1812524 - CTAP2 test on webauthn.bin.coffee fails

Status: RESOLVED FIXED

(Core :: DOM: Web Authentication, defect, P2)

Description

[szczepan]

User Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0

Steps to reproduce:

Env:

• Firefox 111.0a1 (2023-01-20), Linux, desktop
• enabled CTAP2 setting
• FIDO2 capable hardware token - used Nitrokey 3 and Nitrokey FIDO2
  Steps:

1. Open https://webauthn.bin.coffee/
2. Press "Create Credential"
3. Enter the PIN
4. Check test results

Actual results:

One of the test ("Credential ID from CBOR and Raw ID match") has failed.
It passes well however with CTAP2 option in Firefox disabled.
Here is a raw output from the "Create Credential" window:

Contacting token... please perform your verification gesture (e.g., touch it, or plug it in)

Note: Raw response in console.

:: "None" Attestation Format ::
[PASS] Calculated RP ID hash must match what the browser derived.: pkLSG3xtVeHOI8U5mCjSx0m_am7y_gPMnhDN9O1TCIs == pkLSG3xtVeHOI8U5mCjSx0m_am7y_gPMnhDN9O1TCIs
[PASS] User presence and Attestation Object must both be set: 65 == 65
[FAIL] Credential ID from CBOR and Raw ID match: a30058a964e8ab011bd124ff2d405bc414fac40c36ed4d34388e18c0ce4961a821cc90a6d50c0389a03447339bcf77a4c40e3f2caa10bda2e0f0252bab0bab02ea71484d4f904b6cd2bc0f9d6de7f2078c39263816a58b6b5135b31fd8f576c631c74ea50b95c92a37e34f9f42c5e9d5b49c027911f73ea152385ea455e3d228ec38728aea25aa1b5371e5ab15187cebc6f4a5e675dab5e7780fe4d728ca51e379bc5b2a9ed20bcad6e9c8d8c7014c551b28e74d987cf643fc45d202509a749f33f6e94d70a5d425a459c99a8e != 
Keypair Identifier: 
Public Key: 048d83d3b3e98a37edf8f5c95cdaf02b9db8e6241e6b44fbe5ee1bdfd7371854ae7e10fb0761bbce04cddb4f6f15943e65dc6a5e5cb53a419b88eed057f7a4a1f2

:: CBOR Attestation Object Data ::
RP ID Hash: a642d21b7c6d55e1ce23c5399828d2c749bf6a6ef2fe03cc9e10cdf4ed53088b
Counter: 00000013 Flags: 65
AAGUID: ec99db19cd1f4c06a2a9940f17a6a30b

:: Client Data Information ::
Client Data object, in full:
{
  "type": "webauthn.create",
  "challenge": "EC3iR2E4UPP6N4k31JFW5A",
  "origin": "https://webauthn.bin.coffee",
  "crossOrigin": false
}

[PASS] Challenge matches: EC3iR2E4UPP6N4k31JFW5A == EC3iR2E4UPP6N4k31JFW5A
[PASS] ClientData.origin matches this origin (WD-06): https://webauthn.bin.coffee == https://webauthn.bin.coffee
[PASS] Type is valid (WD-08): webauthn.create == webauthn.create


Raw request:
{
  "challenge": {
    "0": 16,
    "1": 45,
    "2": 226,
    "3": 71,
    "4": 97,
    "5": 56,
    "6": 80,
    "7": 243,
    "8": 250,
    "9": 55,
    "10": 137,
    "11": 55,
    "12": 212,
    "13": 145,
    "14": 86,
    "15": 228
  },
  "rp": {
    "name": "Acme"
  },
  "user": {
    "id": {
      "0": 49,
      "1": 48,
      "2": 57,
      "3": 56,
      "4": 50,
      "5": 51,
      "6": 55,
      "7": 50,
      "8": 51,
      "9": 53,
      "10": 52,
      "11": 48,
      "12": 57,
      "13": 56,
      "14": 55,
      "15": 50
    },
    "name": "john.p.smith@example.com",
    "displayName": "John P. Smith",
    "icon": "https://pics.acme.com/00/p/aBjjjpqPb.png"
  },
  "pubKeyCredParams": [
    {
      "alg": -7,
      "type": "public-key"
    }
  ],
  "authenticatorSelection": {
    "authenticatorAttachment": "cross-platform",
    "requireResidentKey": false,
    "userVerification": "preferred"
  },
  "timeout": 60000,
  "excludeCredentials": [],
  "extensions": {
    "exts": true
  }
}

Failures: 1 TODOs: 0

Expected results:

All tests should succeed

Comment 1

[John Schanck [:jschanck]]

Attachment: Bug 1812524 - Return key handle from CTAP2 register requests. r=keeler

Comment 2

[Pulsebot]

Pushed by jschanck@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/f947455d7ca9
Return key handle from CTAP2 register requests. r=keeler

Comment 3

[Marian-Vasile Laza]

https://hg.mozilla.org/mozilla-central/rev/f947455d7ca9