Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

secret retrieval part of hmac_secret.py example doesn't work with GoTrust Idem webauthn key #183

Open
glyph opened this issue Apr 10, 2023 · 3 comments
Open

secret retrieval part of hmac_secret.py example doesn't work with GoTrust Idem webauthn key #183

glyph opened this issue Apr 10, 2023 · 3 comments

Comments

@glyph
Copy link

glyph commented Apr 10, 2023

This is on main as of 54cee22.

This could be a hardware bug in the GoTrust key, but attempting to run the example yields this:

Touch your authenticator device now...

New credential created, with the HmacSecret extension.
Authenticate with salt: <big hex key>

Touch your authenticator device now...

Traceback (most recent call last):
  File "/Users/glyph/Projects/python-fido2/fido2/client.py", line 836, in get_assertion
    return self._backend.do_get_assertion(
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/Users/glyph/Projects/python-fido2/fido2/client.py", line 683, in do_get_assertion
    assertions = self.ctap2.get_assertions(
                 ^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/Users/glyph/Projects/python-fido2/fido2/ctap2/base.py", line 439, in get_assertions
    first = self.get_assertion(*args, **kwargs)
            ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/Users/glyph/Projects/python-fido2/fido2/ctap2/base.py", line 411, in get_assertion
    self.send_cbor(
  File "/Users/glyph/Projects/python-fido2/fido2/ctap2/base.py", line 241, in send_cbor
    raise CtapError(status)
fido2.ctap.CtapError: CTAP error: 0x14 - MISSING_PARAMETER

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/Users/glyph/Projects/python-fido2/examples/hmac_secret.py", line 108, in <module>
    result = client.get_assertion(
             ^^^^^^^^^^^^^^^^^^^^^
  File "/Users/glyph/Projects/python-fido2/fido2/client.py", line 845, in get_assertion
    raise _ctap2client_err(e)
fido2.client.ClientError: (<ERR.BAD_REQUEST: 2>, CtapError('CTAP error: 0x14 - MISSING_PARAMETER'))

Perhaps someone with more experience with the CTAP2 or webauthn specs can decipher this faster than I am able to.
@dainnilsson
Copy link
Member

While I don't have the that particular key to test with, I believe this issue may have been fixed by changes in version 1.2. If you're able to re-test this, please let me know!

@glyph
Copy link
Author

glyph commented Dec 4, 2024

While I don't have the that particular key to test with, I believe this issue may have been fixed by changes in version 1.2. If you're able to re-test this, please let me know!

I think that key is lying around somewhere, I'll try and get to it soon :)

@glyph
Copy link
Author

glyph commented Dec 9, 2024

Just re-tested with a fresh install of all dependencies, and it is still broken in the same way, on 8b5939a .

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@dainnilsson @glyph