Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Trustkey G310 registration doesn't work on Chrome #205

Open
andreas-p opened this issue Jun 29, 2022 · 3 comments
Open

Trustkey G310 registration doesn't work on Chrome #205

andreas-p opened this issue Jun 29, 2022 · 3 comments
Labels
1. to develop Accepted and waiting to be taken care of bug Something isn't working

Comments

@andreas-p
Copy link

andreas-p commented Jun 29, 2022
edited
Loading

This was tested with the latest Chrome 103 and Firefox 101 on NC24.0.2.

Registering the Trustkey with Chrome 103 for FIDO2 or 2FA doesn't work, because the public_key_credential_id field in oc_twofactor_webauthn_registrations and oc_webauthn are only VARCHAR(255), while the string to be stored is 256 bytes long.
After resizing the column in both tables, both FIDO2 and 2FA logins work from Firefox or Chrome.
@ChristophWurst ChristophWurst added 1. to develop Accepted and waiting to be taken care of bug Something isn't working and removed 1. to develop Accepted and waiting to be taken care of labels Jun 29, 2022
This was referenced Jun 29, 2022
Open
Open
@andreas-p
Copy link
Author

Hotfix for PostgreSQL:

ALTER TABLE oc_twofactor_webauthn_registrations ALTER COLUMN public_key_credential_id TYPE VARCHAR(256);
ALTER TABLE oc_webauthn ALTER COLUMN public_key_credential_id TYPE VARCHAR(256);

@skwee
Copy link

skwee commented Jul 1, 2022

Same for Mysql / MariaDB:

ALTER TABLE oc_twofactor_webauthn_registrations MODIFY public_key_credential_id VARCHAR(256);
ALTER TABLE oc_webauthn MODIFY public_key_credential_id VARCHAR(256);

@st3iny
Copy link
Member

st3iny commented Jul 5, 2022
edited
Loading

The standard does not mandate a maximum size for credential ids. We only tested this using Yubikeys and their keys always fitted inside the table column.

I guess we should increase the width of the column.

Ref https://www.w3.org/TR/webauthn/#credential-id

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
1. to develop Accepted and waiting to be taken care of bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@ChristophWurst @st3iny @andreas-p @skwee