CTAPHID_CANCEL doesn't seem to get handled correctly
#47
Labels
tracking
This issue is tracking an upstream issue
Comments
|
Thanks for the report! Indeed it seems that As this part of the code has been refactored and moved into fido-authenticator recently, we should first merge the upstream changes (#46) before fixing this. |
|
This should be fixed in v1.7.0-rc.1. Please re-open if it does not work as expected. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This might be related to #44 :
I'm currently implementing CTAP2 into Firefox using this branch. As the branch-name suggests, I just added device selection, when multiple devices are found.
The way this is done (also in Chromium) is to send a 'fake' MakeCredentials-request to every device, making them blink (using pinAuth with zero length, as described in the CTAP2.0 spec. In CTAP2.1 we got a dedicated command for that.)
Once, one of them gets selected by the user, a
CTAPHID_CANCEL-command is sent to all other devices, which cancels the pending transaction (and makes the blocking read return).Since updating to v1.0.3 (I think it was not there before, but I might be wrong here), when I do this and select some token that is NOT the NK3, my code sends
CTAPHID_CANCELto NK3. Then on the next Init, I'm gettingERR_CHANNEL_BUSYfrom NK3.So NK3 might not handle a cancel correctly?
This code works fine for other tokens (such as YubiKey, but also other vendors).
To test, clone the above branch of the repo and run
cargo run --features crypto_openssl --no-default-features --example ctap2. In case you want to have more info on what is sent/received, run withRUST_LOG=trace(this is very verbose!)The text was updated successfully, but these errors were encountered: