Unable to Register the Contactless Java card with FIDO-U2F applet

[innolab123]

I have a contactless java card with FIDO-U2F applet (provided by you) installed on it. I wanted to use this card as FIDO U2F device as demonstrated in video shared by LedgerWallet. I am running github on my smartphone having FIDO enabled Google Authenticator app installed on it. I go through the step given on github for registering the device. At last when gitub asked to add the device, Google Authenticator app gets open.Google Authenticator said to touch and hold the device,for that I am attaching my javacard on the back of the phone after that it comes back to Github website and again asked to add the device.

[Franzaine]

@innolab123 Please ensure that the U2F applet is properly installed before any further debugging. To check do the following:

1. Download the Fidesmo Android app. Available on Google Play Store here: bitly.com/fidesmoapp
2. Open the app and hold the card to the back of the phone. Check that the Ledger FIDO U2F app appears.

If the above is true then the applet might be installed but be in some corrupt state. To make sure that the app is in a proper state please do reinstall it. Make sure to remove any logins that you have set up with U2F before because this will of course completely wipe the app. I don't know exactly the details of reinstalling the U2F app as it is developed by Ledger but I believe simply choosing the service INSTALL ON LEDGER DEVICE (FREE) will do fine. Just tap that service and follow the guide on screen to install it.

If the above was false (and the app did not show up as installed) then it is not installed and you have to install it as described above but without the worry of removing existing credentials.

After you've done this we can at least be sure of which state the applet is in :) Cheers, Theo

[darconeous]

Hey @Franzaine , I seem to be running into similar problems, except I'm using the Fidesmo Card 2.0.

After selection, the app returns an empty string instead of the required U2F_V2. If I try to do a registration, I get error 0x6982 or "Security condition not satisfied.". This leads me to believe that the certificate is not loaded properly.

Reinstalling via the Fidesmo app does not help, so there is something wonky going on with the certificate loading.

[darconeous]

You guys should really consider pulling the applet from the Fidesmo store if it doesn't work anymore.

[darconeous]

Not sure who to ping. @btchip ?

[ckahlo]

@darconeous Give it a view tries with uninstall, install, wait a bit, uninstall, install. I had issues that the backend returned a 500 error occasionally and needed a restart.

[darconeous]

No dice. I cannot get it to work.

I'm kind of amazed this thing is still available on the store when it is so obviously broken. It's not free either. I paid a few euros for this app, I expected it to at least work. I bet others have, too.

I personally don't care about the money, but that they are still accepting payment for something that they are not delivering seems dubious.

[darconeous]

@Franzaine?

[martinpaljak]

@darconeous noticed

[Franzaine]

@darconeous Thank you for notifying us! We performed a quick test as well and while installation worked fine the installed applet didn't seem to work with Google's U2F. We've unpublished the applet for now and are contacting the developer to see what can be done. Please contact our support at support@fidesmo.com for any refunds. Sorry about you not getting a response earlier, we simply missed it.

[ckahlo]

@Franzaine: Well, I hope they get it fixed. Indeed Fidesmo Yubikey 4 and Fidesmo V1 card are my every day carry tokens. My(*) years old applet works with a test site and Google Authenticator at least.

But the applet fails with extended length in a testcase. Do we know if this is a problem just with Google Authenticator? What does i.e. https://play.google.com/store/apps/details?id=de.cotech.hw.fido.example say?

Best regards, Christian

(*) meaning the installation I am having here ... its the applet from the Fidesmo Store.