Open jefftharris opened 1 year ago
Hi Jeff, I am going to check this. Please let me know which version of yubikit-android you use.
Using version 2.2.0
Hi, I tried to simulate/reproduce what you described, but without success. Could you try the attached snippet in the demo app (2.2.0) and let me know if you see the same issue? Just replace the activityViewModel.yubiKey.observer(viewLifecycleOwner) block with the attached snippet, start the DemoApp, and connect the YubiKey over USB - it should be blinking, waiting for touch, after which the hmacSha1 calculation should be successful. For the test, Slot 1 should be setup with challenge-response and touch required. I also attached my logcat output.
One thing I realised with YubiKey Neo is that when using it with an Android phone, I need to hold the phone in my hand for the touch to be registered. I use different types of USB-C - USB-A adaptors to connect the key to the phone and the touches would not be registered if the phone is just laying on the table when touching the YubiKey sensor. (Newer YubiKey’s like YubiKey 5 do not have such issue).
I'm seeing the same issue with the demo change. I tried the demo app at version 2.2.0 as well as mainline. The device info reported by the app is a 'YubiKey NEO' device, version 3.2.0, device form factor UNKNOWN, challenge response timeout: null. My phone is a Google Pixel XL running Android 10.
Using the demo app without the changes, I can get the issue to occur as well. From the initial screen, I'll insert the Yubikey and grant permission. The app shows the device info. If I then navigate to the YubiOTP screen and the challenge-response tab and then set the programmed slot (two) and click 'Calculate response', it'll give the No Data error popup. On that screen, if I remove the key and reinsert, the click on 'Calculate repsonse' succeeds.
I found a different YubiKey which seems to be working both in the demo app and my own. It is a YubiKey 5 NFC, form factor USB_A_KEYCHAIN, firmware 5.2.4, and challenge response timeout 15.
Upon insertion of a USB Yubikey, I am attempting to read device info such as serial number and then compute an HMAC-SHA1. The device info reads successfully, but the YubiOtpSession.calculateHmacSha1 doesn't seem to notice that the key needs a touch. The call fails with a CommandRejectedException with messsage "No data". If I do not read the device info, the calculateHmacSha1 call properly waits for the key touch. If I use NFC, I can both read the device info and calculate the HMAC-SHA1 with a single press of the key (YubiKey NEO).
To retrieve the device info, I am following the code from the Android demo app in the com.yubico.yubikit.android.app.ui.management.ManagementViewModel.readDeviceInfo method. It checks for various connection types and uses the DeviceUtil.readInfo method to read the data.
Logging for the failed calculateHmacSha1 call. The feature report never returns a tailing 89 value indicating the need for a touch.
Logging for the successful calculateHmacSha1 call without the debug info. The read report with the trailing 89 value is present indicating (I believe) touch is required.