Cannot login with passkey

[cst1412]

Steps To Reproduce

1. Go to https://webauthn.io/ (Tested with Firefox and Safari)
2. Click on Register
3. Create passkey in Bitwarden
4. Click on Authenticate

Expected Result

IOS shows passkey and is able to authenticate with it.

Actual Result

IOS does not show passkey and trying to choose Bitwarden and selecting it manually does not work.
Sometimes it detects that i have a passkey and then i click authenticate vault loads i login with face id vault closes nothing happens.
The bottom sheet is still open and the site reports an error.

Screenshots or Videos

Bottom sheet stuck

bitwarden_ios_passkey_bug.mp4

Not finding the passkey at all

bitwarden.not.working.MP4

Empty vault working perfectly

bitwarden.working-60fps.mp4

Additional Context

With an empty vault this works. There has to be something in my data that breaks the App.
Maybe i will try to debug the app myself later to give some more context.

i tested this with Firefox and safari same behavior

Build Version

2025.1.2 (1867))

What server are you connecting to?

US

Self-host Server Version

No response

Environment Details

Iphone 14 Plus and Ipad Air
IOS 18.3

Issue Tracking Info

• I understand that work is tracked outside of Github. A PR will be linked to this issue should one be opened to address it, but Bitwarden doesn't use fields like "assigned", "milestone", or "project" to track progress.

[cst1412]

Okay managed to track down the issue:
The app throws an error at: AutofillCredentialService.replaceAllIdentities
at.credentialsForAutoFill

the error that the app loggs is: BitwardenSdk.BitwardenError.E(message: "Invalid symbol 91, offset 0.")

i looked at the sdk and my guess is that the error happens at Fido2CredentialAutofillView.from_cipher_view

i managed to track down the data that caused this error it looks like this:
(i anonymized some fields)

  "fido2Credentials": [
          {
            "credentialId": "*********",
            "keyType": "public-key",
            "keyAlgorithm": "ECDSA",
            "keyCurve": "P-256",
            "keyValue": "[error: cannot decrypt]",
            "rpId": "whatsapp.com",
            "userHandle": "[error: cannot decrypt]",
            "userName": "************",
            "counter": "0",
            "rpName": "whatsapp.com",
            "userDisplayName": "***********",
            "discoverable": "true",
            "creationDate": "2024-07-18T09:00:28.779Z"
          }

now if you look up what character 91 in ascii is this makes sense. ([)

The Sdk should be able to handle errors like this and not crash.
Maybe this issue now needs to be transferred to the sdk repository ?

But i can report that removing the passkey was possible and i can now login with passkeys again 👍

[jatin-bansal-21]

I am also facing the same issue and have raised it to customer support multiple times

[jatin-bansal-21]

Okay, so one of the passkeys was corrupt as suggested by @cst1412 . it had the value "keyValue": "[error: cannot decrypt]", and once deleted all of my passkeys are working fine now. Thanks a lot @cst1412 !!

[daniellbw]

Hi there,

I am unable to reproduce this issue, it has been escalated for further investigation. If you have more information that can help us, please add it below.

Thank you for the current information provided so far!