Skip to content
This repository has been archived by the owner on Jan 17, 2025. It is now read-only.

Editing login with passkey invalidates date in passkey (or elsewhere in item) and makes login non-editable. #25

Closed
BJReplay opened this issue Dec 22, 2023 · 2 comments
Closed

Editing login with passkey invalidates date in passkey (or elsewhere in item) and makes login non-editable. #25

BJReplay opened this issue Dec 22, 2023 · 2 comments

Comments

@BJReplay
Copy link

Thanks for this tool - I have used it to automate updating http:// to https:// (I will upload python script and link back to this repository), but where there is a passkey saved on the login, the resulting vault item remains useable, but not editable.

This has been tested against vaultwarden 1.30.1 (https://github.com/dani-garcia/vaultwarden/releases/tag/1.30.1) using server version 2023.12.1 browser plug in, vaultwarden web Version 2023.10.0, and Bitwarden windows client 2023.12.0 against the latest vaultwarden server version which is 2023.9.1.

I don't have a bitwarden subscription to test against, but I'm happy to set one up to test if this also occurs against bitwarden.

A visual inspection of the passkey component of the login via vscode debugging shows no obvious difference between the working and non-working versions. Partially redacted versions are included below.

The error displayed is:
An error has occurred.
Invalid time value

It is apparent that it is the passkey that has the invalid time value as the field that displays the passkey normally displays the create date of the passkey. Instead it is variously blank (vaultwarden web application) or just shows Created (browser plugin, windows app).

image

Grabbing the fido2Credentials from the login in the cipher before and after the update that makes the passkey creation date apparently invalid shows the following:

In each case, I've redacted credentialId, keyValue, userDisplayName, userHandle, and UserName, and single quotes with double quotes, and None is quoted, for better display on github.

All other items are as copied.

{
"counter": "0", 
"creationDate": "2023-12-21T23:22:09.074Z", 
"credentialId": "guid-ending-in-ef19", 
"discoverable": "true", 
"keyAlgorithm": "ECDSA", 
"keyCurve": "P-256", 
"keyType": "public-key", 
"keyValue": "MIGHA-I've-checked-it's-the-same-OZNTAd7", 
"response": "None", 
"rpId": "amazon.com", "rpName": "Amazon", 
"userDisplayName": "BJReplay", 
"userHandle": "again-its-the-same", 
"userName": "[email protected]"
}
{
"counter": "0", 
"creationDate": "2023-12-21T23:22:09.074Z", 
"credentialId": "guid-ending-in-ef19", 
"discoverable": "true", "keyAlgorithm": "ECDSA", 
"keyCurve": "P-256", 
"keyType": "public-key", 
"keyValue": "MIGHA-I've-checked-it's-the-same-OZNTAd7", 
"response": "None", 
"rpId": "amazon.com", 
"rpName": "Amazon", 
"userDisplayName": "BJReplay", 
"userHandle": "again-its-the-same", 
"userName": "[email protected]"
}

Saving a new passkey over the top works, and makes the item editable again.

image

image

vaultwarden docker logs don't report any errors while attempting to edit / save the corrupted items.
@kiorky
Copy link
Contributor

kiorky commented Dec 12, 2024

bitwardentools dev is halted.

@kiorky kiorky closed this as completed Dec 12, 2024
@BJReplay
Copy link
Author

bitwardentools dev is halted.

Ahh, no worries, thanks for the tool - it was useful even with the issue 👍

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@kiorky @BJReplay