustPathEmptyTrustPath class_exists, line 21.

How to reproduce

  1. Save credentials in database with$publicKeyCredentialSource->jsonSerialize() during registration process.
  2. Retrieve it back with PublicKeyCredentialSource::createFromArray() during auth process.

Possible Solution

No response

Additional Context

No response

Spomky commented 1 year ago

Hi,

It looks like the type is not correctly encoded. I am not sure the serialization of the array is a good practice. You can directly rave the credential as json string by using json_encode($credential); and the method PublicKeyCredentialSource::createFromArray(json_decode(..., true));

Jorgu5 commented 1 year ago

OK I have found the reason, the update_user_meta() in Wordpress is using wp_unslash() which is removing the slashes and it's also automatically serializing the array if it's not a string. The json_encode / decode is not working either as i'm getting corrupted JSON when trying to decode. I'll have to write my own handler for adding public key resource into database then.

I have another issue non-related to WP that occured after update to 4.7.1 (everything works properly on 4.7.0) I'm getting this error during registration ceremony. What changes in recent version could affect it?

Webauthn\AuthenticatorSelectionCriteria::createFromArray(): Argument #1 ($json) must be of type array, Webauthn\AuthenticatorSelectionCriteria given, called in /var/www/html/wp-content/plugins/wp-passkeys/vendor/web-auth/webauthn-lib/src/PublicKeyCredentialCreationOptions.php on line 276

It's happening when i'm retrieving the credential options PublicKeyCredentialCreationOptions::createFromArray($options) This data is saved in session though, not in database, and the data is not affected by any WP methods during the process.

This is how the $json object looks like when being passed to createFromArray

image
Spomky commented 1 year ago

Webauthn\AuthenticatorSelectionCriteria::createFromArray(): Argument #1 ($json) must be of type array, Webauthn\AuthenticatorSelectionCriteria given, called in /var/www/html/wp-content/plugins/wp-passkeys/vendor/web-auth/webauthn-lib/src/PublicKeyCredentialCreationOptions.php on line 276

Looks similar to #483. Can you make sure ->jsonSerialized() is not called as mentioned here?

Jorgu5 commented 1 year ago

Works!

github-actions[bot] commented 1 year ago

This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.