WebAuthn“无法解析凭证公共密钥”

编程问答 2022-08-14

问题描述

我正在尝试在Java Web应用程序中实现WebAuthn。 我已经按照Yubico快速入门指南实现了注册功能,但是在验证来自客户端的最终响应时,出现以下错误

java.lang.RuntimeException: Failed to parse credential public key
[...]
Caused by: COSE.CoseException: Missing or incorrect key type field

这是我完成寄存器功能代码

PublicKeyCredential<AuthenticatorAttestationResponse,ClientRegistrationExtensionOutputs> pkc =
    PublicKeyCredential.parseRegistrationResponseJson(responseJson);
System.out.println("pkc: " + pkc);
// Validate the response
try {
   RegistrationResult result = WebAuthnConfig.RP
      .finishRegistration(FinishRegistrationoptions.builder()
      .request(WebAuthnConfig.PK_REQUEST)
      .response(pkc)
      .build());
} catch (RegistrationFailedException e) {
        e.printstacktrace();
}

pkc变量如下所示:

PublicKeyCredential(
   id=ByteArray(c47fddb8101a335...),response=AuthenticatorAttestationResponse(
      attestationObject=ByteArray(a363666d74667...),clientDataJSON=ByteArray(7b226368616c6c6...),attestation=AttestationObject(
         bytes=ByteArray(a363666d74667061636b656467617...
      ),authenticatorData=AuthenticatorData(
         bytes=ByteArray(49960de5880e8c687...),flags=AuthenticatorDataFlags(value=69,UP=true,UV=true,AT=true,ED=false),attestedCredentialData=Optional[
            AttestedCredentialData(
               aaguid=ByteArray(8976631bd4a0427f...),credentialId=ByteArray(c47fddb8101a...),credentialPublicKey=ByteArray(a50102032620012158...)
            )
         ],extensions=Optional.empty
      ),format=packed,attestationStatement={
         "alg":-7,"sig":"MEYCIQDBofIhso...","x5c":["MIIC4TCCAo..."]
      }
   ),clientData=CollectedClientData(
      clientDataJson=ByteArray(7b22636...),clientData={
         "challenge":"dPV2ukXdZzp...","clientExtensions":{},"hashAlgorithm":"SHA-256","origin":"https://localhost","type":"webauthn.create"
      },challenge=ByteArray(74f576ba45...),origin=https://localhost,type=webauthn.create)
   ),clientExtensionResults=ClientRegistrationExtensionOutputs(),type=PUBLIC_KEY
)

OK_REQUEST如下:

PublicKeyCredentialCreationoptions(
   rp=RelyingPartyIdentity(
      name=WebApp WebAuthn,id=localhost,icon=Optional.empty
   ),user=UserIdentity(
      name=[[${#authentication.getPrincipal().getUsername()}]],displayName=null null,id=ByteArray(d72a3a2...),icon=Optional.empty),challenge=ByteArray(74f576...),pubKeyCredParams=[
      PublicKeyCredentialParameters(
         alg=ES256,type=PUBLIC_KEY
      ),PublicKeyCredentialParameters(
         alg=EdDSA,PublicKeyCredentialParameters(
         alg=RS256,type=PUBLIC_KEY
      )
   ],timeout=Optional.empty,excludeCredentials=Optional.empty,authenticatorSelection=Optional.empty,attestation=NONE,extensions=RegistrationExtensionInputs()
)

我无法弄清楚该错误到底在抱怨什么,有人可以帮我解决这个问题,或者如何正确调试此问题?

解决方法

暂无找到可以解决该程序问题的有效方法,小编努力寻找整理中!

如果你已经找到好的解决方法,欢迎将解决方案带上本链接一起发送给小编。

小编邮箱:dio#foxmail.com (将#修改为@)

fidojavajavawebauthn