Closed DSBloom closed 1 year ago
If you see a second "mostly empty" IYubiKeyDevice, it means that for some reason the device matching failed. The way we do this is by attempting to match based on the operating system's PnP tree (this only works reliably to match the two HID devices), and then by matching based on the serial number of the YubiKey.
Is the SDK able to resolve a serial number for both of the IYubiKeyDevice instances? (You can check the SerialNumber property) Are they the same number? Or is it unavailable on one or both of those instances?
I'm surprised that both PnP and serial matching would fail, unless we had issues communicating with the key.
Just to check: are you using the latest SDK version? (1.4.0?)
The second device looks like this:
Yes I am using the latest SDK, version 1.4.0
Sorry - picking this back up after the long weekend.
So the empty YubiKey doesn't have a serial number. Does the other, more populated key have it present?
Is the process running as elevated?
If you ToString
the YubiKeys, there should be some additional info: HasSmartCard
, HasHidFido
, HasHidKeyboard
. What are the values for each of those on each of the IYubiKeyDevices
that you get back?
If I hit a breakpoint in my application and run the following command in the Immediate Window YubiKeyDevice.FindAll().ToList()
this is the output I get:
Count = 2
[0]: {- Firmware Version: 5.4.2
- Serial Number: 16590660
- Form Factor: UsbAKeychain
- FIPS: True
- SKY: False
- Has SmartCard: True
- Has HID FIDO: False
- Has HID Keyboard: False
- Available USB Capabilities: Otp, FidoU2f, Ccid, Piv, Oath, Fido2
- Available NFC Capabilities: Otp, FidoU2f, Ccid, Piv, Oath, Fido2
- Enabled USB Capabilities: FidoU2f, Ccid, Piv
- Enabled NFC Capabilities: FidoU2f, Ccid, Piv
}
[1]: {- Firmware Version: 0.0.0
- Serial Number:
- Form Factor: Unknown
- FIPS: False
- SKY: False
- Has SmartCard: False
- Has HID FIDO: True
- Has HID Keyboard: False
- Available USB Capabilities: FidoU2f
- Available NFC Capabilities: None
- Enabled USB Capabilities: None
- Enabled NFC Capabilities: None
}
I believe this issue should now be resolved in the latest release (1.6.0). Please give that a try.
I am resolving this issue - however if you continue to encounter this even on the new version, please feel free to reopen.
When I insert a Yubikey device I get two events being raised. The first one contains the device I expect. And the second one is a mostly "empty" instance of
IYubikeyDevice
that only has the FIDO2 capability.The page here https://docs.yubico.com/yesdk/users-manual/sdk-programming-guide/device-notifications.html says that this should not be happening, under the section One YubiKey = One Event..
Do I perhaps something mis-configured? This happens with Yubikey 4 and 5 FIPS keys.