FIDO2 C++ based application using WebAuthn.dll for "YUBIKEY 5 NFC" (External authenticator) gives "The parameter is incorrect"

Question

I am writing FIDO2 C++ based application using WebAuthn.dll for "YUBIKEY 5 NFC" (External authenticator) using the following WebAuthN APIs of Microsoft from the https://github.com/microsoft/webauthn/blob/master/webauthn.h I'm trying to Authenticate with the api WebAuthNAuthenticatorGetAssertion(). I get the error "The parameter is incorrect"

         HWND  hWnd = GetForegroundWindow();
         LPCWSTR   pwszRpId = nullptr;
         std::string sClientData64 = {"type":"webauthn.get","challenge":"<< base64 Encoded 
         challenge","crossOrigin":true};
         WEBAUTHN_CLIENT_DATA oClientData_in = { WEBAUTHN_CLIENT_DATA_CURRENT_VERSION,
                             static_cast<DWORD>(sClientData64.length()),
                             (PBYTE)(sClientData64.data()),
                             WEBAUTHN_HASH_ALGORITHM_SHA_256 
                                           };
         WEBAUTHN_CREDENTIAL_EX webCredEx = {    WEBAUTHN_CREDENTIAL_EX_CURRENT_VERSION,
                                 static_cast<DWORD>(CredentialId.length()),
                                 ((BYTE*)(CredentialId.c_str())),
                                 WEBAUTHN_CREDENTIAL_TYPE_PUBLIC_KEY,
                                 WEBAUTHN_CTAP_TRANSPORT_USB
                                   };
         WEBAUTHN_AUTHENTICATOR_GET_ASSERTION_OPTIONS   webAuthNGetAssertionOptions = { 
                    WEBAUTHN_AUTHENTICATOR_GET_ASSERTION_OPTIONS_CURRENT_VERSION,  // version
                    timeOut,  // time in milliseconds
                    {0, NULL},  //WEBAUTHN_CREDENTIALS  
                    {0, NULL},  //WEBAUTHN_EXTENSIONS
                    WEBAUTHN_AUTHENTICATOR_ATTACHMENT_ANY,  // for Platform (Windows Hello) vs 
                                       Cross platform authenticator (Yubikey)
                    WEBAUTHN_USER_VERIFICATION_REQUIREMENT_ANY,  // user Verification 
                                         Required (preferred)
                    0,  // dwFlags
                    NULL, // as json data received it is null
                    nullptr, //(FALSE) this is a pointer
                    NULL,  // pCancellationId
                    pAllowCredentialList  // dwversion = 4) allowlist is not null
                            };
         WEBAUTHN_ASSERTION* pWebAuthNAssertion = nullptr;  // this is an output parameter, 
                   // on calling, I get a dialog popup saying  " The parameter is incorrect."
         hResult = WebAuthNAuthenticatorGetAssertion(hWnd, pwszRpId &oClientData_in, 
                   &webAuthNAssertionOptions, &pWebAuthNAssertion); 

Please let me know, if any thing has to added in my code.

Answer 1

My guess is pAllowCredentialList in the webAuthNGetAssertionOptions is the culprit. Does it work with NULL instead?

I have a similar very simple sample at https://github.com/aseigler/HelloSample/blob/master/hello/hello.cpp that worked last time I checked.