I have implemented some sort of password-less authentication using DUO lab's webauthn using Django. However, I keep getting this error:
Unable to verify attestation statement format..
when authenticating on my Android phone (at least for now).
How can I include more attestation formats to incorporate Android, Windows hello and any other device in this library's attestation formats?
The current version of the webauthn library only supports the following attestation formats:
"fido-u2f""packed""none"You mentioned you're trying to register an Android device - without seeing a response you're getting back from the call to navigator.credentials.create() I'd make an educated guess that you're getting responses with "android-safetynet" or "android-key" attestation statements which the library is unable to verify.