Skip to content

Hybrid transport runtime errors fixes #127

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
AlfioEmanueleFresta merged 1 commit into from
Jul 21, 2025
Merged

Hybrid transport runtime errors fixes #127

AlfioEmanueleFresta merged 1 commit into from
Jul 21, 2025

Conversation

@AlfioEmanueleFresta
Copy link
Member

@AlfioEmanueleFresta AlfioEmanueleFresta commented Jul 19, 2025

1. Tungstenite now requiring selecting a crypto provider

A panic at runtime when attempting to establish a secure WebSocket connection:

DEBUG tokio_tungstenite::tls::encryption::rustls: Added 148/148 native root certificates (ignored 0)    

thread 'main' panicked at /home/afresta/.cargo/registry/src/index.crates.io-1949cf8c6b5b557f/rustls-0.23.27/src/crypto/mod.rs:249:14:
no process-level CryptoProvider available -- call CryptoProvider::install_default() before this point
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace

For more details, see:

This is now fixed by explicitly selecting rustls as the tungstenite TLS backend, as recommended in tokio-tungstenite.

2. Hybrid initial GetInfo deserialization fails

An error deserializing the caBLE initial message containing the GetInfo response:

DEBUG libwebauthn::transport::cable::tunnel: Responding to GetInfo request with cached response
ERROR webauthn_make_credential{dev=CableChannel}:ctap2_get_info: libwebauthn::proto::ctap2::protocol: Failed to parse Ctap2GetInfoResponse from CBOR-data provided by the device. Parsing error: SerdeCbor(ErrorImpl { code: Message("invalid type: byte array, expected Ctap2GetInfoResponse"), offset: 0 })

thread 'main' panicked at libwebauthn/examples/webauthn_cable.rs:139:10:
called `Result::unwrap()` on an `Err` value: Platform(InvalidDeviceResponse)
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace

This was accidentally introduced in #110: https://github.com/linux-credentials/libwebauthn/pull/110/files#diff-d061af4011a3c577c5c2dbef3b1933b0e8c8a9ebc0bf70a0ebc3358e890ed725R587

Fixed by using the appropriate serialization method.

@AlfioEmanueleFresta AlfioEmanueleFresta mentioned this pull request Jul 19, 2025
Merged
msirringhaus
msirringhaus approved these changes Jul 21, 2025
View reviewed changes
Copy link
Collaborator

@msirringhaus msirringhaus left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

@AlfioEmanueleFresta AlfioEmanueleFresta merged commit ad4c843 into master Jul 21, 2025
4 checks passed
@AlfioEmanueleFresta AlfioEmanueleFresta deleted the hybrid-fix branch July 21, 2025 07:09
AlfioEmanueleFresta added a commit that referenced this pull request Jul 21, 2025
@AlfioEmanueleFresta
Make Channel async, and return caBLE UX updates (fix #113) (#126)
38d6975 
Requires #127.

Changes:

* Refactors Hybrid (caBLE) connection stages into 3 reusable components
* Move all 3 connection stages to the channel handle, in addition to
existing connection handler
* Operations first wait for a connection to be established, then perform
the operation with the operation timeout

Next steps:
* Surface errors
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@msirringhaus msirringhaus msirringhaus approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@AlfioEmanueleFresta @msirringhaus