Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Verification error: Invalid key for curve: "Public key is not a point" #292

Closed
KuznetsovNikita opened this issue Oct 15, 2022 · 5 comments
Closed

Verification error: Invalid key for curve: "Public key is not a point" #292

KuznetsovNikita opened this issue Oct 15, 2022 · 5 comments

Comments

@KuznetsovNikita
Copy link

KuznetsovNikita commented Oct 15, 2022
edited

Hello
I have an issue during verification verifyAuthenticationResponse - in the function convertPublicKeyToPEM
The issue: Invalid key for curve: "Public key is not a point"

it's throw by this function jwkToPem:

const ecPEM = jwkToPem({
      kty: 'EC',
      // Specify curve as "P-256" from "p256"
      crv: COSECRV[crv as number].replace('p', 'P-'),
      x: (x as Buffer).toString('base64'),
      y: (y as Buffer).toString('base64'),
 });

The service is running locally

It's happen on macOs Catalina 10.15.7 when I try to verify Touch Id

Server algorithm - p256

Could you please help me?
@KuznetsovNikita
Copy link
Author

In my case x and y is not a buffers, it's objects with looks like

{
0: 184
1: 30
2: 104
3: 232
4: 100
....
}

@MasterKale
Copy link
Owner

Hello @KuznetsovNikita, can you please include how you're calling verifyAuthenticationResponse()? I'm particularly interested in the value you're passing in for credential when you call it.

@KuznetsovNikita
Copy link
Author

Hello @KuznetsovNikita, can you please include how you're calling verifyAuthenticationResponse()? I'm particularly interested in the value you're passing in for credential when you call it.

I'm use it in this way:

      const authentication = await startAuthentication(options);
      
      // and later
      
       const authenticator: AuthenticatorDevice = {
          credentialPublicKey: registrationInfo.credentialPublicKey,
          credentialID: registrationInfo.credentialID,
          counter: registrationInfo.counter,
          transports: credential.transports,
        };


       const authenticationResponse = await verifyAuthenticationResponse({
          credential: authentication,
          expectedChallenge: options.challenge,
          expectedOrigin: expectedOrigin,
          expectedRPID: expectedRPID,
          authenticator,
        });

I didn't serialize/deserialize startAuthentication response.

I guess the issue is that I try to run this function in a browser context. I try to run in the chrome extension background service worker, and the context for this environment is close to the browser instead node.

Do you know if it possible to verify authentication in the browser?
Thank you in advance!

@KuznetsovNikita
Copy link
Author

KuznetsovNikita commented Oct 16, 2022
edited

I found a lot of discussions in discussions page.
Looks like it's not possible.
Thank you for your time.

@MasterKale
Copy link
Owner

Thank you for looking around, I'm glad to see you were able to find previous discussions around this. Your story is yet another point convincing me to try for a "universal" refactor to make SimpleWebAuthn work in more environments than just Node. I'll attempt that as part of addressing #268

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@MasterKale @KuznetsovNikita