yubico / java-u2flib-server Goto Github PK

View Code? Open in Web Editor NEW

130.0 130.0 57.0 920 KB

(OBSOLETE) Java server-side library for U2F

Home Page: https://developers.yubico.com/java-u2flib-server

License: Other

Java 85.46% HTML 0.32% JavaScript 8.42% FreeMarker 1.68% Python 3.42% Groovy 0.71%

java-u2flib-server's People

Contributors

Stargazers

Watchers

java-u2flib-server's Issues

Improve demo server

The demo server is a bit user-unfriendly, and should probably be improved a bit.

deviceRegistration.toJsonWithAttestationCert() causes exception

When using deviceRegistration.toJsonWithAttestationCert() I receive the following exception;

com.fasterxml.jackson.databind.JsonMappingException: No serializer found for class org.bouncycastle.math.ec.WNafL2RMultiplier and no properties discovered to create BeanSerializer (to avoid exception, disable SerializationFeature.FAIL_ON_EMPTY_BEANS) ) (through reference chain: com.yubico.u2f.data.DeviceRegistration["attestationCertificate"]->org.bouncycastle.jcajce.provider.asymmetric.x509.X509CertificateObject["publicKey"]->org.bouncycastle.jcajce.provider.asymmetric.ec.BCECPublicKey["q"]->org.bouncycastle.math.ec.custom.sec.SecP256R1Point["curve"]->org.bouncycastle.math.ec.custom.sec.SecP256R1Curve["multiplier"])

promlens with device identification in Chomre and Opera

Hi,

in Chorme and Opera he Yubikey registration response is different. The device type is not recongnized.

I have the same issue with the python based u2fval server end the u2f-api-1.1.js. I have attestation enabled, so if the device is not recognized, the registration failed.

Seems that, there is problem in JS API and browser integration. I tried also another Yubikye with the same result.

See the result from the Chome, espacially the Issuer and certificate validity.

OS Info

os: Mac OS 10.13.5
FF: 60.0.2 (64-bit) (latest)
Chrome: Version 67.0.3396.87 (Official Build) (64-bit) (latest)
Opera: 53.0.2907.99 - Opera is up to date

Firefox

Successfully registered device:

Vendor metadata

                url: https://yubico.com
            

                imageUrl: https://developers.yubico.com/U2F/Images/yubico.png
            

                name: Yubico
            

Device metadata

                deviceId: 1.3.6.1.4.1.41482.1.5
            

                displayName: YubiKey 4/YubiKey 4 Nano
            

                deviceUrl: https://www.yubico.com/products/yubikey-hardware/yubikey4/
            

                imageUrl: https://developers.yubico.com/U2F/Images/YK4.png
            

Device transports: USB

Registration data

 DeviceRegistration{Key handle=ikcNuC3imxbGbnEvCxwYODKzZNIC0_yW1ksV99jFm7bl2FMT1w_snYCEGQiQOH31STVnYM63JU9gPXhDRhRbow, Public key=BL-8QSDycOXlmjLs9pKgvwVgE9FVEqWSSi1k2sCvChCLKcUkdf-sfW4nK2M20-66YJ17JeUX4ah6HLod1RGLdpw, Counter=-1, Attestation certificate=  [0]         Version: 3
         SerialNumber: 305582463
             IssuerDN: CN=Yubico U2F Root CA Serial 457200631
           Start Date: Fri Aug 01 02:00:00 CEST 2014
           Final Date: Sun Sep 04 02:00:00 CEST 2050
            SubjectDN: CN=Yubico U2F EE Serial 23925734103241087
           Public Key: EC Public Key
            X: d365a91e5e99e0d5b439c0d9afbb87f4058e47dd12b144edb14d2b33f8d35c15
            Y: 13e40d79f0f999abe23671959381c9dc2b07858b82ac63476204ccf734d6ae21

  Signature Algorithm: SHA256WITHRSA
            Signature: 221b9bb3b27224f13ebea322f0351eaf464966a3
                       6f7269857c8e23f9e505b55275dd4e41223e7f26
                       11091469cf929fa5263e6cc77681b2486daaf41f
                       b1cfabe85508f13f6750f6c81b29de601b5e7208
                       bbfa6476e564a91d7d64ab524ad04ebb5ace218b
                       1526f171f87cdef52398e8432c50b9bf1578197a
                       b6ebbe32abd1769338389c24b8c97acee3f1bc61
                       6476caf42f1367df2928d02655c63b9d3cd0ab69
                       b6996fe573788b9952f802ab4f941155b109dc1e
                       20ec6d2542175857eeabe19b478a5f2617860d31
                       9d3e45a60fc4069835690561dcce6426887506d7
                       45979f8067db3148800b683058dedf88f1d5f5eb
                       bcd8d632a46537d8e8a31bd063846b7f
       Extensions: 
                       critical(false) 1.3.6.1.4.1.41482.2 value = 1.3.6.1.4.1.41482.2 value = *****
                       critical(false) 1.3.6.1.4.1.45724.2.1.1 value = DER Bit String[1, 5]

Chrome and Opera

Successfully registered device:

No vendor metadata present!

No device metadata present!

Device transports: USB

Registration data

 DeviceRegistration{Key handle=3N0Cv3RvZZbfeWPdJuwh50Ycq1bGfa1kSEP9n_sIpIGdkSwzBxPXqqazU_lBCD0zJoIzRqVwUlfv1_xemiX6rg, Public key=BCBFyIMtJlem_qY4ibCy6n91iVZvHmAag3Crg7hjZCciR5ee46BsrPN17t6HN9_nhUT1YqVJDH2d-JKM8OInRcM, Counter=-1, Attestation certificate=  [0]         Version: 3
         SerialNumber: 459897267187468141154298
             IssuerDN: CN=U2F Issuer
           Start Date: Sat Jan 01 01:00:00 CET 2000
           Final Date: Sat Jan 01 01:00:00 CET 2000
            SubjectDN: CN=U2F Device
           Public Key: EC Public Key
            X: 1dc67445b5373078ebd57cd78088c43f008f64b13265e4a5549a1c7ef3da32d8
            Y: edc75a29a53e2f948121ac128184c55e9eaf6b88ec53e071edf7accb24bc9973

  Signature Algorithm: SHA256WITHECDSA
            Signature: 3045022100c1a3a68e2f16a7214627057f62bb72
                       8c9e03e7a1ba62d046524e456d2c2f3f7302200b
                       5f78e511aa18129f6f236d9213227d92b4e67edf
                       53e816dfb05d9dc8b90fde
       Extensions: 
                       critical(false) 1.3.6.1.4.1.45724.2.1.1 value = DER Bit String[1, 5] 

}

java.security.InvalidKeyException: No installed provider supports this key: org.bouncycastle.jce.provider.JCEECPublicKey

I got error below when calling finishRegistration. Any idea?

java.security.InvalidKeyException: No installed provider supports this key: org.bouncycastle.jce.provider.JCEECPublicKey

I cannot open https://localhost:8443/assets/registerIndex.html on Mac

cannot open https://localhost:8443/assets/registerIndex.html on Mac.
http://localhost:8080/assets/registerIndex.html can be opened.

u2flib-server-demo: IllegalArgumentException when calling registerIndex

I built and started the current u2flib-server-demo 0.12.2-SNAPSHOT.

When I go to http://example.com:8080/registerIndex the demo server throws an exception:

io.dropwizard.jersey.errors.LoggingExceptionMapper: Error handling a request: .........
! java.lang.IllegalArgumentException: URI is not hierarchical
! at java.io.File.<init>(Unknown Source) ~[na:1.8.0_40-ea]
! at demo.Resource.registerIndex(Resource.java:96) ~[u2flib-server-demo.jar:na] 
...

Is there a way to avoid this error and run the demo?

Unexpected Token { in Example

First, thanks for making this example library available.

I'm attempting to have my Django app register a Yubikey against the example U2F python server you've provided. When I add the js below into my template, I get the following error:

var request = ${data};

error:

Uncaught SyntaxError: Unexpected token {

This is a silly issue, but I can't quite figure out a workaround. Any suggestions?

Client side JavaScript source code

Hi,

This lib is used for server side, so what about the client side? how can get data from U2F token before I'll send it to server?
thanks!

code deployoment

Is it possible to deploy the server demo code on any web server?if yes, can I just build a war and deploy on Tomcat else what changes are to be done in the code?

shouldn't requestStorage be a cache and not userStorage

shouldn't requestStorage be a cache and not userStorage? Seems like the requests would need the time limit and not the userStorage which would presumably be more permanent?

Registration demo requires unnecessary browser extension

Thanks to #4 I managed to start the server + demo.

The registration demo requires a chrome extension for the u2f token:

GET chrome-extension://pfboblefjcgdjicmnffhdgionmgcdmne/u2f-api.js net::ERR_FAILED

I'm using chrome 39 which comes with native support for my yubico token - adding the token to my google account works without adding browser extensions as well.
Is there a way to directly access the token without additional browser extensions?

The artifactId in the README is wrong

Should be u2flib-server-core, is u2fserver-core

Gson-serializable objects should have a no-args constructor.

... or an instance creator. From the GSON user guide:
"Well-behaved classes that are meant for serialization and deserialization should have a no-argument constructor
Doesn't matter whether public or private
Typically, Instance Creators are needed when you are dealing with a library class that does NOT define a no-argument constructor"

See link for where this is an issue:
https://groups.google.com/forum/#!topic/google-gson/2TKlp619p2w

[Information] Scala U2F Server has been developed based on Yubico Java U2F library

The Scala U2F server is built based on open-source Yubico Java U2F server library.

https://github.com/winstonhong/scala-u2f-server

Your Example does not compile

Your demo.Resource file in the u2f-lib-server module fails to compile because one of your exception cases attempts to call a non-existent getDeviceRegistration() method on DeviceCompromisedException

Can release 0.16.0 be released?

Would it be possible for a version 0.16.0 containing the recent commits to be released to Maven Central? I don't mind building the library myself, but would like to depend on a released version eventually.

Thanks in advance. 😃

Signing a request in JavaScript with u2f.sign gives {errorCode: 4} in chrome but works in Firefox.

My company recently bought FIDO U2F Security Keys and we are trying to add authentication via the keys to our admin website. This works in Firefox with the U2F add-on installed but in chrome u2f.sign keeps returning {errorCode: 4}.

Our website is made in Java with the ZK Framework. On server side we use the java-u2flib-server library. We sign the requests on client side using javascript in the zul files using u2f.register and u2f.sign.

To register a key the user first enters name and password and submits. The server creates the RegistrationData and goes to a second page. There, we use javascript function u2f.register. In the callback we send the response with the DeviceRegistration to the server.

The login is done similarly. When submitting the first page the server gives the DeviceRegistration json and a challenge to a second page. The page uses u2f.sign and sends the DeviceResponse to the server in the callback.

According to the documentation this means the device does not know the received DeviceRegistration but that seems unlikely since the same code works in firefox and I checked that they receive the same json from the server.

Do you know what can cause that or what I can do to debug the problem?

Thanks in advance,
Dean Voets

Latest release (0.15.0) missing from repo

It seems version 0.15.0 was never mirrored to this repo. Could it be out of sync with Yubico's internal git repository?

I would like to submit a PR, but I would like to test it against an up-to-date master if possible.

Consistent exception hierarchy

It would be easier to manage the exceptions from the library if they all descended from a common ancestor. Right now, I have to catch multiple different exceptions in my catch blocks, which leads to ugly code.

u2flib-server-demo does not build

The project u2flib-server-demo fails to build with maven. There is a dependency to a snapshot version.

[INFO] ------------------------------------------------------------------------
[INFO] BUILD FAILURE
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 8.067 s
[INFO] Finished at: 2016-10-04T10:15:59+02:00
[INFO] Final Memory: 16M/309M
[INFO] ------------------------------------------------------------------------
[ERROR] Failed to execute goal on project u2flib-server-demo: Could not resolve dependencies for project com.yubico:u2flib-server-demo:jar:0.16.1-SNAPSHOT: The following artifacts could not be resolved: com.yubico:u2flib-server-core:jar:0.16.1-SNAPSHOT, com.yubico:u2flib-server-attestation:jar:0.16.1-SNAPSHOT: Could not find artifact com.yubico:u2flib-server-core:jar:0.16.1-SNAPSHOT -> [Help 1]
[ERROR] 
[ERROR] To see the full stack trace of the errors, re-run Maven with the -e switch.
[ERROR] Re-run Maven using the -X switch to enable full debug logging.
[ERROR] 
[ERROR] For more information about the errors and possible solutions, please read the following articles:
[ERROR] [Help 1] http://cwiki.apache.org/confluence/display/MAVEN/DependencyResolutionException

Maven versioning

Hi! Thanks for sharing this library. It helps to get the server-side of FIDO U2F authentication working.

There is something odd about the versioning used in this Maven project. The version number is always set to the last released version instead of using a SNAPSHOT version for intermediate development builds. This means that a mvn clean install of the current HEAD builds a 0.14.0 version of the library.

To guarantee reproducible builds, I would recommend to only have the tagged release commits use a full version number (e.g., 0.14.0), and that all intermediate commits are reset to a SNAPSHOT version (e.g., 0.15.0-SNAPSHOT).

This helps anyone working on your code, because they can create development builds with a SNAPSHOT version. SNAPSHOT dependencies are always updated by Maven if you depend on them during development, whereas full releases (without the -SNAPSHOT marker) get cached more aggressively.

I recommend using the Maven Release Plugin to facilitate this workflow.

Feel free to contact me if you have any questions about this topic.

Getting error while authenticating U2F token with com.yubico 0.18.1

Hello, we have Yubico tokens but recently we are not able to login to our application. This is the java exception we are getting when we are trying to login with Yubico key. Please help us resolving this problem. I have attached error logs for the same while user attempts to login.
blackice.log

Fidio U2F USB Token response for registration

Hi,

I'm trying to get Fidio U2F USB Token response for registration using u2f-api.js library here is the source code:

<script src="/u2f-api.js"></script>
<script>
 var RegistrationData = {"challenge":"dG7vN-E440ZnJaKQ7Ynq8AemLHziJfKrBpIBi5OET_0",
                         "appId":"https://localhost:8443",
                         "version":"U2F_V2"};
 setTimeout(function() {
              u2f.register([RegistrationData],[],
              function(data) {
              if(data.errorCode) {
               alert("U2F failed with error: " + data.errorCode);
              return;  }
        alert(JSON.stringify(data));   });
}, 1000);
</script>

But for some reasons I don't get the Token response.
please help me

registration failing

I'm trying to start the registration process, working with the python based u2f softkey as a demo but the registration process constantly fails with:

javax.servlet.ServletException: com.yubico.u2f.exceptions.U2fBadInputException: Bad clientData: wrong challenge
	at com.tremolosecurity.proxy.ProxySys.doPush(ProxySys.java:183) ~[classes/:?]
	at com.tremolosecurity.embedd.NextEmbSys.nextSys(NextEmbSys.java:139) ~[classes/:?]
	at com.tremolosecurity.proxy.auth.AuthMgrSys.doAuthMgr(AuthMgrSys.java:132) ~[classes/:?]
	at com.tremolosecurity.embedd.NextEmbSys.nextSys(NextEmbSys.java:126) ~[classes/:?]
	at com.tremolosecurity.proxy.auth.AzSys.doAz(AzSys.java:139) ~[classes/:?]
	at com.tremolosecurity.embedd.NextEmbSys.nextSys(NextEmbSys.java:111) ~[classes/:?]
	at com.tremolosecurity.proxy.auth.AuthSys.doAuth(AuthSys.java:162) ~[classes/:?]
	at com.tremolosecurity.embedd.NextEmbSys.nextSys(NextEmbSys.java:105) ~[classes/:?]
	at com.tremolosecurity.proxy.ConfigSys.doConfig(ConfigSys.java:279) [classes/:?]
	at com.tremolosecurity.embedd.NextEmbSys.nextSys(NextEmbSys.java:93) [classes/:?]
	at com.tremolosecurity.filter.UnisonServletFilter.doFilter(UnisonServletFilter.java:276) [classes/:?]
	at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61) [undertow-servlet-1.3.28.Final.jar:1.3.28.Final]
	at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131) [undertow-servlet-1.3.28.Final.jar:1.3.28.Final]
	at io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:84) [undertow-servlet-1.3.28.Final.jar:1.3.28.Final]
	at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62) [undertow-servlet-1.3.28.Final.jar:1.3.28.Final]
	at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36) [undertow-servlet-1.3.28.Final.jar:1.3.28.Final]
	at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:131) [undertow-servlet-1.3.28.Final.jar:1.3.28.Final]
	at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57) [undertow-servlet-1.3.28.Final.jar:1.3.28.Final]
	at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) [undertow-core-1.3.28.Final.jar:1.3.28.Final]
	at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46) [undertow-core-1.3.28.Final.jar:1.3.28.Final]
	at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64) [undertow-servlet-1.3.28.Final.jar:1.3.28.Final]
	at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:60) [undertow-core-1.3.28.Final.jar:1.3.28.Final]
	at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:77) [undertow-servlet-1.3.28.Final.jar:1.3.28.Final]
	at io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43) [undertow-core-1.3.28.Final.jar:1.3.28.Final]
	at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) [undertow-core-1.3.28.Final.jar:1.3.28.Final]
	at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) [undertow-core-1.3.28.Final.jar:1.3.28.Final]
	at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:285) [undertow-servlet-1.3.28.Final.jar:1.3.28.Final]
	at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:264) [undertow-servlet-1.3.28.Final.jar:1.3.28.Final]
	at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:81) [undertow-servlet-1.3.28.Final.jar:1.3.28.Final]
	at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:175) [undertow-servlet-1.3.28.Final.jar:1.3.28.Final]
	at io.undertow.server.Connectors.executeRootHandler(Connectors.java:209) [undertow-core-1.3.28.Final.jar:1.3.28.Final]
	at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:802) [undertow-core-1.3.28.Final.jar:1.3.28.Final]
	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) [?:1.8.0_65]
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) [?:1.8.0_65]
	at java.lang.Thread.run(Thread.java:745) [?:1.8.0_65]
Caused by: com.yubico.u2f.exceptions.U2fBadInputException: Bad clientData: wrong challenge
	at com.yubico.u2f.data.messages.ClientData.checkContent(ClientData.java:61) ~[u2flib-server-core-0.16.0.jar:?]
	at com.yubico.u2f.U2fPrimitives.finishRegistration(U2fPrimitives.java:86) ~[u2flib-server-core-0.16.0.jar:?]
	at com.yubico.u2f.U2F.finishRegistration(U2F.java:83) ~[u2flib-server-core-0.16.0.jar:?]
	at com.yubico.u2f.U2F.finishRegistration(U2F.java:69) ~[u2flib-server-core-0.16.0.jar:?]
	at com.tremolosecurity.unison.u2f.Registration.doFilter(Registration.java:76) ~[classes/:?]
	at com.tremolosecurity.proxy.filter.HttpFilterChainImpl.nextFilter(HttpFilterChainImpl.java:86) ~[classes/:?]
	at com.tremolosecurity.proxy.ProxySys.doPush(ProxySys.java:180) ~[classes/:?]
	... 34 more

Here's the command for generating the challenge response:

/usr/local/bin/u2f-register -i /tmp/input.json -o /tmp/output.json -s /tmp/softkey.json https://localhost.localdomain:9090

input.json:

{"challenge":"6fVkWTrjntJMyUMytIz0xR1-Pu-nEPxxvWlK-OyExqM","appId":"https://localhost.localdomain:9090","version":"U2F_V2"}

output.json

{"registrationData": "BQTyAwsXw6X2G3W1O-e-ef9aQVUzISTqHC8CNjpk6IjnPWNi87eCVsjgLQobZwo1RFUI24pF_OGySquaWUnJ0WtsQI3mPhcXvRg5xMeOtmSS_7j4co7lczDnVMIJATtli670QEROVSRH0l2wDneiGOD-_Gxm7h93GRhO-u0pbRolxs8wggGHMIIBLqADAgECAgkAmb7osQyi7BwwCQYHKoZIzj0EATAhMR8wHQYDVQQDDBZZdWJpY28gVTJGIFNvZnQgRGV2aWNlMB4XDTEzMDcxNzE0MjEwM1oXDTE2MDcxNjE0MjEwM1owITEfMB0GA1UEAwwWWXViaWNvIFUyRiBTb2Z0IERldmljZTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABDvhl91zfpg9n7DeCedcQ8gGXUnemiXoi-JEAxz-EIhkVsMPAyzhtJZ4V3CqMZ-MOUgICt2aMxacMX9cIa8dgS2jUDBOMB0GA1UdDgQWBBQNqL-TV04iaO6mS5tjGE6ShfexnjAfBgNVHSMEGDAWgBQNqL-TV04iaO6mS5tjGE6ShfexnjAMBgNVHRMEBTADAQH_MAkGByqGSM49BAEDSAAwRQIgXJWZdbvOWdhVaG7IJtn44o21Kmi8EHsDk4cAfnZ0r38CIQD6ZPi3Pl4lXxbY7BXFyrpkiOvCpdyNdLLYbSTbvIBQOTBGAiEA7dP3BzLiUh-xe5o9dZZ9AUvQotewcxng5b7zWUtdUIICIQDEPXGo4eJPWM85LRjx0eQeJX_Vej8KjtV_ZYYDkuJioA", "clientData": "eyJvcmlnaW4iOiAiaHR0cHM6Ly9sb2NhbGhvc3QubG9jYWxkb21haW46OTA5MCIsICJjaGFsbGVuZ2UiOiAiNmZWa1dUcmpudEpNeVVNeXRJejB4UjEtUHUtbkVQeHh2V2xLLU95RXhxTSIsICJ0eXAiOiAibmF2aWdhdG9yLmlkLmZpbmlzaEVucm9sbG1lbnQifQ"}

softkey.json

{"keys": {"8DE63E1717BD1839C4C78EB66492FFB8F8728EE57330E754C209013B658BAEF440444E552447D25DB00E77A218E0FEFC6C66EE1F7719184EFAED296D1A25C6CF": {"priv_key": "-----BEGIN PRIVATE KEY-----\nMIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgomIAf2m+T3euWMBE\nhYyVyoPQXr0EA7+n+C6eBBlBed2hRANCAATyAwsXw6X2G3W1O+e+ef9aQVUzISTq\nHC8CNjpk6IjnPWNi87eCVsjgLQobZwo1RFUI24pF/OGySquaWUnJ0Wts\n-----END PRIVATE KEY-----\n", "app_param": "870F603E650F2820B2A6A2AEC81033E2CDA2DC743A79FB09F020E2900E646BA8"}}, "counter": 0}

If I try the same code in my browser:

setTimeout(function() {
  var request = {"challenge":"VZyA_0YIoxJW4cmziuB-MxjbS5N7ISfpnvJxsWt1Uwg","appId":"https://localhost.localdomain:9090","version":"U2F_V2"};
  console.log("Register: ", request);
  var appId = request.appId;
  var registerRequests = [{version: request.version, challenge: request.challenge}];
 
  console.log(appId, registerRequests);
  u2f.register(registerRequests, [], function(data) {
    console.log("Register callback", data);
    
    //document.getElementById('tokenResponse').value = JSON.stringify(data);
    //document.forms("finishRegistration").submit();
  });
}, 1000);

generates an error code 2 in chrome.

Any ideas?

Thanks

Unable to build with JDK 10 or JDK 11-ea

Hi there,

as I'm researching the usage of 2FA using a Yubikey, I came across this project. For a long-term solution and having the fading JDK 8 support, I tried to compile this project on a Windows 10 machine using Maven with JDK 10 and JDK 11-ea.

JDK 10

Apache Maven 3.5.2 (138edd61fd100ec658bfa2d307c43b76940a5d7d; 2017-10-18T09:58:13+02:00)
Maven home: C:\maven\apache-maven-3.5.2\bin\..
Java version: 10, vendor: Oracle Corporation
Java home: C:\Program Files\Java\jdk-10
Default locale: de_DE, platform encoding: Cp1252
OS name: "windows 10", version: "10.0", arch: "amd64", family: "windows"

JDK 11-ea

Apache Maven 3.5.2 (138edd61fd100ec658bfa2d307c43b76940a5d7d; 2017-10-18T09:58:13+02:00)
Maven home: C:\maven\apache-maven-3.5.2\bin\..
Java version: 11-ea, vendor: Oracle Corporation
Java home: C:\Program Files\Java\jdk-11
Default locale: de_DE, platform encoding: Cp1252
OS name: "windows 10", version: "10.0", arch: "amd64", family: "windows"

The project does not compile, upgrading several dependencies, I'm not finding a quick way for having this project being usable from source.

Please update this project, or state what is required to have a proper setup to build this project.

One more question: why having mixed tooling-support Maven and Gradle?

JsonMappingException in registration token response

I'm trying to instantiate RegisterResponse object using the token response using this java code :
RegisterResponse registerResponse = RegisterResponse.fromJson(response);
I get this exception:
java.lang.NoClassDefFoundError: com/fasterxml/jackson/databind/JsonMappingException...

Do I have to add others libraries then the u2flib-server-core-0.14.0.jar???

Publish SoftKey.java as a test-jar?

I would like to write an integration test for my API that supports U2F. Is it possible to also release a test-jar containing the soft key implementation (com.yubico.u2f.softkey.SoftKey)?

Counter is still stored as an int in some places.

As the value is defined as an unsigned 32-bit value it should be stored as a long everywhere.

During u2f device registration getting error

When I am using app id as a String APP_ID = "http://localhost:8888"; then I am getting following error in my JS function during device registration "U2F failed with error: 2".

When I am using app id as a String APP_ID = "https://localhost:8888"; then I am getting SSL connection error during registration device.

yubico / java-u2flib-server Goto Github PK

java-u2flib-server's People

Contributors

Stargazers

Watchers

Forkers

java-u2flib-server's Issues

OS Info

Firefox

Chrome and Opera

Recommend Projects

Recommend Topics

Recommend Org