Problem registrating a YubiKey 5 NFC


#1

Hello,

trying to registrate a YubiKey 5 NFC results in a “a unhandled server error has occured” after pressing the yubikey button". I’m using a selfhosted installation of bitwarden version 2.9.0 and follow the instructions on https://help.bitwarden.com/article/setup-two-step-login-yubikey/.

The server log (bwdata/logs/api/Api) says something about an invalid base-64 string (see below).

My tests on https://demo.yubico.com are all successful.

I’m able to registrate the YubiKey as a ‘FIDO U2F’-Key without any problems. But I want to use the NFC capabilities with my android device which is not available for FIDO U2F.

Is there anyone who can help me?

Thanks
Andreas

2019-03-16 17:37:19.315 +00:00 [Error] The input is not a valid Base-64 string as it contains a non-base 64 character, more than two padding characters, or an illegal character among the padding characters.
System.FormatException: The input is not a valid Base-64 string as it contains a non-base 64 character, more than two padding characters, or an illegal character among the padding characters.
at System.Convert.FromBase64CharPtr(Char* inputPtr, Int32 inputLength)
at System.Convert.FromBase64String(String s)
at YubicoDotNetClient.YubicoClient…ctor(String clientId, String apiKey)
at Bit.Core.Identity.YubicoOtpTokenProvider.ValidateAsync(String purpose, String token, UserManager1 manager, User user) in /home/appveyor/projects/core/src/Core/Identity/YubicoOtpTokenProvider.cs:line 69 at Microsoft.AspNetCore.Identity.UserManager1.VerifyTwoFactorTokenAsync(TUser user, String tokenProvider, String token)
at Bit.Api.Controllers.TwoFactorController.ValidateYubiKeyAsync(User user, String name, String value) in /home/appveyor/projects/core/src/Api/Controllers/TwoFactorController.cs:line 398
at Bit.Api.Controllers.TwoFactorController.PutYubiKey(UpdateTwoFactorYubicoOtpRequestModel model) in /home/appveyor/projects/core/src/Api/Controllers/TwoFactorController.cs:line 124
at lambda_method(Closure , Object )
at Microsoft.Extensions.Internal.ObjectMethodExecutorAwaitable.Awaiter.GetResult()
at Microsoft.AspNetCore.Mvc.Internal.ActionMethodExecutor.AwaitableObjectResultExecutor.Execute(IActionResultTypeMapper mapper, ObjectMethodExecutor executor, Object controller, Object[] arguments)
at System.Threading.Tasks.ValueTask`1.get_Result()
at Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker.InvokeActionMethodAsync()
at Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker.InvokeNextActionFilterAsync()
at Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker.Rethrow(ActionExecutedContext context)
at Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker.Next(State& next, Scope& scope, Object& state, Boolean& isCompleted)
at Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker.InvokeInnerFilterAsync()
at Microsoft.AspNetCore.Mvc.Internal.ResourceInvoker.InvokeNextExceptionFilterAsync()


#2

I am having the exact same problem with Yubikey NEO. Getting the same exception in logs/api/Api:

2019-06-04 20:05:12.578 +00:00 [Error] The input is not a valid Base-64 string as it contains a non-base 64 character, more than two padding characters, or an illegal character among the padding characters.
System.FormatException: The input is not a valid Base-64 string as it contains a non-base 64 character, more than two padding characters, or an illegal character among the padding characters.
at System.Convert.FromBase64CharPtr(Char* inputPtr, Int32 inputLength)
at System.Convert.FromBase64String(String s)
at YubicoDotNetClient.YubicoClient…ctor(String clientId, String apiKey)
at Bit.Core.Identity.YubicoOtpTokenProvider.ValidateAsync(String purpose, String token, UserManager1 manager, User user) in /home/appveyor/projects/server/src/Core/Identity/YubicoOtpTokenProvider.cs:line 69 at Microsoft.AspNetCore.Identity.UserManager1.VerifyTwoFactorTokenAsync(TUser user, String tokenProvider, String token)
at Bit.Api.Controllers.TwoFactorController.ValidateYubiKeyAsync(User user, String name, String value) in /home/appveyor/projects/server/src/Api/Controllers/TwoFactorController.cs:line 398
at Bit.Api.Controllers.TwoFactorController.PutYubiKey(UpdateTwoFactorYubicoOtpRequestModel model) in /home/appveyor/projects/server/src/Api/Controllers/TwoFactorController.cs:line 124
at lambda_method(Closure , Object )
at Microsoft.Extensions.Internal.ObjectMethodExecutorAwaitable.Awaiter.GetResult()
at Microsoft.AspNetCore.Mvc.Internal.ActionMethodExecutor.AwaitableObjectResultExecutor.Execute(IActionResultTypeMapper mapper, ObjectMethodExecutor executor, Object controller, Object[] arguments)
at System.Threading.Tasks.ValueTask`1.get_Result()
at Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker.InvokeActionMethodAsync()
at Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker.InvokeNextActionFilterAsync()
at Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker.Rethrow(ActionExecutedContext context)
at Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker.Next(State& next, Scope& scope, Object& state, Boolean& isCompleted)
at Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker.InvokeInnerFilterAsync()
at Microsoft.AspNetCore.Mvc.Internal.ResourceInvoker.InvokeNextExceptionFilterAsync()
~

Any ideas? Yubi support?