-
-
Notifications
You must be signed in to change notification settings - Fork 43
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
verifyAuthentication ERR_OSSL_EVP_DECODE_ERROR #44
Comments
Without context, it's hard to determine the problem. Is it only for a specific authenticator? Does it work in the playground ? Where exactly does your passkey object come from? Is it related to your dev environment? ... But basically, yeah, something look wrong with the key itself. |
I create a smallest app only register and login, it still get error Frontend: <!DOCTYPE html>
<html>
<head>
<title></title>
<script src="https://cdn.jsdelivr.net/npm/axios/dist/axios.min.js"></script>
</head>
<body>
<button onclick="register()">register</button>
<button onclick="login()">login</button>
<script type="module">
import { client } from 'https://cdn.jsdelivr.net/npm/@passwordless-id/[email protected]/dist/webauthn.min.js'
var challenge = "a7c61ef9-dc23-4806-b486-2428938a547e";
window.register = ()=>{
client.register('sample_user_name', challenge, {
authenticatorType: "auto",
userVerification: "required",
timeout: 60000,
attestation: true,
debug: false,
})
.then(registration=>{
console.log(registration)
axios({
method: 'post',
url: '/register',
responseType: 'json',
data: {
registration,
}
})
.then(({data})=>{
console.log(data)
alert("request succeed")
})
.catch((err)=>{
console.log(err)
alert("request failed")
})
})
.catch((err)=>{
console.log(err)
alert("user/platform declined")
})
}
window.login = ()=>{
client.authenticate([], challenge, {
authenticatorType: "auto",
userVerification: "required",
timeout: 60000,
})
.then(authentication=>{
axios({
method: 'post',
url: '/login',
responseType: 'json',
data: {
authentication,
}
})
.then(({data})=>{
console.log(data)
alert("request succeed")
})
.catch((err)=>{
console.log(err)
alert("request failed")
})
})
.catch((err)=>{
console.log(err)
alert("user/platform declined")
})
}
</script>
</body>
</html> Backend: import fs from "fs"
import path from "path"
import express from "express"
import {server as webAuthnServer} from '@passwordless-id/webauthn';
var app = express();
app.use(express.json({limit: '5mb' }));
app.get('/', (req,res)=>{
res.type("text/html");
res.send( fs.readFileSync( path.join(process.cwd(),"./web.html") ,{encoding: 'utf-8'}) );
return;
})
var saved_credential = null;
var challenge = "a7c61ef9-dc23-4806-b486-2428938a547e";
app.post('/register',(req,res)=>{
var expected = {
challenge,
origin: "http:https://localhost:9999"
}
webAuthnServer.verifyRegistration(req.body.registration, expected)
.then(data=>{
// save key
saved_credential = data.credential;
res.json({
success: 1
});
})
.catch(()=>{
res.json({
success: 0
});
})
})
app.post('/login',(req,res)=>{
var credentialKey = saved_credential;
var expected = {
challenge,
origin: "http:https://localhost:9999",
userVerified: true,
}
webAuthnServer.verifyAuthentication(req.body.authentication, credentialKey, expected)
.then(data=>{
res.json({
success: 1
});
})
.catch(err=>{
console.log(err)
res.json({
success: 0
});
})
})
app.listen(9999,()=>{
console.log('http:https://localhost:9999')
}) Try this file:
|
Node.js version: 20.11.1 |
Maybe there's something wrong with my Windows11, I tested it on MacOS 13.6, it works well |
Strange... It looks like the following key cannot be interpreted as RS256 key, dunno why.
I would be interested as well to know what went wrong with this "key". |
My PC do not has TPM hardware. I replaced some system files when I was installing Windows 11. Maybe that caused the problem. |
Code:
Console:
The text was updated successfully, but these errors were encountered: