Closed
Bug 1420763
Opened 7 years ago
Closed 6 years ago
webauthn: credential public key not a COSE_Key
Categories
(Core :: DOM: Device Interfaces, defect, P2)
Core
DOM: Device Interfaces
Tracking
()
RESOLVED
FIXED
mozilla59
Tracking | Status | |
---|---|---|
firefox59 | --- | fixed |
People
(Reporter: agl, Assigned: agl)
References
(Blocks 1 open bug)
Details
(Whiteboard: [webauthn][webauthn-wd07])
Attachments
(1 file, 1 obsolete file)
Using a Nightly build, below is a credential public key from attestationObject.authData: a363616c6765455332353661785820578c3b41309593d00bcf9dfe89b74bb0a2ccceaf511baeedbd130f6b67690ad76179582051bf2e1586643767bd56cb592044a4226d5e9590a30baf59542231c6350ff3e3 It's a CBOR map with keys "alg", "x", and "y". However, I think it should be a COSE_Key structure[1]. Based on the example[2] from the RFC, it looks like that should be an integer-keyed map. [1] https://www.w3.org/TR/webauthn/#sec-attestation-data [2] https://tools.ietf.org/html/rfc8152#appendix-C.7.1
Updated•7 years ago
|
Priority: -- → P2
Updated•7 years ago
|
Whiteboard: [webauthn][webauthn-wd07]
Comment hidden (mozreview-request) |
Assignee | ||
Comment 2•6 years ago
|
||
https://reviewboard.mozilla.org/r/209714/
Comment 3•6 years ago
|
||
mozreview-review |
Comment on attachment 8939282 [details] Bug 1420763 - encode webauthn keys as a COSE key; https://reviewboard.mozilla.org/r/209714/#review215582 This is accurate, based on my reading of COSE and the CTAP canonicalization rules. Thank you again, Adam!
Attachment #8939282 -
Flags: review?(jjones) → review+
Updated•6 years ago
|
Comment 4•6 years ago
|
||
MozReview complains that a suitable reviewer has not given a "Ship It!" I can't land the patch because of this.
Flags: needinfo?(jjones)
Keywords: checkin-needed
Comment 5•6 years ago
|
||
Comment on attachment 8939282 [details] Bug 1420763 - encode webauthn keys as a COSE key; That is super weird; 1420760 landed just fine earlier today. I guess I'll bother David; r?keeler?
Flags: needinfo?(jjones)
Attachment #8939282 -
Flags: review?(dkeeler)
Comment 6•6 years ago
|
||
mozreview-review |
Comment on attachment 8939282 [details] Bug 1420763 - encode webauthn keys as a COSE key; https://reviewboard.mozilla.org/r/209714/#review215914 Looking at RFC 8152 section 13.1.1, it seems crv, x, and y are indeed required, so I believe this is correct.
Attachment #8939282 -
Flags: review?(dkeeler) → review+
Comment 7•6 years ago
|
||
We're sorry, Autoland could not rebase your commits for you automatically. Please manually rebase your commits and try again. hg error in cmd: hg rebase -s d441285b7018 -d 38b6a5527c29: rebasing 440875:d441285b7018 "Bug 1420763 - encode webauthn keys as a COSE key; r=jcj,keeler" (tip) merging dom/webauthn/WebAuthnCBORUtil.cpp warning: conflicts while merging dom/webauthn/WebAuthnCBORUtil.cpp! (edit, then use 'hg resolve --mark') unresolved conflicts (see hg resolve, then hg rebase --continue)
Comment hidden (mozreview-request) |
Comment 9•6 years ago
|
||
mozreview-review |
Comment on attachment 8939964 [details] Bug 1420763 - encode webauthn keys as a COSE key; https://reviewboard.mozilla.org/r/210238/#review215962
Attachment #8939964 -
Flags: review?(jjones) → review+
Comment 10•6 years ago
|
||
mozreview-review |
Comment on attachment 8939964 [details] Bug 1420763 - encode webauthn keys as a COSE key; https://reviewboard.mozilla.org/r/210238/#review216244
Attachment #8939964 -
Flags: review?(dkeeler) → review+
Updated•6 years ago
|
Attachment #8939282 -
Attachment is obsolete: true
Comment 11•6 years ago
|
||
https://webauthn.bin.coffee/ is now updated to use COSE structures.
Comment 12•6 years ago
|
||
Pushed by dkeeler@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/cd99a1f959ad encode webauthn keys as a COSE key; r=keeler
Comment 13•6 years ago
|
||
Backed out 1 changesets (bug 1420763) for failing dom/webauthn/tests/test_webauthn_loopback.html r=backout on a CLOSED TREE Failure push: https://treeherder.mozilla.org/#/jobs?repo=autoland&revision=cd99a1f959ad1de4166c493fd5bf1ca86fbd2500&filter-classifiedState=unclassified&filter-resultStatus=testfailed&filter-resultStatus=busted&filter-resultStatus=exception&selectedJob=154432326 Failure log: https://treeherder.mozilla.org/logviewer.html#?job_id=154432281&repo=autoland&lineNumber=2169 Backout: https://hg.mozilla.org/integration/autoland/rev/58070175527e314d6061a04464ec4538232315b8
Comment hidden (mozreview-request) |
Comment hidden (mozreview-request) |
Comment 16•6 years ago
|
||
mozreview-review |
Comment on attachment 8939964 [details] Bug 1420763 - encode webauthn keys as a COSE key; https://reviewboard.mozilla.org/r/210238/#review216370 lgtm: https://treeherder.mozilla.org/#/jobs?repo=try&revision=42f07806d3fe
Comment 17•6 years ago
|
||
Pushed by dkeeler@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/6168b9358352 encode webauthn keys as a COSE key; r=keeler
Comment 18•6 years ago
|
||
bugherder |
https://hg.mozilla.org/mozilla-central/rev/6168b9358352
Status: ASSIGNED → RESOLVED
Closed: 6 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla59
You need to log in
before you can comment on or make changes to this bug.
Description
•