Post

Replies

Boosts

Views

Activity

PassKeys PublicKey
Hi, I've been looking at the Shiny PassKey example App. There are the following lines: // The attestationObject contains the user's new public key to store and use for subsequent sign-ins.    let attestationObject = credentialRegistration.rawAttestationObject The attestationObject is raw bytes and certainly doesn't look big enough to contain a public key. I was expecting to see a public key, can anyone confirm if a public key is accessible? The help also says: This object contains the public key. If you request it, it also contains the attestation statement. This statement too, seems slightly wrong, it's an attestation from the get go The help links off to this site: https://www.w3.org/TR/webauthn-2/#attestation-object Can anyone shed any light on this, it's quite confusing
5
0
2.1k
Jul ’22
PassKeys decoded attestation has no statement
Hi, I'm decoding an attestationObject created with ASAuthorizationPlatformPublicKeyCredentialRegistration, but the results have no statement: {'fmt': 'none', 'attStmt': {}, 'authData': '.....data here.......'} The whole credentialRegistration.rawAttestationObject is 182 bytes I'm expecting to see keys like: sig, x5c, alg, certInfo, pubArea etc, but the dictionary is empty, any ideas why it would be empty? Expected Keys: https://github.com/duo-labs/py_webauthn/blob/9d81f2ea12d247b034714aac73701dce32cd67c8/webauthn/helpers/parse_attestation_statement.py#L4
2
0
1.1k
Jul ’22
Verifying PassKey Signature - Structure
Hi, I'm reading different structures on how to construct my signature for verification with PassKeys. I have my key with: publicKeyU2F = b"".join([ (0x04).to_bytes(1, byteorder='big'), key_from_dict.x, key_from_dict.y ]) but when it comes to building the data to verify, I can see two choices...what's the correct format https://medium.com/webauthnworks/verifying-fido2-responses-4691288c8770 signature_base = b"".join( [ authenticator_data_bytes, client_data_hash_bytes, ] ) signature_base_hash = hashlib.sha256() signature_base_hash.update(signature_base) signature_base_hash_bytes = signature_base_hash.digest() or https://www.w3.org/TR/webauthn-2/#sctn-fido-u2f-attestation signature_base = b"".join([ (0x00).to_bytes(1, byteorder='big'), rpidhash, client_data_hash_bytes, credentialId, publicKeyU2F ]) signature_base_hash = hashlib.sha256() signature_base_hash.update(signature_base) signature_base_hash_bytes = signature_base_hash.digest()
6
0
1.4k
Jul ’22
There are no matching passkeys saved in your iCloud Keychain for domain
I have an App that supports PassKeys, end-to-end tests work fine. I also have a website that allows registration of PassKeys. However, whenever I try to sign in to the website, I get the QR code popup, then I get use my phone to scan the QR code, a few seconds later I get: There are no matching passkeys saved in your iCloud Keychain for https://example.com I can clearly see passwords stored in my iCloud Keychain, and they work for the app, why aren't they being found?
3
0
3.9k
Jul ’22
Multiple Active Windows in VisionOS
Hi, In Safari for VisionOS, if you open up two tabs, you can drag one tab out into it's own window. Both windows are now active - fully bright, not dimmed. However if I create multiple windows via WindowGroups in SwiftUI, only one window is active at a time. Is there a setting I need to be using to work like Safari, or is Safari not using Windows? Any help appreciated. Kind Regards Chris
2
2
1.2k
Aug ’23
Simulating the camera in Vision Pro
Hi, I have a Vision Pro App that needs to use the camera as an input device, however I can't capture frames in the simulator. Does anyone know a way of connecting a camera to the simulator for debugging purposes? Could I somehow use my iPhone camera/iPad camera as an input device until DevKits are available? Kind Regards Chris
3
0
1.9k
Aug ’23