Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

A handful of server errors coming from Windows devices

See original GitHub issue

Hi @MasterKale ! We’re using SimpleWebAuth at https://github.com/padloc/padloc (server and client) and we’ve been seeing quite a few errors for Windows devices, failing authentication. These vary, but always fall into one of these two:

Error: PubArea unique is not same as public key x and y (TPM|ECC)

    at verifyAttestationTPM (/padloc/packages/server/node_modules/@simplewebauthn/server/src/registration/verifications/tpm/verifyAttestationTPM.ts:115:13)

    at verifyRegistrationResponse (/padloc/packages/server/node_modules/@simplewebauthn/server/src/registration/verifyRegistrationResponse.ts:223:42)

    at WebAuthnServer.activateAuthenticator (/padloc/packages/server/src/auth/webauthn.ts:116:80)

Stack Trace:

Error: Public key algorithm [object Object] did not match any metadata algorithms [] (TPM)

    at verifyAttestationTPM (/padloc/packages/server/node_modules/@simplewebauthn/server/src/registration/verifications/tpm/verifyAttestationTPM.ts:267:13)

    at runMicrotasks ()

    at processTicksAndRejections (node:internal/process/task_queues:96:5)

    at verifyRegistrationResponse (/padloc/packages/server/node_modules/@simplewebauthn/server/src/registration/verifyRegistrationResponse.ts:223:16)

    at WebAuthnServer.activateAuthenticator (/padloc/packages/server/src/auth/webauthn.ts:116:48)

We’re wondering if there’s something we should do differently, or if these are a symptom of something else (like Windows Hello)?

Thanks!

FYI @MaKleSoft

Issue Analytics

  • State:closed
  • Created a year ago
  • Comments:22 (13 by maintainers)

github_iconTop GitHub Comments

2reactions
MasterKalecommented, Aug 7, 2022

Both fixes are to @simplewebauthn/server only, correct? Just asking because we’re planning our next release and I’m wondering if it makes sense to wait for this fix.

Yes, that’s correct, both are improvements to server. I figured out how to fix the second bug already, I’m just confirming some values with industry contacts for a bit of validation of my fix. I can probably release the second fix within the next few days to close out this issue.

2reactions
MasterKalecommented, Aug 6, 2022

Alright, I found the metadata statement for aaguid "08987058-cadc-4b81-b6e1-30de50dcbe96" in that response. It’s for a “Windows Hello Hardware Authenticator”, and the statement defines the following authenticationAlgorithms:

"authenticationAlgorithms": ["rsa_emsa_pkcs1_sha256_raw"],

Unfortunately I wasn’t able to map this algorithm to COSE info because the FIDO registry I referenced at the time didn’t have values for this one. I see that v2.2 of the registry does at least reference it, so I’ll attempt to define COSE info for at least this algorithm. I’m pretty sure once I can do that then the second error will go away.

Stay tuned 👀

Read more comments on GitHub >

github_iconTop Results From Across the Web

Error codes in Device Manager in Windows - Microsoft Support
Lists the error codes that may be reported by Device Manager and the possible resolutions in Windows.
Read more >
KB5021233 causes blue screens with 0xc000021a errors
Microsoft is investigating a known issue leading to Blue Screen of Death (BSOD) crashes with 0xc000021a errors after installing the Windows ...
Read more >
What Is a 500 Internal Server Error? How to Troubleshoot
A 500 internal server error indicates a non-specific problem with a website's server and is usually beyond a user's control.
Read more >
How to fix a blue screen of death error in Windows 10 | IT PRO
The error also halts all critical processes, including networks, platforms, and applications. At this point, you lose any unsaved data, and troubleshooting ...
Read more >
8 Common Server Problems & Troubleshooting Tips - Kirbtech
Technical Errors Causing Business Server Errors · 1. Cybersecurity Issues · 2. System Overload · 3. Configuration Settings · 4. Network Glitches.
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

multiple calling of startAuthentication in conditional autofill causes reset to clear webauthnAbortService

Next page

Server throws error `Credential public key was missing numeric alg`