-
Notifications
You must be signed in to change notification settings - Fork 69
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Wrongly enforces getAssertion credential (0x01) member presence in the authenticator response, which is optional in FIDO2 #319
Comments
I haven't disassembled the responses from your ledger, so I can't give a full breakdown of what happened. See my answer to your question 2, so we can get a more detailed log. But one step or rather one question at a time:
Hope that helps! |
Hello @msirringhaus , 1/
If I get it correctly, this shows that 2/
I gave it a try with both 3/
I was wondering how other browser do that, and therefore gave it a try on Google Chrome. It appears it sends the request to every authenticator, and once authenticator respond with a success it cancel the other request. I found that more intuitive and maybe more spec compliant, is there any reason not to do that?
I'm not sure to understand which part of the spec you are referring? In the FIDO2.1 spec I found this but this specify the behavior of the authenticator which should be done without any "make.me.blink"-requests. Are you referring to another part of the spec, or another spec maybe?
In both FIDO2.0 and FIDO2.1 spec I can see requirements for authenticators to collect user presence or user verification before responding to a sign call with an allow-list without valid credential, but again, that should be done on authenticator side, without any "make.me.blink"-requests. Are you referring to another part of the spec, or another spec maybe? Thanks! Xavier |
Hi, \1. Yes, I think thats correct. \2. Hm, this is weird. I don't have a Mac, so I can't reproduce this. I just asked somebody else and it worked for them (although, AFAIK for released versions the log-levels are capped at "INFO", and "DEBUG" can't be chosen any more). Maybe the problem is the selector for \3.1.
We have to be careful here, as there are multiple different variations, that all have a different outcome. E.g. Chrome checks, if the device also speaks the old CTAP1 protocol and then downgrades the request to that. This is to get around the PIN-stuff. Then it can send the actual request to all devices instead of selection-requests, followed by the actual request. We currently don't do this (and I'm still not 100% convinced we should be). But Chrome does also use dummy requests to select devices in certain cases, see #155 . \3.2.
As mentioned Chrome does this, too: https://github.com/chromium/chromium/blob/6aaa00ad13642255e207e1c4893463f31c5ecf68/device/fido/make_credential_task.cc#L126-L156 There may be some constellations were we could use the actual request instead of the dummy to make the device fail, but it doesn't really matter what we send, if all we want to do is collect a user-interaction and fail. As far as I remember, the spec doesn't explicitly mention this, except for the old CTAP1-compatibility section:
|
Hello :)
Using Firefox Beta, I managed to get some logs, but it was really noisy, and didn't contains interesting logs as far as I know.
I therefore went this path, but what a nightmare. I went from one issue to another during the installation of
I've attached the log below, I hope this help understanding the issue. Regarding dummy request, first thanks for the links on Google Chrome code, that's interesting.
I still don't get why you want a user-interaction at that point. From my point of view, if the authenticator respond to the request with a failure without requesting UV or UP it's already an issue, as one could then design a rogue client which could then try to get information on known credentials. that's why the authenticator has to do this, and this is specified in both FIDO2 and FIDO2.1 spec:
Thanks, |
Hello @msirringhaus I found a way to work around the problem. I think it is because in the getAssertion response, the authenticator doesn't add the
However, it's seems that your implementation enforces it, I try adding it in my authenticator response, and after that, the ctap2 example run successfully. Do you think this is something you could change to be compatible with more devices that respect the FIDO2 spec? I still don't get why it works on Firefox on Linux and on Windows, but not on Firefox on Mac nor when directly using authenticator-rs (on Mac or Linux), do you know? Edit: looking at the FIDO2.1 spec, this Also, I now see that in such situation, your authenticator code make a first silent getAssertion request (with up=false and uv=false) and then a second requiring user presence and verifiation. So now behaving mainly as I expected it in working cases. So if it's ok for you, I'm going to change the title of this issue to: Thanks |
Ok, this makes no sense to me. We do not enforce What I've noticed, though, is that you do not send the credentialID in your GetAssertion response. This is fine for CTAP2.0 devices (although not allowed anymore for 2.1), but it looks to me that our code may have a bug there, and disregard your token because this is missing. |
Ok sorry, I was editing my response. Indeed, the issue is due to the absence of credential (0x01) member in the response. |
Here is what I have added in my response:
|
Ah, mid-air collision :) Yes, now it makes sense to me. The problem is in our pre-flighting code here: https://github.com/mozilla/authenticator-rs/blob/ctap2-2021/src/ctap2/preflight.rs#L168-L171 I'll see, if I can come up with a fix (that doesn't introduce 10 additional bugs). |
This field is optional in FIDO2 in some cases, but required in FIDO2.1. Some browser enforces it, see mozilla/authenticator-rs#319 As not including it is an unnecessary optimisation, we rather always put it if it causes compatibiity issue.
This field is optional in FIDO2 in some cases, but required in FIDO2.1. Some browser enforces it, see mozilla/authenticator-rs#319 As not including it is an unnecessary optimisation, we rather always put it if it causes compatibiity issue.
This field is optional in FIDO2 in some cases, but required in FIDO2.1. Some browser enforces it, see mozilla/authenticator-rs#319 As not including it is an unnecessary optimisation, we rather always put it if it causes compatibiity issue.
…al data Extend the mock device to be able to skip the low-level byte-by-byte comparison of incoming and outgoing data, and instead use CTAP requests and responses directly, for higher-level business-logic testing. Add tests for preflighting.
Resolved by #320 |
…al data Extend the mock device to be able to skip the low-level byte-by-byte comparison of incoming and outgoing data, and instead use CTAP requests and responses directly, for higher-level business-logic testing. Add tests for preflighting.
Hello :)
I'm the developer working on https://github.com/LedgerHQ/app-security-key/ which purpose is to allow Ledger devices to be used as a FIDO2 authenticator.
It works well on Firefox on Windows and Linux and that's great thanks for your work!
However, I recently gave it a try on Firefox on MacOS and I'm facing issues.
Regarding my issue, here is my setup:
Using Wireshark I see that:
There are multiple request to get the device info, here is the device answer:
{1: ["U2F_V2", "FIDO_2_0"], 2: ["hmac-secret"], 3: h'58B44D0B0A7CF33AFD48F7153C871352', 4: {"rk": false, "up": true, "uv": true, "clientPin": false}, 5: 1024, 6: [1]}
The registration goes well, here is the request:
{1: h'631FFAA981568D40E27CC364137163C8B3DB56FEC9901E59CA99DD2FB9A7CF3C', 2: {"id": "webauthn.io"}, 3: {"id": h'613278316147786F65577835', "name": "kluhlhyly"}, 4: [{"alg": -7, "type": "public-key"}, {"alg": -257, "type": "public-key"}], 7: {"rk": false, "uv": true}}
And here is the response:
{1: "packed", 2: h'74A6EA9213C99C2F74B22492B320CF40262A94C1A950A0397F29250B60841EF045F1D0C02758B44D0B0A7CF33AFD48F7153C871352004102C0251D20C5DE22DA323FE1601775356BD720ED1920F42EDF757ADAF0B6B5729E73554146CF5F88E9FA47602809E8C33315449BB2EF0F9468219C7D03F0C36C75A5010203262001215820837B015EC6E28999A3E0F446843FC079D70191F9439124B7CBB8C6DBC5C539A5225820D334AF49762F97EE6D6A99C0315A5C6457F91EC805AAD9FF39F37ED9008888DE', 3: {"alg": -7, "sig": h'304402202610FAADEA92042CB240F6157FD68A5619D1C1AE271AABD3E5B54C2403679B2802205730D0CC80077A1773364AA1B5B6C0FC613612F8FF452951887CE9D84EEDCC7B', "x5c": [h'308201EE30820194A00302010202140C20109D50E9A06359A6F103E4835EBBD53B10C9300A06082A8648CE3D0403023043310B3009060355040613024652310F300D060355040A0C064C65646765723123302106035504030C1A4C6564676572204649444F204174746573746174696F6E204341301E170D3232303932363038303630385A170D3332303932333038303630385A3076310B3009060355040613024652310F300D060355040A0C064C656467657231223020060355040B0C1941757468656E74696361746F72204174746573746174696F6E3132303006035504030C294C6564676572204E616E6F2D5350204649444F2032204174746573746174696F6E20426174636820313059301306072A8648CE3D020106082A8648CE3D030107034200044A360D348D0D945AF2BBE199353B675B48937F6809E1C4BCADC1920E821E57EAEFA2F44B3C95C40AA2C90F4BBA3D8C43C30FD8755645333CE5F30F2FA0312ECFA33330313021060B2B0601040182E51C0101040412041058B44D0B0A7CF33AFD48F7153C871352300C0603551D130101FF04023000300A06082A8648CE3D0403020348003045022100D90FC542D5044F06851A27F06F988F18EEECBAB3954DD9F63DB164500371D43B02204D60B7752A20B681A947AC4296286CEB8E0E0B29A439B8E55A38899FEC8F0736']}}
Then I when I launch the authentication, I see a first get assertion request with up=false:
{1: "webauthn.io", 2: h'E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855', 3: [{"id": h'02C0251D20C5DE22DA323FE1601775356BD720ED1920F42EDF757ADAF0B6B5729E73554146CF5F88E9FA47602809E8C33315449BB2EF0F9468219C7D03F0C36C75', "type": "public-key"}], 5: {"up": false}}
The device respond with:
{2: h'74A6EA9213C99C2F74B22492B320CF40262A94C1A950A0397F29250B60841EF000F1D0C02A', 3: h'3045022100A05D8A878B8E93D028918639EC2B3A841D63A7C27BAADCC526B47D106B32D81002202FAE26F139FD699E100848214AB28A5C3F39192E9507D4306E399C5FFC9D4167'}
Then the device receive another request:
{1: h'D0CEE6FC7DBF599A919DB8FB951311269F0EB781F7841C6CC0544AD9DA34154B', 2: {"id": "make.me.blink"}, 3: {"id": h'00', "name": "make.me.blink"}, 4: [{"alg": -7, "type": "public-key"}], 8: h'', 9: 1}
Which is linked to this code: https://github.com/mozilla/authenticator-rs/blob/ctap2-2021/src/ctap2/commands/make_credentials.rs#L560-L592
The device returns an error
0x35
(CTAP2_ERR_PIN_NOT_SET
) as the pin is not set, as indicated by the getInfo answer.The webauthn.io window then expose the following failure message:
So here my questions:
authenticator-rs
included in a Firefox version?chrome://device-logs
, is there a Firefox equivalent? I tried working with the console log but they lack important information. And can always use Wireshark but it is way more painful.Thanks!
Xavier
The text was updated successfully, but these errors were encountered: