Fix usage check #5

robin-nitrokey · 2023-02-14T18:04:56Z

This patch fixes the usage check in the device detection:

Instead of usage 0x21, we now check for usage 0x01 as mandated by the FIDO2 spec, § 11.2.8.1 [0].
Instead of using the last usage value in the USB descriptor, which belongs to an endpoint and not to the device, we now use the first (non-zero) value.

The descriptor parsing could still be improved, but this should fix compatibility with all compliant FIDO2 devices.

[0] https://fidoalliance.org/specs/fido-v2.1-ps-20210615/fido-client-to-authenticator-protocol-v2.1-ps-20210615.html#usb-discovery

Context:

This patch fixes the usage check in the device detection: - Instead of usage 0x21, we now check for usage 0x01 as mandated by the FIDO2 spec, § 11.2.8.1 [0]. - Instead of using the last usage value in the USB descriptor, which belongs to an endpoint and not to the device, we now use the first (non-zero) value. The descriptor parsing could still be improved, but this should fix compatibility with all compliant FIDO2 devices. [0] https://fidoalliance.org/specs/fido-v2.1-ps-20210615/fido-client-to-authenticator-protocol-v2.1-ps-20210615.html#usb-discovery

This was referenced Feb 14, 2023

fido2luks can't find Nitrokey 3A NFC shimunn/fido2luks#51

Open

Wrong usage page in descriptor trussed-dev/usbd-ctaphid#1

Open

Fix usage check shimunn/ctap#8

Open

robin-nitrokey mentioned this pull request May 16, 2023

Fido2luks does not work Nitrokey/nitrokey-3-firmware#177

Open

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Fix usage check #5

Fix usage check #5

robin-nitrokey commented Feb 14, 2023

Fix usage check #5

Are you sure you want to change the base?

Fix usage check #5

Conversation

robin-nitrokey commented Feb 14, 2023