Fix WebauthN issue with Software Keys #415

New Issue

MrUnknownDE · 2026-04-05T21:12:29+02:00

MrUnknownDE commented

2026-04-05 21:12:29 +02:00

Originally created by @BlackDex on 8/10/2025

The check if the token used was a known valid token also checked if it needed to be updated. This check caused always caused an issue with tokens which do not need or want to be updated.

Since the cred_ids are already checked and deemed valid we only need to check if there is an updated needed. Their already is a function for this update_credential, which returns Some(true) if this was the case. So, only update the records if that is the case, else do not update anything.

Also, used constant time compare to check and validate the cred_id's.

P.S. I tested this with macOS where the key was created, and iOS which synced the key.
Same for Bitwarden, used the Firefox Extension to register and my Android to authenticate.
The YubiKey5c still works too, both USB or NFC.

Fixes #6154

*Originally created by @BlackDex on 8/10/2025* The check if the token used was a known valid token also checked if it needed to be updated. This check caused always caused an issue with tokens which do not need or want to be updated. Since the cred_ids are already checked and deemed valid we only need to check if there is an updated needed. Their already is a function for this `update_credential`, which returns `Some(true)` if this was the case. So, only update the records if that is the case, else do not update anything. Also, used constant time compare to check and validate the cred_id's. P.S. I tested this with macOS where the key was created, and iOS which synced the key. Same for Bitwarden, used the Firefox Extension to register and my Android to authenticate. The YubiKey5c still works too, both USB or NFC. Fixes #6154

MrUnknownDE closed this issue

2026-04-05 21:12:29 +02:00

Sign in to join this conversation.

No Label

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: github/vaultwarden#415