TechQA.

Python WebAuthn: Unable to verify attestation statement format

563 views Asked by At

I have implemented some sort of password-less authentication using DUO lab's webauthn using Django. However, I keep getting this error:

Unable to verify attestation statement format..

when authenticating on my Android phone (at least for now). How can I include more attestation formats to incorporate Android, Windows hello and any other device in this library's attestation formats?

python django webauthn password-less attestations
Original Q&A
1

There are 1 answers

4
IAmKale On BEST ANSWER

The current version of the webauthn library only supports the following attestation formats:

  • "fido-u2f"
  • "packed"
  • "none"

You mentioned you're trying to register an Android device - without seeing a response you're getting back from the call to navigator.credentials.create() I'd make an educated guess that you're getting responses with "android-safetynet" or "android-key" attestation statements which the library is unable to verify.

Related Questions in PYTHON

Related Questions in DJANGO

Related Questions in WEBAUTHN

Related Questions in PASSWORD-LESS

Related Questions in ATTESTATIONS

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions