search

limpkin / mooltipass

Github repository dedicated to the mooltipass project
https://www.themooltipass.com
522 stars 113 forks source link

WebAuthN failed login ends to Mooltipass freeze / reboot #578

Closed TLeM4 closed 3 years ago

TLeM4 commented 3 years ago

Expected behavior

After WebAuthN failed register/login, the device should still work as usual, like before the operation

Actual behavior

After WebAuthN failed register/login, canceled by the PC before any reply on the mooltipass, the mooltipass will freeze periodically after the prompt and show "#002 Contact Support" and sometime "#005 Contact Support" message. The Mini BLE seems to loop indefinitely like that and some feature like WebAuthN or Memory Management Mode cannot be used from now. The Mini BLE will also restart if usb is unplugged (not always, but most of the time). The only found way to come back to normal use is to restart the Mini BLE.

Step by step guide to reproduce the problem

Bug reproduced on another Mini BLE/card pair but not tested on Windows.

  1. The Mini BLE is connected by usb with bluetooth disabled
  2. Go to a WebAuthN enabled website like https://webauthn.io (but not limited to)
  3. Register with WebAuthN and while the Mini BLE is asking you to save credentials, cancel the request on the PC
  4. Wait Mini BLE remove the prompt or reply anything
  5. The bug is now enabled

Operating System

Mooltipass Extension

Mooltipass Application

Mooltipass Device

limpkin commented 3 years ago

@TLeM4 issue transferred here: https://github.com/mooltipass/minible/issues/245