Skip to content
This repository has been archived by the owner on Aug 6, 2024. It is now read-only.

Gracefully report a key that doesn't support CTAP2 protocol (was: Titan K40T) #123

Open
roycewilliams opened this issue Dec 12, 2021 · 4 comments
Open

Gracefully report a key that doesn't support CTAP2 protocol (was: Titan K40T) #123

roycewilliams opened this issue Dec 12, 2021 · 4 comments
Assignees
@kaczmarczyck
Labels
enhancement New feature or request

Comments

@roycewilliams
Copy link

roycewilliams commented Dec 12, 2021
edited
Loading

My testing of Titan Security Key (K40T, USB-C) dies here:

Tested device path: /dev/hidraw6
Tested device name: ePass FIDO
This tool will irreversibly delete all credentials on your device. If one of your plugged security keys stores anything important, unplug it now before continuing.
You have 10 seconds for the next touch after pressing enter.
Please replug the device, then hit enter.

The failing error code is `CTAP1_ERR_INVALID_COMMAND`.
F1212 12:23:22.154443 3425572 device_tracker.cc:185] Check failed: condition Failed critical condition: Reset
*** Check failure stack trace: ***
    @     0x55b13e76b91e  google::LogMessage::Fail()
    @     0x55b13e76b859  google::LogMessage::SendToLog()
    @     0x55b13e76b17f  google::LogMessage::Flush()
    @     0x55b13e76e2a0  google::LogMessageFatal::~LogMessageFatal()
    @     0x55b13e675059  fido2_tests::DeviceTracker::AssertCondition()
    @     0x55b13e675253  fido2_tests::DeviceTracker::AssertResponse()
    @     0x55b13e64c8e0  fido2_tests::CommandState::Reset()
    @     0x55b13e64c292  fido2_tests::CommandState::CommandState()
    @     0x55b13e5eb8c5  main
    @     0x7fdb56be30b3  __libc_start_main
    @     0x55b13e5eb52e  _start
    @              (nil)  (unknown)
./run.sh: line 19: 3425572 Aborted                 (core dumped) bazel run //:fido2_conformance -- --token_path="$path"

Could it be a local issue?
@jmichelp
Copy link

jmichelp commented Dec 12, 2021
edited
Loading

Thanks for your report.

If I'm correct the Titan K40T is U2F (aka CTAP1) only and therefore it's expected that this security key won't understand CTAP2 protocol.
Which is what the critical error you're reporting says: the Reset command, a CTAP2 command, isn't supported.

@roycewilliams
Copy link
Author

Ah, understood. That wasn't clear from the output (and I'm not sure if there's a way to make it more clear - if there is, would you be open to a feature request, under a separate issue?)

@jmichelp
Copy link

I was also thinking that the tool should be able to distinguish between a the device under test that isn't supporting CTAP2.x protocols and a device that is supposed to understand the protocol but doesn't properly support the Reset command.

Let's keep this issue open so that we don't lose the story behind it. I'll just rename it and let @kaczmarczyck decide how to implement this.

@jmichelp jmichelp added the enhancement New feature or request label Dec 12, 2021
@jmichelp jmichelp changed the title Titan K40T Gracefully report a key that doesn't support CTAP2 protocol (was: Titan K40T) Dec 12, 2021
@kaczmarczyck
Copy link
Contributor

This should be possible, thanks for the feature request!

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@kaczmarczyck kaczmarczyck

Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@roycewilliams @jmichelp @kaczmarczyck