[WebAuthNFido2] Fido2Extension error at method Attestation and can't create data to StoredCredential
Forge component by Rúben Jimenez
Application Type
Mobile
Service Studio Version
11.11.11 (Build 47088)

Hi Rúben Jimenez,

I have downloaded WebAuthNFido2 and used in my mobile application.
I try use client action PasswordlessSignup to register a new user. Username created successfull and a record created Fido2User entity. But, data in StoredCredential entity haven't created, it empty.

I checked error log at service center:

RequestUrl: https://mydomain/MyAuthApp/screenservices/WebAuthNFido2/ActionAttestAndSignUp (Method: POST)

-----

[1] One or more errors occurred.
at ssWebAuthNFido2.RssExtensionFido2Extension.MssAttestation(HeContext heContext, String inParamAttestationResponseJson, String inParamOptionsJson, String& outParamStoredCredentialResultJson)
at ssWebAuthNFido2.Actions.ActionAttestAndSignUp(HeContext heContext, String inParamNewCredential, String inParamOptionsJson, Byte[] inParamFido2UserId)

[2] Missing or unknown attestation type
at Fido2NetLib.AuthenticatorAttestationResponse.<VerifyAsync>d__10.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
   at Fido2NetLib.Fido2.<MakeNewCredentialAsync>d__7.MoveNext()

-----

[1] One or more errors occurred.
at System.Threading.Tasks.Task`1.GetResultCore(Boolean waitCompletionNotification)
at OutSystems.NssFido2Extension.CssFido2Extension.MssAttestation(String ssAttestationResponseJson, String ssOptionsJson, String& ssStoredCredentialResultJson)
at ssWebAuthNFido2.RssExtensionFido2Extension.MssAttestation(HeContext heContext, String inParamAttestationResponseJson, String inParamOptionsJson, String& outParamStoredCredentialResultJson)

[2] Missing or unknown attestation type
at Fido2NetLib.AuthenticatorAttestationResponse.<VerifyAsync>d__10.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Fido2NetLib.Fido2.<MakeNewCredentialAsync>d__7.MoveNext()

----

Please help me resolve this issue.

Thanks so much,

Solution

I have resolved this issue.

Cause: class AuthenticatorAttestationResponse.cs of Fido2NetLib hasn't verfied with AttestationObject.Fmt = "apple".


I have downloaded Fido2.dll version 2.0.2 and re-build Fido2Extension. And it hasn't occurred exceptions, issue resolved.
This is source code of Fido2NetLib version 2.0.2

// 13. Determine the attestation statement format by performing a USASCII case-sensitive match on fmt against the set of supported WebAuthn Attestation Statement Format Identifier values. 

            // An up-to-date list of registered WebAuthn Attestation Statement Format Identifier values is maintained in the IANA registry of the same name

            // https://www.w3.org/TR/webauthn/#defined-attestation-formats

            AttestationVerifier verifier = AttestationObject.Fmt switch

            {

                // TODO: Better way to build these mappings?

                "none" => new None(),                           // https://www.w3.org/TR/webauthn/#none-attestation

                "tpm" => new Tpm(),                             // https://www.w3.org/TR/webauthn/#tpm-attestation

                "android-key" => new AndroidKey(),              // https://www.w3.org/TR/webauthn/#android-key-attestation

                "android-safetynet" => new AndroidSafetyNet(),  // https://www.w3.org/TR/webauthn/#android-safetynet-attestation

                "fido-u2f" => new FidoU2f(),                    // https://www.w3.org/TR/webauthn/#fido-u2f-attestation

                "packed" => new Packed(),                       // https://www.w3.org/TR/webauthn/#packed-attestation

                "apple" => new Apple(),                       // https://www.w3.org/TR/webauthn/#apple-anonymous-attestation

                _ => throw new Fido2VerificationException("Missing or unknown attestation type"),

            };

Thanks !

Community GuidelinesBe kind and respectful, give credit to the original source of content, and search for duplicates before posting.