Unsupported format self attestation on Macbook
kayrules opened this issue · comments
Hi,
This issue was previously submitted on webauthn-demo repo. i think it is more relevant to be issued here
When trying this demo via touch id on macbook, I got this error:
Failed to register: Error: Bad Request
Debugging on registration.go: line 128
showing:
unsupported format self attestation
I believe it requires packed + self (surrogate) attestation
for this. There's article for the implementation by Ackermann Yuriy here
@koesie10 any news?
Sorry about the lack of response. I've added packed self attestation, but I'm unfortunately not able to test it. If you are still interested, could you test whether it works correctly?
Hey thanks for adding this. When I tried testing I get the following error running on Macos 10.14.6
goroutine 35 [running]:
net/http.(*conn).serve.func1(0xc0003760a0)
/usr/local/opt/go/libexec/src/net/http/server.go:1769 +0x139
panic(0x18051a0, 0xc000322f00)
/usr/local/opt/go/libexec/src/runtime/panic.go:522 +0x1b5
reflect.Value.Elem(0x17ae3c0, 0xc000322ee0, 0x97, 0xc000322ee0, 0x20, 0x18)
/usr/local/opt/go/libexec/src/reflect/value.go:806 +0x1c8
encoding/asn1.UnmarshalWithParams(0xc0003ea000, 0x47, 0x47, 0x17ae3c0, 0xc000322ee0, 0x0, 0x0, 0x1c0, 0x1e376c0819a4c116, 0x34b0bcb52748774c, ...)
/usr/local/opt/go/libexec/src/encoding/asn1/asn1.go:1060 +0xc1
encoding/asn1.Unmarshal(...)
/usr/local/opt/go/libexec/src/encoding/asn1/asn1.go:1054
github.com/koesie10/webauthn/attestation/packed.verifySelf(0xc00032a748, 0x6, 0xc0003da1c0, 0x20, 0xdf, 0x5e5fd7b500000045, 0xc0003da1e5, 0x10, 0xba, 0xc0003da1f7, ...)
/Users/colin.seale/go/src/github.com/koesie10/webauthn/attestation/packed/packed.go:153 +0x312
github.com/koesie10/webauthn/attestation/packed.verifyPacked(0xc00032a748, 0x6, 0xc0003da1c0, 0x20, 0xdf, 0x5e5fd7b500000045, 0xc0003da1e5, 0x10, 0xba, 0xc0003da1f7, ...)
/Users/colin.seale/go/src/github.com/koesie10/webauthn/attestation/packed/packed.go:54 +0x2ee
github.com/koesie10/webauthn/protocol.Attestation.IsValid(0xc00032a748, 0x6, 0xc0003da1c0, 0x20, 0xdf, 0x5e5fd7b500000045, 0xc0003da1e5, 0x10, 0xba, 0xc0003da1f7, ...)
/Users/colin.seale/go/src/github.com/koesie10/webauthn/protocol/attestation.go:147 +0x136
github.com/koesie10/webauthn/protocol.IsValidAttestation(0xc000388080, 0x7a, 0xc0003261e0, 0x5b, 0x5d, 0xc00032a380, 0xa, 0xc00032a720, 0xf, 0xc000384510, ...)
/Users/colin.seale/go/src/github.com/koesie10/webauthn/protocol/attestation.go:114 +0x197
github.com/koesie10/webauthn/webauthn.(*WebAuthn).ParseAndFinishRegistration(0xc0000105b8, 0xc000388080, 0x7a, 0xc0003261e0, 0x5b, 0x5d, 0xc00032a380, 0xa, 0xc000388100, 0x75, ...)
/Users/colin.seale/go/src/github.com/koesie10/webauthn/webauthn/registration.go:148 +0x694
github.com/koesie10/webauthn/webauthn.(*WebAuthn).FinishRegistration(0xc0000105b8, 0xc00022aa00, 0x6269170, 0xc0002fd710, 0x1a59e00, 0xc0003140f0, 0x1a59e80, 0xc000322140, 0x10143cf, 0xc000078500)
/Users/colin.seale/go/src/github.com/koesie10/webauthn/webauthn/registration.go:200 +0x383
crypto-bot/slackserver.(*SlackServer).FinishRegistration(0xc000124900, 0x6269170, 0xc0002fd710, 0xc00022aa00)
/Users/colin.seale/go/src/crypto-bot/slackserver/webauthn.go:210 +0x14a
net/http.HandlerFunc.ServeHTTP(0xc000174c60, 0x6269170, 0xc0002fd710, 0xc00022aa00)
/usr/local/opt/go/libexec/src/net/http/server.go:1995 +0x44
crypto-bot/vendor/github.com/gorilla/handlers.(*cors).ServeHTTP(0xc0002f8d80, 0x6269170, 0xc0002fd710, 0xc00022aa00)
/Users/colin.seale/go/src/crypto-bot/vendor/github.com/gorilla/handlers/cors.go:54 +0x108a
crypto-bot/slackserver.(*SlackServer).slackSignatureMiddleware.func1(0x6269170, 0xc0002fd710, 0xc00022aa00)
/Users/colin.seale/go/src/crypto-bot/slackserver/middleware.go:34 +0xecb
net/http.HandlerFunc.ServeHTTP(0xc00036f320, 0x6269170, 0xc0002fd710, 0xc00022aa00)
/usr/local/opt/go/libexec/src/net/http/server.go:1995 +0x44
crypto-bot/vendor/github.com/gorilla/mux.(*Router).ServeHTTP(0xc000168240, 0x6269170, 0xc0002fd710, 0xc00022a800)
/Users/colin.seale/go/src/crypto-bot/vendor/github.com/gorilla/mux/mux.go:212 +0xe3
crypto-bot/vendor/github.com/gorilla/handlers.loggingHandler.ServeHTTP(0x1a4a120, 0xc0000c2000, 0x1a48d00, 0xc000168240, 0x19453e8, 0x1a59d00, 0xc0001d81c0, 0xc00022a800)
/Users/colin.seale/go/src/crypto-bot/vendor/github.com/gorilla/handlers/logging.go:45 +0x242
net/http.serverHandler.ServeHTTP(0xc000173110, 0x1a59d00, 0xc0001d81c0, 0xc00022a800)
/usr/local/opt/go/libexec/src/net/http/server.go:2774 +0xa8
net/http.(*conn).serve(0xc0003760a0, 0x1a5c100, 0xc000372ac0)
/usr/local/opt/go/libexec/src/net/http/server.go:1878 +0x851
created by net/http.(*Server).Serve
/usr/local/opt/go/libexec/src/net/http/server.go:2884 +0x2f4