Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Unable to cast object of type 'ECDsaSecurityTransforms' to type 'System.Security.Cryptography.ECDsaCng'.

See original GitHub issue

Description

Trying to register a YubiKey 4 as a 2FA throws an invalidcastexception.

Code Used

Code used to produce the exception:

var parsed = AuthenticatorAttestationResponse.Parse(attestationResponse);
var success = parsed.VerifyAsync(
	options,
	new Fido2Configuration {
		ServerName = "Fido 2 local test",
		ServerDomain = "localhost",
		Origin = "https://localhost:63536",
	},
	(x) => Task.FromResult(true), // callback,
	null,
	null);

var success = await fidoLib.MakeNewCredentialAsync(attestationResponse, options, callback);

Parameter Values

AuthenticatorAttestationRawResponse attestationResponse as Json:

{
  "Extensions": {
    "appid": false,
    "authnSel": false,
    "biometricPerfBounds": false
  },
  "Id": "cgwCz28pJtwpIpYjxvkMYzxxJk279q2lWF_4K_EmTSMUGplrdCTv-KGn6glBrc1jd10dLuAJY2wVgy-Ct1xZrQ",
  "RawId": "cgwCz28pJtwpIpYjxvkMYzxxJk279q2lWF_4K_EmTSMUGplrdCTv-KGn6glBrc1jd10dLuAJY2wVgy-Ct1xZrQ",
  "Response": {
    "AttestationObject": "o2NmbXRoZmlkby11MmZnYXR0U3RtdKJjc2lnWEYwRAIgXH6YWrE9Qc7_q5UH0fRROUq6Rl1zqneHegP8oLx_RskCIDzK8tHqPbywvXMHihhTpWPNMCU-_iqIvWALrGNfouZuY3g1Y4FZAk4wggJKMIIBMqADAgECAgRXFvfAMA0GCSqGSIb3DQEBCwUAMC4xLDAqBgNVBAMTI1l1YmljbyBVMkYgUm9vdCBDQSBTZXJpYWwgNDU3MjAwNjMxMCAXDTE0MDgwMTAwMDAwMFoYDzIwNTAwOTA0MDAwMDAwWjAsMSowKAYDVQQDDCFZdWJpY28gVTJGIEVFIFNlcmlhbCAyNTA1NjkyMjYxNzYwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARk2RxU1tlXjdOwYHhMRjbVSKOYOq81J87rLcbjK2eeM_zp6GMUrbz4V1IbL0xJn5SvcFVlviIZWym2Tk2tDdBiozswOTAiBgkrBgEEAYLECgIEFTEuMy42LjEuNC4xLjQxNDgyLjEuNTATBgsrBgEEAYLlHAIBAQQEAwIFIDANBgkqhkiG9w0BAQsFAAOCAQEAeJsYypuk23Yg4viLjP3pUSZtKiJ31eP76baMmqDpGmpI6nVM7wveWYQDba5_i6P95ktRdgTDoRsubXVNSjcZ76h2kw-g4PMGP1pMoLygMU9_BaPqXU7dkdNKZrVdXI-obgDnv1_dgCN-s9uCPjTjEmezSarHnCSnEqWegEqqjWupJSaid6dx3jFqc788cR_FTSJmJ_rXleT0ThtwA08J_P44t94peJP7WayLHDPPxca-XY5Mwn9KH0b2-ET4eMByi9wd-6Zx2hCH9Yzjjllro_Kf0FlBXcUKoy-JFHzT2wgBN9TmW7zrC7_lQYgYjswUMRh5UZKrOnOHqaVyfxBIhmhhdXRoRGF0YVjESZYN5YgOjGh0NBcPZHZgW4_krrmihjLHmVzzuoMdl2NBAAAAAAAAAAAAAAAAAAAAAAAAAAAAQHIMAs9vKSbcKSKWI8b5DGM8cSZNu_atpVhf-CvxJk0jFBqZa3Qk7_ihp-oJQa3NY3ddHS7gCWNsFYMvgrdcWa2lAQIDJiABIVggdNuG2tgs9Gxjgg30RMCcwrMd6Uovuv4QuUZlGr6tllwiWCDXHPD4i32zwChY7KvGuOSAOupKJpvod0zZX-y8DlQZkQ",
    "ClientDataJson": "eyJjaGFsbGVuZ2UiOiJNYmVpcXp3S0xpSGNKYUY1WGpDeVpBIiwiZXh0cmFfa2V5c19tYXlfYmVfYWRkZWRfaGVyZSI6ImRvIG5vdCBjb21wYXJlIGNsaWVudERhdGFKU09OIGFnYWluc3QgYSB0ZW1wbGF0ZS4gU2VlIGh0dHBzOi8vZ29vLmdsL3lhYlBleCIsIm9yaWdpbiI6Imh0dHBzOi8vbG9jYWxob3N0OjYzNTM2IiwidHlwZSI6IndlYmF1dGhuLmNyZWF0ZSJ9"
  },
  "Type": "public-key"
}

CredentialCreateOptions options as Json:

{
    "rp": {
        "id": "localhost",
        "name": "Fido 2 local test"
    },
    "user": {
        "name": "testing@evidos.nl",
        "id": "YjYzYzMyZDU1ODI5NDUzZmFlY2JhZDQ5NjdjMDRkYmM",
        "displayName": "testing@evidos.nl"
    },
    "challenge": "lr7HiuNiDw9ThdDpQhjpfA",
    "pubKeyCredParams": [
        {
            "type": "public-key",
            "alg": -7
        },
        {
            "type": "public-key",
            "alg": -257
        },
        {
            "type": "public-key",
            "alg": -37
        },
        {
            "type": "public-key",
            "alg": -35
        },
        {
            "type": "public-key",
            "alg": -258
        },
        {
            "type": "public-key",
            "alg": -38
        },
        {
            "type": "public-key",
            "alg": -36
        },
        {
            "type": "public-key",
            "alg": -259
        },
        {
            "type": "public-key",
            "alg": -39
        }
    ],
    "timeout": 60000,
    "attestation": "direct",
    "authenticatorSelection": {
        "requireResidentKey": false,
        "userVerification": "discouraged"
    },
    "excludeCredentials": [
        {
            "type": "public-key",
            "id": "AZMCIBCLkeohptOEnL3Y6irnVdcbnvro3X1PcifZdg2OG28tfq4raUhUmpjEIZh5MZm2BagibXhg6qcWNuqEklYPCnC8loXQ18DRmkRlTG85VRdr-IU7C7tAMi0diKQprU8rqaM"
        }
    ],
    "extensions": {
        "exts": true,
        "uvi": true,
        "loc": true,
        "uvm": true,
        "biometricPerfBounds": {
            "FAR": 3.40282347e+38,
            "FRR": 3.40282347e+38
        }
    },
    "status": "ok",
    "errorMessage": ""
}

Exception thrown

This throws an InvalidCastException:

Exception has occurred: CLR/System.AggregateException
Exception thrown: 'System.AggregateException' in System.Private.CoreLib.dll: 'One or more errors occurred.'
 Inner exceptions found, see $exception in variables window for more details.
 Innermost exception 	 System.InvalidCastException : Unable to cast object of type 'ECDsaSecurityTransforms' to type 'System.Security.Cryptography.ECDsaCng'.
   at Fido2NetLib.AttestationFormat.FidoU2f.Verify()
   at Fido2NetLib.AuthenticatorAttestationResponse.<VerifyAsync>d__10.MoveNext()

Issue Analytics

State:
Created 4 years ago
Comments:12

Top GitHub Comments

1reaction

abergscommented, Oct 29, 2019

Great. scheduling a release in about 1 week to allow for feedback from others.

1reaction

WouterHDcommented, Oct 29, 2019

@abergs I was able to both register and verify my Yubikeys using the new release 🎉 Tested with firefox and chrome on MacOs

Top Results From Across the Web

Unable to cast object of type 'ECDsaSecurityTransforms ...

Description Trying to register a YubiKey 4 as a 2FA throws an invalidcastexception. Code Used Code used to produce the exception: var parsed ......

c# - Unable to cast object of type 'System.Security. ...

Just goes to show the amount of legacy assumptions in core libraries. It seems that you have to create your own extension of ......

[IdP] Unable to cast object of type 'System.Security. ...

In the Sevice Center, I found: Unable to cast object of type 'System.Security.Cryptography.RSACng' to type 'System.Security.Cryptography.

Unable to cast object of type 'System.Security. ...

When I use this certificate to sign saml response I get this error message. Unable to cast object of type 'System.Security.Cryptography.

ECDsaCng Class (System.Security.Cryptography)

Provides a Cryptography Next Generation (CNG) implementation of the Elliptic ... a new instance of the ECDsaCng class by using the specified CngKey...