Closed Bug 1724659 Opened 3 years ago Closed 3 years ago

Testing Yubikey securitykey with Firefox 90.0.2 version on Windows 10. In the navigator.credentials.create() API, testing the attestation value as "none" response contains format as "packed"

Categories

(Core :: DOM: Web Authentication, defect)

Product:
Core
Component:
DOM: Web Authentication
Version:
Firefox 90
Platform:
Unspecified
Windows 10
Type:
defect

Tracking

()

Status:
RESOLVED FIXED
Milestone:
100 Branch
Tracking Flags:
Tracking Status
firefox98 --- fixed

People

(Reporter: shiny.28.8, Assigned: rmf)

References

(Blocks 1 open bug)

Details

Attachments

(1 file, 1 obsolete file)

Bug 1724659 - Correctly return none attestation when none is requested on Windows r?dveditz
(deleted), text/x-phabricator-request
Details

User Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.107 Safari/537.36

Steps to reproduce:

Firefox 90.0.2 version on Windows 10:
In the navigator.credentials.create() API, provide the attestation value as "none" .

Actual results:

The response from this API returns the fmt attribute of the attestationobject as "fmt": "packed".

Expected results:

An attestationobject with "fmt": "none" is expected.

Severity: -- → S1
OS: Unspecified → Windows 10
Priority: -- → P1

This happens everytime. This is not intermittent.

Aloha,

I believe the attestation default is also none, as the examples I see don't set it and neither do we, but every platform but windows 10 returns none for us..

However, with windows 10, firefox returns it packed, and the ruby webauthn gem rejects the envelope due to trustworthy?(aaguid: authenticator_data.aaguid) check failing in the gem (exception is WebAuthn::AttestationStatementVerificationError). To summarize, users can't register new yubikeys because it gets rejected here: https://github.com/cedarcode/webauthn-ruby/blob/master/lib/webauthn/attestation_statement/packed.rb#L18

If Firefox returned the format as none like it does on linux, OSX, etc. it would fix this issue.

+1 this is a high priority issue please

Blocks: webauthn
Severity: -- → S3
Assignee: nobody → bugs
Status: UNCONFIRMED → NEW
Ever confirmed: true
Pushed by mozilla@christophkerschbaumer.com: https://hg.mozilla.org/integration/autoland/rev/3bd9ebdd7631 Correctly return none attestation when none is requested on Windows r=dveditz

https://hg.mozilla.org/mozilla-central/rev/3bd9ebdd7631

Status: NEW → RESOLVED
Closed: 3 years ago
status-firefox98: --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → 98 Branch
Attached file Bug 1724659 - Backed out changeset 3bd9ebdd7631 (obsolete) (deleted) —
Status: RESOLVED → REOPENED
Resolution: FIXED → ---
Target Milestone: 98 Branch → 100 Branch
Attachment #9268902 - Attachment description: WIP: Bug 1724659 - Backed out changeset 3bd9ebdd7631 → Bug 1724659 - Backed out changeset 3bd9ebdd7631
Regressions: 1759098
Blocks: 1759098
Status: REOPENED → RESOLVED
Closed: 3 years ago3 years ago
Resolution: --- → FIXED
Attachment #9268902 - Attachment is obsolete: true
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: