Index: openssh-8.7p1/ssh-ecdsa-sk.c
===================================================================
--- openssh-8.7p1.orig/ssh-ecdsa-sk.c
+++ openssh-8.7p1/ssh-ecdsa-sk.c
@@ -191,14 +191,17 @@ ssh_ecdsa_sk_verify(const struct sshkey
 		ret = SSH_ERR_INVALID_FORMAT;
 		goto out;
 	}
-	if (is_webauthn) {
-		if (sshbuf_get_cstring(b, &webauthn_origin, NULL) != 0 ||
-		    sshbuf_froms(b, &webauthn_wrapper) != 0 ||
-		    sshbuf_froms(b, &webauthn_exts) != 0) {
-			ret = SSH_ERR_INVALID_FORMAT;
-			goto out;
-		}
-	}
+	if (sshbuf_get_cstring(b, &webauthn_origin, NULL) != 0 ||
+            sshbuf_froms(b, &webauthn_wrapper) != 0 ||
+            sshbuf_froms(b, &webauthn_exts) != 0) {
+                if (is_webauthn) {
+		    ret = SSH_ERR_INVALID_FORMAT;
+		    goto out;
+                }
+        } else {
+            // webauthn signature detected based on structure
+            is_webauthn = 1;
+        }
 	if (sshbuf_len(b) != 0) {
 		ret = SSH_ERR_UNEXPECTED_TRAILING_DATA;
 		goto out;