The first fail test is HMAC-Secret Test HMAC-Secret extension support
P-4 Send a valid CTAP2 GetAssertion(0x02) message, "extensions" containing a valid "hmac-secret" extension request, with salt1 and salt2, wait for the response, and: (a) Check that Authenticator returns CTAP1_ERR_SUCCESS(0x00) error code (b) Check that response extensions contain "hmac-secret" extension. Decrypt extensions (c) Check that decrypted hmacs contain uvSalt1Hmac, and uvSalt2Hmac (d) Check that uvSalt1Hmac does not equal to nonUvSalt1Hmac, an uvSalt2Hmac does not equal to nonUvSalt2Hmac.
Here'a a detailed log from the app.
Test started: P-4
Send a valid CTAP2 GetAssertion(0x02) message, "extensions" containing a valid "hmac-secret" extension request, with salt1 and salt2, wait for the response, and:
(a) Check that Authenticator returns CTAP1_ERR_SUCCESS(0x00) error code
(b) Check that response extensions contain "hmac-secret" extension. Decrypt extensions
(c) Check that decrypted hmacs contain uvSalt1Hmac, and uvSalt2Hmac
(d) Check that uvSalt1Hmac does not equal to nonUvSalt1Hmac, an uvSalt2Hmac does not equal to nonUvSalt2Hmac
(unknown) [CTAP2.1] ClientPIN: ---> Sending CTAP CMD... 06a201020202
Object
AppDat…ports\nfcdep.js:122 [NFC] Selected protocol "2" for reader "XXX"
AppDat…ports\nfcdep.js:238 [NFC] ---> DATA SENT: 00a4040008a0000006472f000100
AppDat…ports\nfcdep.js:243 [NFC] <--- DATA RECEIVED: 5532465f56329000
AppDat…ports\nfcdep.js:211 [NFC] RECEIVED SW_NO_ERROR
AppDat…ports\nfcdep.js:238 [NFC] ---> DATA SENT: 801000000606a20102020200
AppDat…ports\nfcdep.js:243 [NFC] <--- DATA RECEIVED: 00a101a5010203381820012158201b4dca45926571f23ec4919e288210935a951b8392eec2aca317c6f09b3f87b3225820943aec060f6471f4f880ce8ec8e7f9d414eefcc5f53c30b9fe9e476735f0a87f9000
AppDat…ports\nfcdep.js:211 [NFC] RECEIVED SW_NO_ERROR
(unknown) [CTAP2.1] ClientPIN: <--- Received response
Object
(unknown) [CTAP2.1] ClientPIN: ---> Sending CTAP CMD... 06a50102020303a50102033818200121582028228789c88bf9306508e4fab764f9081ddfbf13c80ff017e6a6f2d7e4a02c8e225820a8e0b182dc1174a0cd7174bcff557c1d2cf062b7b44393dc40f5d556d74cacbf045820532c47acc2614549f20dc42faa01e9933e18af6521a8b84c6bfbee7fcf705a6905585079fc5fb2dd81ce55ca9f58effc2c1ad253ee56ea9e22b265e277b7a9b2d15c792954bfe26741d97f5107e9b4e60fc43a4be5c3cc9fede234696e4d1233427d430fa79989635a56af79a95bbeed5a159f
Object
AppDat…ports\nfcdep.js:238 [NFC] ---> DATA SENT: 80100000cb06a50102020303a50102033818200121582028228789c88bf9306508e4fab764f9081ddfbf13c80ff017e6a6f2d7e4a02c8e225820a8e0b182dc1174a0cd7174bcff557c1d2cf062b7b44393dc40f5d556d74cacbf045820532c47acc2614549f20dc42faa01e9933e18af6521a8b84c6bfbee7fcf705a6905585079fc5fb2dd81ce55ca9f58effc2c1ad253ee56ea9e22b265e277b7a9b2d15c792954bfe26741d97f5107e9b4e60fc43a4be5c3cc9fede234696e4d1233427d430fa79989635a56af79a95bbeed5a159f00
AppDat…ports\nfcdep.js:243 [NFC] <--- DATA RECEIVED: 009000
AppDat…ports\nfcdep.js:211 [NFC] RECEIVED SW_NO_ERROR
(unknown) [CTAP2.1] ClientPIN: <--- Received response
Object
(unknown) [CTAP2.1] Generating test PUAT...
AppDat…ports\nfcdep.js:148 [NFC] Selected protocol "2" for reader "XXX"
(unknown) [CTAP2.1] ClientPIN: ---> Sending CTAP CMD... 06a201010202
Object
AppDat…ports\nfcdep.js:238 [NFC] ---> DATA SENT: 00a4040008a0000006472f000100
AppDat…ports\nfcdep.js:243 [NFC] <--- DATA RECEIVED: 5532465f56329000
AppDat…ports\nfcdep.js:211 [NFC] RECEIVED SW_NO_ERROR
AppDat…ports\nfcdep.js:238 [NFC] ---> DATA SENT: 801000000606a20101020200
AppDat…ports\nfcdep.js:243 [NFC] <--- DATA RECEIVED: 00a101a501020338182001215820968d0891de3bb72fe15cc42a5056cefeda407dcd4503bbf608ba3ad63246a3232258203b7c61f0b1c326b5c324c501ccdc3345644cb775a305fcd9fd8f1a34f86be66e9000
AppDat…ports\nfcdep.js:211 [NFC] RECEIVED SW_NO_ERROR
(unknown) [CTAP2.1] ClientPIN: <--- Received response
Object
(unknown) [CTAP2.1] ClientPIN: ---> Sending CTAP CMD... 06a40101020503a50102033818200121582077060554d069a937cb407a9477d56c6e0b9f39662083e39cf35a5024971286f8225820be7b3e1af75f657fa2e8737bcaa9428d7c467444d63a593c1225afc3babe74d90650a3b3f5c99ec40eedf554c1447a01dbf5
Object
AppDat…ports\nfcdep.js:238 [NFC] ---> DATA SENT: 801000006706a40101020503a50102033818200121582077060554d069a937cb407a9477d56c6e0b9f39662083e39cf35a5024971286f8225820be7b3e1af75f657fa2e8737bcaa9428d7c467444d63a593c1225afc3babe74d90650a3b3f5c99ec40eedf554c1447a01dbf500
AppDat…ports\nfcdep.js:243 [NFC] <--- DATA RECEIVED: 319000
FIDOGreatPinCodeThatNoOneWillEverGuess, not even the authenticator under test.
Can't wait for Patch3.
By submitting this issue you are acknowledging that any information regarding this issue will be publicly available.
If you have privacy concerns, please email conformance-tools@fidoalliance.org
FIRST PRE CHECK
What protocol are you implementing?
NOTE: UAF 1.0 certification have been officially sunset. U2F 1.2 only supported version of U2F.
What is your implementation class?
If you are platform authenticator vendor, please email conformance-tools@fidoalliance.org.
What is the version of the tool are you using?
v1.7.20-2
What is the OS and the version are you running?
For desktop tools
For UAF mobile tools
Issue description
Some tests fail because of an incorrect PIN provided during the test (to get the token). Token access fails, the PIN provided is rejected.
It was earlier identified there : https://github.com/fido-alliance/conformance-test-tools-resources/issues/746#issuecomment-2128987856 I just open a formal issue dedicated.
The first fail test is HMAC-Secret Test HMAC-Secret extension support
P-4 Send a valid CTAP2 GetAssertion(0x02) message, "extensions" containing a valid "hmac-secret" extension request, with salt1 and salt2, wait for the response, and: (a) Check that Authenticator returns CTAP1_ERR_SUCCESS(0x00) error code (b) Check that response extensions contain "hmac-secret" extension. Decrypt extensions (c) Check that decrypted hmacs contain uvSalt1Hmac, and uvSalt2Hmac (d) Check that uvSalt1Hmac does not equal to nonUvSalt1Hmac, an uvSalt2Hmac does not equal to nonUvSalt2Hmac.
Here'a a detailed log from the app.
FIDOGreatPinCodeThatNoOneWillEverGuess, not even the authenticator under test. Can't wait for Patch3.