Post

Replies

Boosts

Views

Activity

passkey attestationObject confusion
Hello everybody, I'm trying to implement passkey provider for iOS device. I'm in the register phase of the passkey. Let's say this is my code to register request, what am I doing wrong?: import SwiftCBOR class CredentialProviderViewController: ASCredentialProviderViewController { . . . func generatePublicKeyCborEncoded() -> Data { let privateKey = P256.Signing.PrivateKey() let publicKey = privateKey.publicKey.x963Representation let decoded: [CBOR: CBOR] = [ CBOR.init(integerLiteral: 1): CBOR.init(integerLiteral: 2), CBOR.init(integerLiteral: 3): CBOR.init(integerLiteral: -7), CBOR.init(integerLiteral: -1): CBOR.init(integerLiteral: 1), CBOR.init(integerLiteral: -2): CBOR.byteString(publicKey[1..<33].map { $0 }), CBOR.init(integerLiteral: -3): CBOR.byteString(publicKey[33..<65].map { $0 }) ] return Data(CBOR.encode(decoded)) } @IBAction func onRegister(_ sender: UIButton) { NSLog("onRegister called 1") guard let request = newRegistrationRequest as? ASPasskeyCredentialRequest else {return} let attObj: Data = generatePublicKeyCborEncoded() let passkey: ASPasskeyRegistrationCredential = ASPasskeyRegistrationCredential( relyingParty: request.credentialIdentity.serviceIdentifier.identifier, clientDataHash: request.clientDataHash, credentialID: Data([67, 92, 125, 254, 60, 232, 238, 248, 14, 107, 245, 21, 85, 130, 40, 54], attestationObject: attObj ) extensionContext.completeRegistrationRequest(using: passkey){ endedWell in NSLog("onRegister called \(endedWell ? "" : "not") ended well") } } }
2
0
957
Dec ’23
help with passkey authentication
I'm trying to implement passkey authenticator on iOS. while register works perfectly I'm still struggling with authenticating. let's say this is the code I'm using to authenticate: override func provideCredentialWithoutUserInteraction(for credentialRequest: ASCredentialRequest){ guard let req: ASPasskeyCredentialRequest = credentialRequest as? ASPasskeyCredentialRequest else { return } let hashedRp = hashRP(req.credentialIdentity.serviceIdentifier.identifier) do { let privateKey: P256.Signing.PrivateKey = try P256.Signing.PrivateKey(derRepresentation: Data(base64Encoded: CredentialProviderViewController.base64PrivateString) ?? Data([])) let ad = hashedRp + [29, 0, 0, 0, 0] let sig = try privateKey.signature( for: SHA256.hash(data: Data(ad + req.clientDataHash)) ) let res: ASPasskeyAssertionCredential = ASPasskeyAssertionCredential( userHandle: Data(hashedRp[0..<16]), relyingParty: req.credentialIdentity.serviceIdentifier.identifier, signature: sig.rawRepresentation, clientDataHash: req.clientDataHash, authenticatorData: Data(ad), credentialID: Data(hashedRp[0..<16]) ) extensionContext.completeAssertionRequest(using: res) } catch {} } this will produce: authentication failed: 1 validation error for authenticationCredential __root__ string argument should contain only ascii characters. what am i doing wrong?
3
0
772
Dec ’23
passkey registration fails on hybrid connect (qr code scan)
I developed an app that implements autofill extension with ASCredentialProviderViewController to provide passkeys. while it works smoothly on internal connections (e.g. register to webauthn.io on the same device where my app is installed), it fails when i'm scanning QR code on another device. I suspect it's a problem with the flags of the passkey attestation object as the only difference between the 2 requests (internal and hybrid) I've found is that the userVerificationPreference is changed from preferred (internal) to required (hybrid). i sent those flags (both on hybrid and internal connection): binary rep: 01011101 decimal rep: 93 is anyone has a clue what goes wrong?
1
1
888
Dec ’23
communication between extension and containing app
I'm trying to implement an AutoFill extension for passkeys. I need the extension to communicate with the containing app even when the containing app is terminated. Is there any (and I mean ANY) way to do it? P.S. I already tried the MMWormhole package and also tried to write to a file from the extension using NSFileCoordinator and observe this file in the containing app using NSFilePresenter. Both only work when the containing app is already running.
0
0
602
Feb ’24