Interoperability of UAF client with other authenticators

[bamsazizi]

Hi there,

Thanks for sharing the source code.

We could build APK and run it on Samsung Galaxy S6 to use the Finger print reader for doing the authentication. But it didn't work with other Authenticators. Basically it shows all other options but it doesn't work/open other authenticators to perform the authentication. it just opens the built in authenticator activity.

Would you please consider that and help us at your earliest convenience?

Another quick point: Also in registration in "UAF_OPERATION_RESULT", "errorCode" must be included.

Thanks Bam

[npesic]

Hi Bam,

Thanks for reaching out, and thanks for you feedback.

Let me check if I understand the issue. You have tested with the Samsung S6 with the built in UAF client, and that worked. Did I get this part right?

Could you elaborate on the Authenticators: What authenticator did you use? Do you refer to ASM (Authenticator Specific Module) interface as described here: https://fidoalliance.org/specs/fido-uaf-v1.0-ps-20141208/fido-uaf-asm-api-v1.0-ps-20141208.html

Please, share more details.

Thanks in advance, Neb.

[bamsazizi]

Thanks Neb for quick reply, we are in middle of FIDO interoperability test and your help will be much appreciated.

Yes you're right. To elaborate more: During the test we got 3 APK from different vendors. Client RP , Client and authenticator. We cannot show any authenticator/ASM in the list when we press discover. but the app shows all the Clients and is able to communicate with them but there are some error in communication. One common error is the Client or ASM is not trusted. Do we need to add authenticator metadata to our RP?

More importantly, the desired scenario is our app as a client should be able to communicate with different ASM directly. I can share different APK with you via email . Would you please send me an email here: bam@wiacts.com.

Appreciate your help.

Thanks Bam

[npesic]

Thank you for clarifying.

As you have noticed the provided app is the Relying Party Test App that is used to demo how the UAF Client can be used with our UAF server implementation.

ASM is different API from UAF Client API. Our goal was to use the UAF Client API, since this is the way how apps should be integrating.

For this reason, this is not a real issue, since the RP Test App is working well with the FIDO UAF clients, as you have been able to confirm.

In order to test the authenticator, you will need to use some UAF Client that can be configured to use different ASM. This is at a moment out of scope of this project.

For FIDO Interop testing, you could use the following setup: 1) Our FIDO UAF server implementation 2) Our RP Test App 3) Some UAF Client (Like LG UAF Client) 4) Some ASM (I guess this is the object of your attention)

Please, let me know if I've missed anything.

[bamsazizi]

Thanks Neb.,

Problem is the client RP app works with built in Client and trusted authenticator/ASM which is Galaxy s6 Fingerprint sensor, but it doesn't work with other client and supported authenticator. I have other RP apps installed on the same device that are able to work with other Clients and authenticator.

Any idea bout the ErrorCode in RegReq to server? I've got this feedback from two other vendors that implemented UAF server.

I would be happy to share more info/log/picture/APKs if that helps to solve the problem for future use.

Bam

[npesic]

As we have discuss this in more detail in the chat (https://gitter.im/eBay/UAF) I believe we can conclude that this is not an issue.

It is required to white-list the new AAID in the server in order to start using it.

I'll go on and close this, and if you find any other issue, related or not, please, go on and open a new one.

Thanks, Neb.