Closed flipsa closed 1 year ago
Repairing the yubikey from my phone to my github worked, but didn't help with logging in. Removing the other keys did work to allow logging in to github.
Hey, This one is for FIDO, on latest nigtly. Signing in to Google Mail.
08-14 15:25:19.302 27731 27731 D FidoUsbHandler: YubiKey FIDO has permission
08-14 15:25:19.306 27731 27731 D UsbDeviceConnectionJNI: close
08-14 15:25:19.306 27731 27731 D FidoUsbHandler: Trying to use YubiKey FIDO for SIGN
08-14 15:25:19.307 27731 27731 D FidoUi : USB status set to waiting-for-user (Bundle[{device=UsbDevice[mName=/dev/bus/usb/001/002,mVendorId=4176,mProductId=1026,mClass=0,mSubclass=0,mProtocol=0,mManufacturerName=Yubico,mProductName=YubiKey FIDO,mVersion=5.43,mSerialNumberReader=android.hardware.usb.IUsbSerialReader$Stub$Proxy@c85ee7, mHasAudioPlayback=false, mHasAudioCapture=false, mHasMidi=false, mHasVideoCapture=false, mHasVideoPlayback=false, mConfigurations=[
08-14 15:25:19.307 27731 27731 D FidoUi : UsbConfiguration[mId=1,mName=null,mAttributes=128,mMaxPower=15,mInterfaces=[
08-14 15:25:19.307 27731 27731 D FidoUi : UsbInterface[mId=0,mAlternateSetting=0,mName=null,mClass=3,mSubclass=0,mProtocol=0,mEndpoints=[
08-14 15:25:19.307 27731 27731 D FidoUi : UsbEndpoint[mAddress=4,mAttributes=3,mMaxPacketSize=64,mInterval=2]
08-14 15:25:19.307 27731 27731 D FidoUi : UsbEndpoint[mAddress=132,mAttributes=3,mMaxPacketSize=64,mInterval=2]]]]}])
08-14 15:25:19.307 27731 27731 D FidoCtapHidConnection: Opening connection
08-14 15:25:19.310 27731 27731 D FidoCtapHidConnection: Sending CtapHidInitRequest(nonce=b578dKyv4Xo=) in 1 packets
08-14 15:25:19.310 27731 27731 D UsbRequestJNI: init
08-14 15:25:19.321 27731 27731 D FidoCtapHidConnection: Sent packet /////4YACG+e/HSsr+F6AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
08-14 15:25:19.321 27731 27731 D UsbRequestJNI: init
08-14 15:25:19.321 27731 27731 D FidoCtapHidConnection: Reading 64 bytes from usb
08-14 15:25:19.323 27731 27731 D FidoCtapHidConnection: Received packet /////4YAEW+e/HSsr+F6/+uYTwIFBAMFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
08-14 15:25:19.324 27731 27731 D FidoCtapHidConnection: Received CtapHidInitResponse(nonce=0xb578dKyv4Xo=, channelId=0x-1467b1, protocolVersion=0x2, version=5.4.3, capabilities=0x5) in 1 packets
08-14 15:25:19.325 27731 27731 D FidoCtapHidConnection: Sending CtapHidMessageRequest(U2fAuthenticationRequest(controlByte=0x7, challenge=pJ2UqxJJRYp7WOKhod0BC8+NA8GuazyD8n9CtqvkkSw=, application=1MnZAnMmJxqJzlH8rzKO1nPxe+M0af+Xnoq43VAeZk8=, keyHandle=W+DEYiPMMcqip9pm5ToRee3jCaOCZcc8qrIPUTuPGbOntMZx7ovaJBDKIXhZMhV60+/Y/7PIkwKSzZMu47sVhA==)) in 3 packets
08-14 15:25:19.325 27731 27731 D UsbRequestJNI: init
08-14 15:25:19.332 27731 27731 D FidoCtapHidConnection: Sent packet /+uYT4MAiAACBwAAAIGknZSrEklFintY4qGh3QELz40Dwa5rPIPyf0K2q+SRLNTJ2QJzJicaic5R/K8yjtZz8Q==
08-14 15:25:19.334 27731 27731 D FidoCtapHidConnection: Sent packet /+uYTwB74zRp/5eeirjdUB5mT0Bb4MRiI8wxyqKn2mblOhF57eMJo4Jlxzyqsg9RO48Zs6e0xnHui9okEMoheA==
08-14 15:25:19.335 7908 7965 D OpenGLRenderer: endAllActiveAnimators on 0x6fd93c6050 (RippleDrawable) with handle 0x6ef8f78430
08-14 15:25:19.337 27731 27731 D FidoCtapHidConnection: Sent packet /+uYTwFZMhV60+/Y/7PIkwKSzZMu47sVhAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
08-14 15:25:19.337 27731 27731 D UsbRequestJNI: init
08-14 15:25:19.337 27731 27731 D FidoCtapHidConnection: Reading 64 bytes from usb
08-14 15:25:19.342 27731 27731 D FidoCtapHidConnection: Received packet /+uYT4MAAmqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
08-14 15:25:19.342 27731 27731 D FidoCtapHidConnection: Received CtapHidMessageResponse(statusCode=0x6a80, payload=) in 1 packets
08-14 15:25:19.342 27731 27731 D FidoCtapHidConnection: Sending CtapHidMessageRequest(U2fAuthenticationRequest(controlByte=0x7, challenge=pJ2UqxJJRYp7WOKhod0BC8+NA8GuazyD8n9CtqvkkSw=, application=1MnZAnMmJxqJzlH8rzKO1nPxe+M0af+Xnoq43VAeZk8=, keyHandle=sWETwJbeOiv7aAIRqNdclyUXdM7A8Xe0kEN1Mz+dJHCRMXT3TTylpSWyYpGpYj11JuolVvuoK7qYFmLH/fT/nw==)) in 3 packets
08-14 15:25:19.343 27731 27731 D UsbRequestJNI: init
08-14 15:25:19.344 27731 27731 D FidoCtapHidConnection: Sent packet /+uYT4MAiAACBwAAAIGknZSrEklFintY4qGh3QELz40Dwa5rPIPyf0K2q+SRLNTJ2QJzJicaic5R/K8yjtZz8Q==
08-14 15:25:19.349 27731 27731 D FidoCtapHidConnection: Sent packet /+uYTwB74zRp/5eeirjdUB5mT0CxYRPAlt46K/toAhGo11yXJRd0zsDxd7SQQ3UzP50kcJExdPdNPKWlJbJikQ==
08-14 15:25:19.352 27731 27731 D FidoCtapHidConnection: Sent packet /+uYTwGpYj11JuolVvuoK7qYFmLH/fT/nwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
08-14 15:25:19.352 27731 27731 D UsbRequestJNI: init
08-14 15:25:19.352 27731 27731 D FidoCtapHidConnection: Reading 64 bytes from usb
08-14 15:25:19.358 27731 27731 D FidoCtapHidConnection: Received packet /+uYT4MAAmqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
08-14 15:25:19.358 27731 27731 D FidoCtapHidConnection: Received CtapHidMessageResponse(statusCode=0x6a80, payload=) in 1 packets
08-14 15:25:19.358 27731 27731 D FidoCtapHidConnection: Sending CtapHidMessageRequest(U2fAuthenticationRequest(controlByte=0x3, challenge=pJ2UqxJJRYp7WOKhod0BC8+NA8GuazyD8n9CtqvkkSw=, application=1MnZAnMmJxqJzlH8rzKO1nPxe+M0af+Xnoq43VAeZk8=, keyHandle=W+DEYiPMMcqip9pm5ToRee3jCaOCZcc8qrIPUTuPGbOntMZx7ovaJBDKIXhZMhV60+/Y/7PIkwKSzZMu47sVhA==)) in 3 packets
08-14 15:25:19.359 27731 27731 D UsbRequestJNI: init
08-14 15:25:19.360 27731 27731 D FidoCtapHidConnection: Sent packet /+uYT4MAiAACAwAAAIGknZSrEklFintY4qGh3QELz40Dwa5rPIPyf0K2q+SRLNTJ2QJzJicaic5R/K8yjtZz8Q==
08-14 15:25:19.364 27731 27731 D FidoCtapHidConnection: Sent packet /+uYTwB74zRp/5eeirjdUB5mT0Bb4MRiI8wxyqKn2mblOhF57eMJo4Jlxzyqsg9RO48Zs6e0xnHui9okEMoheA==
08-14 15:25:19.367 27731 27731 D FidoCtapHidConnection: Sent packet /+uYTwFZMhV60+/Y/7PIkwKSzZMu47sVhAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
08-14 15:25:19.367 27731 27731 D UsbRequestJNI: init
08-14 15:25:19.367 27731 27731 D FidoCtapHidConnection: Reading 64 bytes from usb
08-14 15:25:19.372 27731 27731 D FidoCtapHidConnection: Received packet /+uYT4MAAmqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
08-14 15:25:19.372 27731 27731 D FidoCtapHidConnection: Received CtapHidMessageResponse(statusCode=0x6a80, payload=) in 1 packets
08-14 15:25:19.372 27731 27731 D UsbDeviceConnectionJNI: close
08-14 15:25:19.372 27731 27731 W FidoUsbHandler: org.microg.gms.fido.core.transport.usb.ctaphid.CtapHidMessageStatusException: Received status 6a80
08-14 15:25:19.372 27731 27731 W FidoUsbHandler: at org.microg.gms.fido.core.transport.usb.ctaphid.CtapHidConnection.runCommand(CtapHidConnection.kt:143)
08-14 15:25:19.372 27731 27731 W FidoUsbHandler: at org.microg.gms.fido.core.transport.usb.ctaphid.CtapHidConnection$runCommand$1.invokeSuspend(Unknown Source:15)
08-14 15:25:19.372 27731 27731 W FidoUsbHandler: at kotlin.coroutines.jvm.internal.BaseContinuationImpl.resumeWith(ContinuationImpl.kt:33)
08-14 15:25:19.372 27731 27731 W FidoUsbHandler: at kotlinx.coroutines.internal.ScopeCoroutine.afterResume(Scopes.kt:33)
08-14 15:25:19.372 27731 27731 W FidoUsbHandler: at kotlinx.coroutines.AbstractCoroutine.resumeWith(AbstractCoroutine.kt:102)
08-14 15:25:19.372 27731 27731 W FidoUsbHandler: at kotlin.coroutines.jvm.internal.BaseContinuationImpl.resumeWith(ContinuationImpl.kt:46)
08-14 15:25:19.372 27731 27731 W FidoUsbHandler: at kotlinx.coroutines.DispatchedTask.run(DispatchedTask.kt:106)
08-14 15:25:19.372 27731 27731 W FidoUsbHandler: at androidx.lifecycle.DispatchQueue.drainQueue(DispatchQueue.kt:75)
08-14 15:25:19.372 27731 27731 W FidoUsbHandler: at androidx.lifecycle.DispatchQueue.enqueue(DispatchQueue.kt:112)
08-14 15:25:19.372 27731 27731 W FidoUsbHandler: at androidx.lifecycle.DispatchQueue.dispatchAndEnqueue$lambda-2$lambda-1(DispatchQueue.kt:100)
08-14 15:25:19.372 27731 27731 W FidoUsbHandler: at androidx.lifecycle.DispatchQueue.$r8$lambda$G2ay370n_s_ksSHUJaD9zIU8eCw(Unknown Source:0)
08-14 15:25:19.372 27731 27731 W FidoUsbHandler: at androidx.lifecycle.DispatchQueue$$ExternalSyntheticLambda0.run(Unknown Source:4)
08-14 15:25:19.372 27731 27731 W FidoUsbHandler: at android.os.Handler.handleCallback(Handler.java:938)
08-14 15:25:19.372 27731 27731 W FidoUsbHandler: at android.os.Handler.dispatchMessage(Handler.java:99)
08-14 15:25:19.372 27731 27731 W FidoUsbHandler: at android.os.Looper.loop(Looper.java:223)
08-14 15:25:19.372 27731 27731 W FidoUsbHandler: at android.app.ActivityThread.main(ActivityThread.java:7664)
08-14 15:25:19.372 27731 27731 W FidoUsbHandler: at java.lang.reflect.Method.invoke(Native Method)
08-14 15:25:19.372 27731 27731 W FidoUsbHandler: at com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run(RuntimeInit.java:592)
08-14 15:25:19.372 27731 27731 W FidoUsbHandler: at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:947)
08-14 15:25:19.375 27731 27731 D FidoUi : USB status set to waiting-for-device (null)
And this one for YubiKey5
08-14 15:43:59.639 27731 27731 D FidoUsbHandler: YubiKey OTP+FIDO+CCID has permission
08-14 15:43:59.643 27731 27731 D UsbDeviceConnectionJNI: close
08-14 15:43:59.643 27731 27731 D FidoUsbHandler: Trying to use YubiKey OTP+FIDO+CCID for SIGN
08-14 15:43:59.643 27731 27731 D FidoUi : USB status set to waiting-for-user (Bundle[{device=UsbDevice[mName=/dev/bus/usb/001/002,mVendorId=4176,mProductId=1031,mClass=0,mSubclass=0,mProtocol=0,mManufacturerName=Yubico,mProductName=YubiKey OTP+FIDO+CCID,mVersion=5.43,mSerialNumberReader=android.hardware.usb.IUsbSerialReader$Stub$Proxy@5e46ac1, mHasAudioPlayback=false, mHasAudioCapture=false, mHasMidi=false, mHasVideoCapture=false, mHasVideoPlayback=false, mConfigurations=[
08-14 15:43:59.643 27731 27731 D FidoUi : UsbConfiguration[mId=1,mName=null,mAttributes=128,mMaxPower=15,mInterfaces=[
08-14 15:43:59.643 27731 27731 D FidoUi : UsbInterface[mId=0,mAlternateSetting=0,mName=null,mClass=3,mSubclass=1,mProtocol=1,mEndpoints=[
08-14 15:43:59.643 27731 27731 D FidoUi : UsbEndpoint[mAddress=129,mAttributes=3,mMaxPacketSize=8,mInterval=10]]
08-14 15:43:59.643 27731 27731 D FidoUi : UsbInterface[mId=1,mAlternateSetting=0,mName=null,mClass=3,mSubclass=0,mProtocol=0,mEndpoints=[
08-14 15:43:59.643 27731 27731 D FidoUi : UsbEndpoint[mAddress=4,mAttributes=3,mMaxPacketSize=64,mInterval=2]
08-14 15:43:59.643 27731 27731 D FidoUi : UsbEndpoint[mAddress=132,mAttributes=3,mMaxPacketSize=64,mInterval=2]]
08-14 15:43:59.643 27731 27731 D FidoUi : UsbInterface[mId=2,mAlternateSetting=0,mName=null,mClass=11,mSubclass=0,mProtocol=0,mEndpoints=[
08-14 15:43:59.643 27731 27731 D FidoUi : UsbEndpoint[mAddress=2,mAttributes=2,mMaxPacketSize=64,mInterval=0]
08-14 15:43:59.643 27731 27731 D FidoUi : UsbEndpoint[mAddress=130,mAttributes=2,mMaxPacketSize=64,mInterval=0]
08-14 15:43:59.643 27731 27731 D FidoUi : UsbEndpoint[mAddress=131,mAttributes=3,mMaxPacketSize=8,mInterval=32]]]]}])
08-14 15:43:59.644 27731 27731 D FidoCtapHidConnection: Opening connection
08-14 15:43:59.645 27731 27731 D FidoCtapHidConnection: Sending CtapHidInitRequest(nonce=oeNYeqShAb4=) in 1 packets
08-14 15:43:59.645 27731 27731 D UsbRequestJNI: init
08-14 15:43:59.647 27731 27731 D FidoCtapHidConnection: Sent packet /////4YACKHjWHqkoQG+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
08-14 15:43:59.647 27731 27731 D UsbRequestJNI: init
08-14 15:43:59.648 27731 27731 D FidoCtapHidConnection: Reading 64 bytes from usb
08-14 15:43:59.653 27731 27731 D FidoCtapHidConnection: Received packet /////4YAEaHjWHqkoQG+nN7+FwIFBAMFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
08-14 15:43:59.654 27731 27731 D FidoCtapHidConnection: Received CtapHidInitResponse(nonce=0xoeNYeqShAb4=, channelId=0x-632101e9, protocolVersion=0x2, version=5.4.3, capabilities=0x5) in 1 packets
08-14 15:43:59.656 27731 27731 D FidoCtapHidConnection: Sending CtapHidMessageRequest(U2fAuthenticationRequest(controlByte=0x7, challenge=7niKwxUg7WhuRwR/51gcVNa/aFn6WzlT811Yvd9ruhw=, application=1MnZAnMmJxqJzlH8rzKO1nPxe+M0af+Xnoq43VAeZk8=, keyHandle=W+DEYiPMMcqip9pm5ToRee3jCaOCZcc8qrIPUTuPGbOntMZx7ovaJBDKIXhZMhV60+/Y/7PIkwKSzZMu47sVhA==)) in 3 packets
08-14 15:43:59.656 27731 27731 D UsbRequestJNI: init
08-14 15:43:59.661 7908 7965 D OpenGLRenderer: endAllActiveAnimators on 0x6fd9331820 (RippleDrawable) with handle 0x6ef8fa60f0
08-14 15:43:59.664 27731 27731 D FidoCtapHidConnection: Sent packet nN7+F4MAiAACBwAAAIHueIrDFSDtaG5HBH/nWBxU1r9oWfpbOVPzXVi932u6HNTJ2QJzJicaic5R/K8yjtZz8Q==
08-14 15:43:59.666 27731 27731 D FidoCtapHidConnection: Sent packet nN7+FwB74zRp/5eeirjdUB5mT0Bb4MRiI8wxyqKn2mblOhF57eMJo4Jlxzyqsg9RO48Zs6e0xnHui9okEMoheA==
08-14 15:43:59.676 27731 27731 D FidoCtapHidConnection: Sent packet nN7+FwFZMhV60+/Y/7PIkwKSzZMu47sVhAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
08-14 15:43:59.682 27731 27731 D UsbRequestJNI: init
08-14 15:43:59.682 27731 27731 D FidoCtapHidConnection: Reading 64 bytes from usb
08-14 15:43:59.684 27731 27731 D FidoCtapHidConnection: Received packet nN7+F4MAAmqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
08-14 15:43:59.684 27731 27731 D FidoCtapHidConnection: Received CtapHidMessageResponse(statusCode=0x6a80, payload=) in 1 packets
08-14 15:43:59.685 27731 27731 D FidoCtapHidConnection: Sending CtapHidMessageRequest(U2fAuthenticationRequest(controlByte=0x7, challenge=7niKwxUg7WhuRwR/51gcVNa/aFn6WzlT811Yvd9ruhw=, application=1MnZAnMmJxqJzlH8rzKO1nPxe+M0af+Xnoq43VAeZk8=, keyHandle=sWETwJbeOiv7aAIRqNdclyUXdM7A8Xe0kEN1Mz+dJHCRMXT3TTylpSWyYpGpYj11JuolVvuoK7qYFmLH/fT/nw==)) in 3 packets
08-14 15:43:59.685 27731 27731 D UsbRequestJNI: init
08-14 15:43:59.686 27731 27731 D FidoCtapHidConnection: Sent packet nN7+F4MAiAACBwAAAIHueIrDFSDtaG5HBH/nWBxU1r9oWfpbOVPzXVi932u6HNTJ2QJzJicaic5R/K8yjtZz8Q==
08-14 15:43:59.688 27731 27731 D FidoCtapHidConnection: Sent packet nN7+FwB74zRp/5eeirjdUB5mT0CxYRPAlt46K/toAhGo11yXJRd0zsDxd7SQQ3UzP50kcJExdPdNPKWlJbJikQ==
08-14 15:43:59.692 27731 27731 D FidoCtapHidConnection: Sent packet nN7+FwGpYj11JuolVvuoK7qYFmLH/fT/nwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
08-14 15:43:59.692 27731 27731 D UsbRequestJNI: init
08-14 15:43:59.692 27731 27731 D FidoCtapHidConnection: Reading 64 bytes from usb
08-14 15:43:59.696 27731 27731 D FidoCtapHidConnection: Received packet nN7+F4MAAmqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
08-14 15:43:59.697 27731 27731 D FidoCtapHidConnection: Received CtapHidMessageResponse(statusCode=0x6a80, payload=) in 1 packets
08-14 15:43:59.697 27731 27731 D FidoCtapHidConnection: Sending CtapHidMessageRequest(U2fAuthenticationRequest(controlByte=0x3, challenge=7niKwxUg7WhuRwR/51gcVNa/aFn6WzlT811Yvd9ruhw=, application=1MnZAnMmJxqJzlH8rzKO1nPxe+M0af+Xnoq43VAeZk8=, keyHandle=W+DEYiPMMcqip9pm5ToRee3jCaOCZcc8qrIPUTuPGbOntMZx7ovaJBDKIXhZMhV60+/Y/7PIkwKSzZMu47sVhA==)) in 3 packets
08-14 15:43:59.698 27731 27731 D UsbRequestJNI: init
08-14 15:43:59.701 27731 27731 D FidoCtapHidConnection: Sent packet nN7+F4MAiAACAwAAAIHueIrDFSDtaG5HBH/nWBxU1r9oWfpbOVPzXVi932u6HNTJ2QJzJicaic5R/K8yjtZz8Q==
08-14 15:43:59.702 27731 27731 D FidoCtapHidConnection: Sent packet nN7+FwB74zRp/5eeirjdUB5mT0Bb4MRiI8wxyqKn2mblOhF57eMJo4Jlxzyqsg9RO48Zs6e0xnHui9okEMoheA==
08-14 15:43:59.704 27731 27731 D FidoCtapHidConnection: Sent packet nN7+FwFZMhV60+/Y/7PIkwKSzZMu47sVhAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
08-14 15:43:59.704 27731 27731 D UsbRequestJNI: init
08-14 15:43:59.704 27731 27731 D FidoCtapHidConnection: Reading 64 bytes from usb
08-14 15:43:59.712 27731 27731 D FidoCtapHidConnection: Received packet nN7+F4MAAmqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
08-14 15:43:59.713 27731 27731 D FidoCtapHidConnection: Received CtapHidMessageResponse(statusCode=0x6a80, payload=) in 1 packets
08-14 15:43:59.713 27731 27731 D UsbDeviceConnectionJNI: close
08-14 15:43:59.715 27731 27731 W FidoUsbHandler: org.microg.gms.fido.core.transport.usb.ctaphid.CtapHidMessageStatusException: Received status 6a80
08-14 15:43:59.715 27731 27731 W FidoUsbHandler: at org.microg.gms.fido.core.transport.usb.ctaphid.CtapHidConnection.runCommand(CtapHidConnection.kt:143)
08-14 15:43:59.715 27731 27731 W FidoUsbHandler: at org.microg.gms.fido.core.transport.usb.ctaphid.CtapHidConnection$runCommand$1.invokeSuspend(Unknown Source:15)
08-14 15:43:59.715 27731 27731 W FidoUsbHandler: at kotlin.coroutines.jvm.internal.BaseContinuationImpl.resumeWith(ContinuationImpl.kt:33)
08-14 15:43:59.715 27731 27731 W FidoUsbHandler: at kotlinx.coroutines.internal.ScopeCoroutine.afterResume(Scopes.kt:33)
08-14 15:43:59.715 27731 27731 W FidoUsbHandler: at kotlinx.coroutines.AbstractCoroutine.resumeWith(AbstractCoroutine.kt:102)
08-14 15:43:59.715 27731 27731 W FidoUsbHandler: at kotlin.coroutines.jvm.internal.BaseContinuationImpl.resumeWith(ContinuationImpl.kt:46)
08-14 15:43:59.715 27731 27731 W FidoUsbHandler: at kotlinx.coroutines.DispatchedTask.run(DispatchedTask.kt:106)
08-14 15:43:59.715 27731 27731 W FidoUsbHandler: at androidx.lifecycle.DispatchQueue.drainQueue(DispatchQueue.kt:75)
08-14 15:43:59.715 27731 27731 W FidoUsbHandler: at androidx.lifecycle.DispatchQueue.enqueue(DispatchQueue.kt:112)
08-14 15:43:59.715 27731 27731 W FidoUsbHandler: at androidx.lifecycle.DispatchQueue.dispatchAndEnqueue$lambda-2$lambda-1(DispatchQueue.kt:100)
08-14 15:43:59.715 27731 27731 W FidoUsbHandler: at androidx.lifecycle.DispatchQueue.$r8$lambda$G2ay370n_s_ksSHUJaD9zIU8eCw(Unknown Source:0)
08-14 15:43:59.715 27731 27731 W FidoUsbHandler: at androidx.lifecycle.DispatchQueue$$ExternalSyntheticLambda0.run(Unknown Source:4)
08-14 15:43:59.715 27731 27731 W FidoUsbHandler: at android.os.Handler.handleCallback(Handler.java:938)
08-14 15:43:59.715 27731 27731 W FidoUsbHandler: at android.os.Handler.dispatchMessage(Handler.java:99)
08-14 15:43:59.715 27731 27731 W FidoUsbHandler: at android.os.Looper.loop(Looper.java:223)
08-14 15:43:59.715 27731 27731 W FidoUsbHandler: at android.app.ActivityThread.main(ActivityThread.java:7664)
08-14 15:43:59.715 27731 27731 W FidoUsbHandler: at java.lang.reflect.Method.invoke(Native Method)
08-14 15:43:59.715 27731 27731 W FidoUsbHandler: at com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run(RuntimeInit.java:592)
08-14 15:43:59.715 27731 27731 W FidoUsbHandler: at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:947)
08-14 15:43:59.717 27731 27731 D FidoUi : USB status set to waiting-for-device (null)
In both cases logging in did not succeed.
It did work with FIDO key and fastmail. Fails however with YubiKey5. Logcat for YubiKey5 below.
08-14 16:04:23.890 27731 27731 D FidoUsbHandler: YubiKey OTP+FIDO+CCID has permission
08-14 16:04:23.893 27731 27731 D UsbDeviceConnectionJNI: close
08-14 16:04:23.893 27731 27731 D FidoUsbHandler: Trying to use YubiKey OTP+FIDO+CCID for SIGN
08-14 16:04:23.894 27731 27731 D FidoUi : USB status set to waiting-for-user (Bundle[{device=UsbDevice[mName=/dev/bus/usb/001/002,mVendorId=4176,mProductId=1031,mClass=0,mSubclass=0,mProtocol=0,mManufacturerName=Yubico,mProductName=YubiKey OTP+FIDO+CCID,mVersion=5.43,mSerialNumberReader=android.hardware.usb.IUsbSerialReader$Stub$Proxy@a25e8bf, mHasAudioPlayback=false, mHasAudioCapture=false, mHasMidi=false, mHasVideoCapture=false, mHasVideoPlayback=false, mConfigurations=[
08-14 16:04:23.894 27731 27731 D FidoUi : UsbConfiguration[mId=1,mName=null,mAttributes=128,mMaxPower=15,mInterfaces=[
08-14 16:04:23.894 27731 27731 D FidoUi : UsbInterface[mId=0,mAlternateSetting=0,mName=null,mClass=3,mSubclass=1,mProtocol=1,mEndpoints=[
08-14 16:04:23.894 27731 27731 D FidoUi : UsbEndpoint[mAddress=129,mAttributes=3,mMaxPacketSize=8,mInterval=10]]
08-14 16:04:23.894 27731 27731 D FidoUi : UsbInterface[mId=1,mAlternateSetting=0,mName=null,mClass=3,mSubclass=0,mProtocol=0,mEndpoints=[
08-14 16:04:23.894 27731 27731 D FidoUi : UsbEndpoint[mAddress=4,mAttributes=3,mMaxPacketSize=64,mInterval=2]
08-14 16:04:23.894 27731 27731 D FidoUi : UsbEndpoint[mAddress=132,mAttributes=3,mMaxPacketSize=64,mInterval=2]]
08-14 16:04:23.894 27731 27731 D FidoUi : UsbInterface[mId=2,mAlternateSetting=0,mName=null,mClass=11,mSubclass=0,mProtocol=0,mEndpoints=[
08-14 16:04:23.894 27731 27731 D FidoUi : UsbEndpoint[mAddress=2,mAttributes=2,mMaxPacketSize=64,mInterval=0]
08-14 16:04:23.894 27731 27731 D FidoUi : UsbEndpoint[mAddress=130,mAttributes=2,mMaxPacketSize=64,mInterval=0]
08-14 16:04:23.894 27731 27731 D FidoUi : UsbEndpoint[mAddress=131,mAttributes=3,mMaxPacketSize=8,mInterval=32]]]]}])
08-14 16:04:23.894 27731 27731 D FidoCtapHidConnection: Opening connection
08-14 16:04:23.895 27731 27731 D FidoCtapHidConnection: Sending CtapHidInitRequest(nonce=laFHGiAUkkg=) in 1 packets
08-14 16:04:23.895 27731 27731 D UsbRequestJNI: init
08-14 16:04:23.898 27731 27731 D FidoCtapHidConnection: Sent packet /////4YACJWhRxogFJJIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
08-14 16:04:23.899 27731 27731 D UsbRequestJNI: init
08-14 16:04:23.899 27731 27731 D FidoCtapHidConnection: Reading 64 bytes from usb
08-14 16:04:23.904 27731 27731 D FidoCtapHidConnection: Received packet /////4YAEZWhRxogFJJIFunQ3wIFBAMFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
08-14 16:04:23.914 27731 27731 D FidoCtapHidConnection: Received CtapHidInitResponse(nonce=0xlaFHGiAUkkg=, channelId=0x16e9d0df, protocolVersion=0x2, version=5.4.3, capabilities=0x5) in 1 packets
08-14 16:04:23.915 27731 27731 D FidoCtapHidConnection: Sending CtapHidMessageRequest(U2fAuthenticationRequest(controlByte=0x7, challenge=OI/6v62/ZmoRK331ZEFiQ+fbcNOk1v/aBGee1FiEKus=, application=P8uCgrhGduvucUDjnsrhbusZkGTHx+RDLijJtX5LYDk=, keyHandle=DhbWEmFa6bOofzaBXpUIghU7tmchvM2jsuVdnaziFt/WJG5pEBAYkxSAMSXnI8+5YLWoCBr+NTHfewy0nu1E3g==)) in 3 packets
08-14 16:04:23.915 27731 27731 D UsbRequestJNI: init
08-14 16:04:23.916 27731 27731 D FidoCtapHidConnection: Sent packet FunQ34MAiAACBwAAAIE4j/q/rb9mahErffVkQWJD59tw06TW/9oEZ57UWIQq6z/LgoK4Rnbr7nFA457K4W7rGQ==
08-14 16:04:23.922 27731 27731 D FidoCtapHidConnection: Sent packet FunQ3wCQZMfH5EMuKMm1fktgOUAOFtYSYVrps6h/NoFelQiCFTu2ZyG8zaOy5V2drOIW39YkbmkQEBiTFIAxJQ==
08-14 16:04:23.926 27731 27731 D FidoCtapHidConnection: Sent packet FunQ3wHnI8+5YLWoCBr+NTHfewy0nu1E3gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
08-14 16:04:23.927 27731 27731 D UsbRequestJNI: init
08-14 16:04:23.927 27731 27731 D FidoCtapHidConnection: Reading 64 bytes from usb
08-14 16:04:23.930 27731 27731 D FidoCtapHidConnection: Received packet FunQ34MAAmqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
08-14 16:04:23.930 27731 27731 D FidoCtapHidConnection: Received CtapHidMessageResponse(statusCode=0x6a80, payload=) in 1 packets
08-14 16:04:23.930 27731 27731 D FidoCtapHidConnection: Sending CtapHidMessageRequest(U2fAuthenticationRequest(controlByte=0x7, challenge=OI/6v62/ZmoRK331ZEFiQ+fbcNOk1v/aBGee1FiEKus=, application=P8uCgrhGduvucUDjnsrhbusZkGTHx+RDLijJtX5LYDk=, keyHandle=fyb9oKPblqWGBk+tWxDxoE5a1HFhd5tCg4KkLnAqZ4R9wNwkTYaRa+LRVU1T0UOwv90Z8JBH09Ph1YwyH/DO3Q==)) in 3 packets
08-14 16:04:23.930 27731 27731 D UsbRequestJNI: init
08-14 16:04:23.948 27731 27731 D FidoCtapHidConnection: Sent packet FunQ34MAiAACBwAAAIE4j/q/rb9mahErffVkQWJD59tw06TW/9oEZ57UWIQq6z/LgoK4Rnbr7nFA457K4W7rGQ==
08-14 16:04:23.949 27731 27731 D FidoCtapHidConnection: Sent packet FunQ3wCQZMfH5EMuKMm1fktgOUB/Jv2go9uWpYYGT61bEPGgTlrUcWF3m0KDgqQucCpnhH3A3CRNhpFr4tFVTQ==
08-14 16:04:23.952 27731 27731 D FidoCtapHidConnection: Sent packet FunQ3wFT0UOwv90Z8JBH09Ph1YwyH/DO3QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
08-14 16:04:23.952 27731 27731 D UsbRequestJNI: init
08-14 16:04:23.952 27731 27731 D FidoCtapHidConnection: Reading 64 bytes from usb
08-14 16:04:23.958 27731 27731 D FidoCtapHidConnection: Received packet FunQ34MAAmmFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
08-14 16:04:23.958 27731 27731 D FidoCtapHidConnection: Received CtapHidMessageResponse(statusCode=0x6985, payload=) in 1 packets
08-14 16:04:23.959 27731 27731 D FidoCtapHidConnection: Sending CtapHidMessageRequest(U2fAuthenticationRequest(controlByte=0x3, challenge=OI/6v62/ZmoRK331ZEFiQ+fbcNOk1v/aBGee1FiEKus=, application=P8uCgrhGduvucUDjnsrhbusZkGTHx+RDLijJtX5LYDk=, keyHandle=DhbWEmFa6bOofzaBXpUIghU7tmchvM2jsuVdnaziFt/WJG5pEBAYkxSAMSXnI8+5YLWoCBr+NTHfewy0nu1E3g==)) in 3 packets
08-14 16:04:23.959 27731 27731 D UsbRequestJNI: init
08-14 16:04:23.961 27731 27731 D FidoCtapHidConnection: Sent packet FunQ34MAiAACAwAAAIE4j/q/rb9mahErffVkQWJD59tw06TW/9oEZ57UWIQq6z/LgoK4Rnbr7nFA457K4W7rGQ==
08-14 16:04:23.964 27731 27731 D FidoCtapHidConnection: Sent packet FunQ3wCQZMfH5EMuKMm1fktgOUAOFtYSYVrps6h/NoFelQiCFTu2ZyG8zaOy5V2drOIW39YkbmkQEBiTFIAxJQ==
08-14 16:04:23.966 27731 27731 D FidoCtapHidConnection: Sent packet FunQ3wHnI8+5YLWoCBr+NTHfewy0nu1E3gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
08-14 16:04:23.966 27731 27731 D UsbRequestJNI: init
08-14 16:04:23.966 27731 27731 D FidoCtapHidConnection: Reading 64 bytes from usb
08-14 16:04:23.972 27731 27731 D FidoCtapHidConnection: Received packet FunQ34MAAmqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
08-14 16:04:23.972 27731 27731 D FidoCtapHidConnection: Received CtapHidMessageResponse(statusCode=0x6a80, payload=) in 1 packets
08-14 16:04:23.972 27731 27731 D UsbDeviceConnectionJNI: close
08-14 16:04:23.974 27731 27731 W FidoUsbHandler: org.microg.gms.fido.core.transport.usb.ctaphid.CtapHidMessageStatusException: Received status 6a80
08-14 16:04:23.974 27731 27731 W FidoUsbHandler: at org.microg.gms.fido.core.transport.usb.ctaphid.CtapHidConnection.runCommand(CtapHidConnection.kt:143)
08-14 16:04:23.974 27731 27731 W FidoUsbHandler: at org.microg.gms.fido.core.transport.usb.ctaphid.CtapHidConnection$runCommand$1.invokeSuspend(Unknown Source:15)
08-14 16:04:23.974 27731 27731 W FidoUsbHandler: at kotlin.coroutines.jvm.internal.BaseContinuationImpl.resumeWith(ContinuationImpl.kt:33)
08-14 16:04:23.974 27731 27731 W FidoUsbHandler: at kotlinx.coroutines.internal.ScopeCoroutine.afterResume(Scopes.kt:33)
08-14 16:04:23.974 27731 27731 W FidoUsbHandler: at kotlinx.coroutines.AbstractCoroutine.resumeWith(AbstractCoroutine.kt:102)
08-14 16:04:23.974 27731 27731 W FidoUsbHandler: at kotlin.coroutines.jvm.internal.BaseContinuationImpl.resumeWith(ContinuationImpl.kt:46)
08-14 16:04:23.974 27731 27731 W FidoUsbHandler: at kotlinx.coroutines.DispatchedTask.run(DispatchedTask.kt:106)
08-14 16:04:23.974 27731 27731 W FidoUsbHandler: at androidx.lifecycle.DispatchQueue.drainQueue(DispatchQueue.kt:75)
08-14 16:04:23.974 27731 27731 W FidoUsbHandler: at androidx.lifecycle.DispatchQueue.enqueue(DispatchQueue.kt:112)
08-14 16:04:23.974 27731 27731 W FidoUsbHandler: at androidx.lifecycle.DispatchQueue.dispatchAndEnqueue$lambda-2$lambda-1(DispatchQueue.kt:100)
08-14 16:04:23.974 27731 27731 W FidoUsbHandler: at androidx.lifecycle.DispatchQueue.$r8$lambda$G2ay370n_s_ksSHUJaD9zIU8eCw(Unknown Source:0)
08-14 16:04:23.974 27731 27731 W FidoUsbHandler: at androidx.lifecycle.DispatchQueue$$ExternalSyntheticLambda0.run(Unknown Source:4)
08-14 16:04:23.974 27731 27731 W FidoUsbHandler: at android.os.Handler.handleCallback(Handler.java:938)
08-14 16:04:23.974 27731 27731 W FidoUsbHandler: at android.os.Handler.dispatchMessage(Handler.java:99)
08-14 16:04:23.974 27731 27731 W FidoUsbHandler: at android.os.Looper.loop(Looper.java:223)
08-14 16:04:23.974 27731 27731 W FidoUsbHandler: at android.app.ActivityThread.main(ActivityThread.java:7664)
08-14 16:04:23.974 27731 27731 W FidoUsbHandler: at java.lang.reflect.Method.invoke(Native Method)
08-14 16:04:23.974 27731 27731 W FidoUsbHandler: at com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run(RuntimeInit.java:592)
08-14 16:04:23.974 27731 27731 W FidoUsbHandler: at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:947)
08-14 16:04:23.977 27731 27731 D FidoUi : USB status set to waiting-for-device (null)
@mar-v-in Is there already (or is that planned) a microG replacement for the play-services-fido
client library, such that the f-droid firefox builds can use that?
(or is that the point 5. from above? If yes, geckoview depends on that lib, so any app that depends on geckoview pulls that in automatically.)
@Bubu no, point 5 is unrelated, browsers need to use the privileged API
The play-services-fido
client library on master is entirely untested right now, but comes with the APIs required for browsers. I don't know how easily it could be embedded in the f-droid firefox builds as the library and dependency structure currently doesn't match the one from Google entirely (this doesn't matter for apps that use maven/gradle dependency resolution, but I know it does affect chromium builds).
Also, even with the play-services-fido
client library, the f-droid build of Firefox will not be working with Google Play Services Fido services, as the privileged API that browsers need to use is restricted to authorized apps. However you technically could also embed the play-services-fido-core
module with the Firefox build and have it directly connect to the USB device (instead of using the service) - similarly as it's done in CCTG.
I don't know how easily it could be embedded in the f-droid firefox builds as the library and dependency structure currently doesn't match the one from Google entirely (this doesn't matter for apps that use maven/gradle dependency resolution, but I know it does affect chromium builds).
Geckoview uses gradle for including play-services-fido, so that should "just work" (I haven't looked at the f-droid fennec build in quite a while, so I can't say for sure)
However you technically could also embed the play-services-fido-core module with the Firefox build and have it directly connect to the USB device (instead of using the service) - similarly as it's done in CCTG.
Heh, that sounds like a fun project actually. (For completely unrelated reasons, I've just been playing around with building geckoview anyway, while stumbling over this comment thread :))
Downstream issue: https://gitlab.com/relan/fennecbuild/-/issues/34
Fennec F-Droid maintainer here (Fennec is a libre fork of Firefox). A free implementation of WebAuthn sounds very exciting, would love to use it in our builds! :slightly_smiling_face:
I'm trying to build GeckoView (Firefox engine) with the microG client library instead of GMS:
diff -r ae56b3bb7fa3 mobile/android/geckoview/build.gradle
--- a/mobile/android/geckoview/build.gradle Thu Aug 18 12:29:20 2022 +0000
+++ b/mobile/android/geckoview/build.gradle Fri Sep 16 07:17:02 2022 +0000
@@ -211,7 +211,7 @@
implementation "androidx.annotation:annotation:1.3.0"
implementation "androidx.legacy:legacy-support-v4:1.0.0"
- implementation "com.google.android.gms:play-services-fido:18.1.0"
+ implementation "org.microg.gms:play-services-fido:0.2.24.214816-dirty"
implementation "org.yaml:snakeyaml:1.24:android"
implementation "androidx.lifecycle:lifecycle-extensions:2.2.0"
Fixed two issues (#1782, #1783), now struggling with:
0:26.64 /home/fdroid/fdroiddata/build/srclib/MozFennec/mobile/android/geckoview/src/main/java/org/mozilla/geckoview/WebAuthnTokenManager.java:206: error: unreported exception UnsupportedPubKeyCredDescriptorException; must be caught or declared to be thrown
0:26.64 new PublicKeyCredentialDescriptor(
0:26.64 ^
0:26.64 /home/fdroid/fdroiddata/build/srclib/MozFennec/mobile/android/geckoview/src/main/java/org/mozilla/geckoview/WebAuthnTokenManager.java:412: error: unreported exception UnsupportedPubKeyCredDescriptorException; must be caught or declared to be thrown
0:26.64 new PublicKeyCredentialDescriptor(
0:26.64 ^
0:27.24 Note: Some input files use or override a deprecated API.
0:27.24 Note: Recompile with -Xlint:deprecation for details.
0:27.24 2 errors
Mozilla code is here.
Any ideas how to fix this unreported exception issue?
The PublicKeyCredentialDescriptor
constructor indeed is not supposed to throw this exception. The exception catched inside the constructor is encapsulated in an unchecked IllegalArgumentException
in Google's implementation instead. I'll push a patch for that later today,
I also plan to finally push a release of this in the next days (after I finally finished and properly tested CTAP2, NFC and FidoAppIdExtension support, which should fix all the issues reported so far).
Support for CTAP2, NFC, FidoAppId extension, android-key and android-safetynet attestation are now in the nightly. This should greatly improve compatibility. If you had issues with any key or website before, please try again with latest nightly and report back.
GeckoView builds fine with org.microg.gms:play-services-fido:0.2.24.223315-40 (b582f19)
, thanks!
Would be great if someone could test WebAuthn in the experimental build of Fennec: https://gitlab.com/relan/fennecbuild/-/issues/34#note_1105832704
Hey there, amazing work @mar-v-in!
Github and Fastmail work on both Fido and YubiKey 5, and both via USB or NFC.
Unfortunately Google Mail is still broken - however this time it doesn't even bring up the prompt to insert / touch the key. The page switches to "There was a problem" almost immediately, and suggests to try again, or try another method of verification. Will post a logcat later.
I tried logging in to GMail app - there a message was displayed, stating that my browser does not support security keys
You're talking about signing into your Google Account via microG's Google Account Manager? Indeed this currently won't work, as the login flow doesn't use a normal browser that could support WebAuthn, but a special Android WebView.
Or are you talking about signing into your Google Account from a supported web browser like Chrome(ium) or Firefox? This should work as far as I can tell, but I haven't tried with Google Accounts yet. I will try to setup a Google Account to test this.
The first few attempts were in Firefox - these resulted in the page switching to "There was a problem" page. When testing one of the previous nightlies (mid-Aug) the security key prompt was displayed while trying to log in to the same Gmail account.
Thanks for working on this mar-v-in! I have also tested the nightly (lineage 19.1 microg sunfish, yubico 5 series) with browser auth, and found the following: Firefox: AWS & Github work, google does not Chromium: none of the above three work On Chromium, AWS & Github get to the step of touching key in the microg workflow, but the key does not flash and touching it does nothing. For google, I had same observation as luken-dev. The browser key auth fails without bringing up the security key prompt at all.
@tjburrows which chromium version and build source are you using?
I used the version provided by FFUpdater. This is currently version 108.0.5314.0.
I can now login to github with my yubikey 4 even when the account has multiple registered keys. The solokey still doesn't work.
The latest nightly contains a fix that should help with latest Chromium. Also Google sign-in now works for me on both Firefox and latest Chrome (tested using a Yubikey 5 with NFC).
Note that PIN-protected security keys are not yet supported.
Tried logging into AWS using an NFC Yubikey 5 on Firefox (official from play store). It just vibrates when I tap it and get this stack trace in logcat:
10-03 23:27:56.764 23717 23717 W FidoNfcHandler: org.microg.gms.fido.core.transport.nfc.CtapNfcMessageStatusException: Received status 2e
10-03 23:27:56.764 23717 23717 W FidoNfcHandler: at org.microg.gms.fido.core.transport.nfc.CtapNfcConnection.runCommand(CtapNfcConnection.kt:62)
10-03 23:27:56.764 23717 23717 W FidoNfcHandler: at org.microg.gms.fido.core.transport.TransportHandler.ctap2sign(TransportHandler.kt:184)
10-03 23:27:56.764 23717 23717 W FidoNfcHandler: at org.microg.gms.fido.core.transport.TransportHandler.sign$play_services_fido_core_release(TransportHandler.kt:249)
10-03 23:27:56.764 23717 23717 W FidoNfcHandler: at org.microg.gms.fido.core.transport.nfc.NfcTransportHandler$sign$2.invokeSuspend(NfcTransportHandler.kt:80)
10-03 23:27:56.764 23717 23717 W FidoNfcHandler: at org.microg.gms.fido.core.transport.nfc.NfcTransportHandler$sign$2.invoke(Unknown Source:8)
10-03 23:27:56.764 23717 23717 W FidoNfcHandler: at org.microg.gms.fido.core.transport.nfc.NfcTransportHandler$sign$2.invoke(Unknown Source:4)
10-03 23:27:56.764 23717 23717 W FidoNfcHandler: at org.microg.gms.fido.core.transport.nfc.CtapNfcConnection.open(CtapNfcConnection.kt:115)
10-03 23:27:56.764 23717 23717 W FidoNfcHandler: at org.microg.gms.fido.core.transport.nfc.CtapNfcConnection$open$3.invokeSuspend(Unknown Source:15)
10-03 23:27:56.764 23717 23717 W FidoNfcHandler: at kotlin.coroutines.jvm.internal.BaseContinuationImpl.resumeWith(ContinuationImpl.kt:33)
10-03 23:27:56.764 23717 23717 W FidoNfcHandler: at kotlinx.coroutines.DispatchedTask.run(DispatchedTask.kt:106)
10-03 23:27:56.764 23717 23717 W FidoNfcHandler: at androidx.lifecycle.DispatchQueue.drainQueue(DispatchQueue.kt:75)
10-03 23:27:56.764 23717 23717 W FidoNfcHandler: at androidx.lifecycle.DispatchQueue.enqueue(DispatchQueue.kt:112)
10-03 23:27:56.764 23717 23717 W FidoNfcHandler: at androidx.lifecycle.DispatchQueue.dispatchAndEnqueue$lambda-2$lambda-1(DispatchQueue.kt:100)
10-03 23:27:56.764 23717 23717 W FidoNfcHandler: at androidx.lifecycle.DispatchQueue.$r8$lambda$G2ay370n_s_ksSHUJaD9zIU8eCw(Unknown Source:0)
10-03 23:27:56.764 23717 23717 W FidoNfcHandler: at androidx.lifecycle.DispatchQueue$$ExternalSyntheticLambda0.run(Unknown Source:4)
10-03 23:27:56.764 23717 23717 W FidoNfcHandler: at android.os.Handler.handleCallback(Handler.java:938)
10-03 23:27:56.764 23717 23717 W FidoNfcHandler: at android.os.Handler.dispatchMessage(Handler.java:99)
10-03 23:27:56.764 23717 23717 W FidoNfcHandler: at android.os.Looper.loop(Looper.java:223)
10-03 23:27:56.764 23717 23717 W FidoNfcHandler: at android.app.ActivityThread.main(ActivityThread.java:7666)
10-03 23:27:56.764 23717 23717 W FidoNfcHandler: at java.lang.reflect.Method.invoke(Native Method)
10-03 23:27:56.764 23717 23717 W FidoNfcHandler: at com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run(RuntimeInit.java:592)
10-03 23:27:56.764 23717 23717 W FidoNfcHandler: at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:947)
10-03 23:27:56.765 23717 23717 D FidoUi : NFC status set to waiting-for-device (null)
@TheEdgeOfRage your logs indicate that you have a PIN configured on the Yubikey, which is not yet supported.
I have it set on the GPG key, it never asks for a pin when doing regular FIDO stuff. But I guess it still interferes with the FIDO flow?
Just registered my Fairpone 3 (e/OS/ 1.4, Android 11, unknown microG version) and that worked in Firefox.
Then, authenticating with the just-registered key failed with a quite telling reason - see screenshot: the response sets the AT flag and sends attestation data, even though that is only expected to happen during the registration.
None of the FIDO authenticators I see in production (Yubikey, Feitian, Apple touchID, faceID, Windows Hello) ever sends AT during auth phase.
HTH.
@restena-sw I guess this is with the screen lock used as authenticator and not an external security key?
That's correct, it was screen-lock which then triggered the built-in fingerprint reader.
See §6.5 of the WebAuthn-2 spec:
"All this information is returned by authenticators any time a new public key credential is generated, in the overall form of an attestation object."
(note the new public key - i.e. during reg, not subsequent auth)
I see. This was fixed in 304c3522e992a3db641411fd21df4088db579dad, so I guess the version in /e/OS/ 1.4 just doesn't include that yet.
Ah, great! I'll merrily wait for that fix then (not interested in compiling an Android build myself really).
Unfortunately there is no change for me on latest nightly. Firefox (105.1.0) and Vivaldi still fail to bring up the prompts for auth. This is isolated to Google only. Fastmail and GitHub work fine.
Occasionally there is a brief popup before the page changes to 'There was something wrong', but it disappears quickly and it's difficult to repro, so I have no clue what the message on it is.
The latest nightly build currently is 0.2.24.223616-57 (ff5c5a7)
.
Are you sure to have this?
Yes, that's the one. Tried storage wipe on it, also on FF, as well as reinstall of FF. Same outcome in every case.
I've half a mind to do a full phone wipe, but can't do it before the weekend.
Could you please post a logcat?
@luken-dev Google Account sign-in with WebAuthn in Firefox (105.2.0) works for me. I guess we need a logcat here.
I have tried using my Ledger Nano S, a hw crypto wallet that also supports FIDO, through USB, but nothing is happening. Here's the steps I did:
Here's the logcat:
10-05 12:07:09.855 7431 7431 D FidoUsbHandler: Nano S has suitable hid interface 0
10-05 12:07:09.855 7431 7431 D FidoUsbHandler: Nano S has permission
10-05 12:07:09.860 7431 7431 D FidoUsbHandler: Signature: [REDACTED]
10-05 12:07:09.860 7431 7431 D UsbDeviceConnectionJNI: close
10-05 12:07:09.860 7431 7431 D FidoUsbHandler: Nano S signature does not match
10-05 12:07:09.860 7431 7431 D FidoUsbHandler: Nano S has suitable hid interface 1
10-05 12:07:09.860 7431 7431 D FidoUsbHandler: Nano S has permission
10-05 12:07:09.869 7431 7431 D FidoUsbHandler: Signature: [REDACTED]
10-05 12:07:09.869 7431 7431 D UsbDeviceConnectionJNI: close
10-05 12:07:09.869 7431 7431 D FidoUsbHandler: Trying to use Nano S for SIGN
10-05 12:07:09.869 7431 7431 D FidoUi : USB status set to waiting-for-user (Bundle[{device=UsbDevice[mName=/dev/bus/usb/001/003,mVendorId=11415,mProductId=4101,mClass=0,mSubclass=0,mProtocol=0,mManufacturerName=Ledger,mProductName=Nano S,mVersion=2.01,mSerialNumberReader=android.hardware.usb.IUsbSerialReader$Stub$Proxy@d047852, mHasAudioPlayback=false, mHasAudioCapture=false, mHasMidi=false, mHasVideoCapture=false, mHasVideoPlayback=false, mConfigurations=[
10-05 12:07:09.869 7431 7431 D FidoUi : UsbConfiguration[mId=1,mName=Nano S,mAttributes=192,mMaxPower=50,mInterfaces=[
10-05 12:07:09.869 7431 7431 D FidoUi : UsbInterface[mId=0,mAlternateSetting=0,mName=Nano S,mClass=3,mSubclass=0,mProtocol=0,mEndpoints=[
10-05 12:07:09.869 7431 7431 D FidoUi : UsbEndpoint[mAddress=130,mAttributes=3,mMaxPacketSize=64,mInterval=1]
10-05 12:07:09.869 7431 7431 D FidoUi : UsbEndpoint[mAddress=2,mAttributes=3,mMaxPacketSize=64,mInterval=1]]
10-05 12:07:09.869 7431 7431 D FidoUi : UsbInterface[mId=1,mAlternateSetting=0,mName=Nano S,mClass=3,mSubclass=1,mProtocol=1,mEndpoints=[
10-05 12:07:09.869 7431 7431 D FidoUi : UsbEndpoint[mAddress=129,mAttributes=3,mMaxPacketSize=64,mInterval=1]
10-05 12:07:09.869 7431 7431 D FidoUi : UsbEndpoint[mAddress=1,mAttributes=3,mMaxPacketSize=64,mInterval=1]]]]}])
10-05 12:07:09.869 7431 7431 D FidoCtapHidConnection: Opening connection
10-05 12:07:09.870 7431 7431 D FidoCtapHidConnection: Sending CtapHidInitRequest(nonce=a80CDpeB++A=) in 1 packets
10-05 12:07:09.870 7431 7431 D UsbRequestJNI: init
10-05 12:07:09.873 7431 7431 D UsbRequestJNI: close
10-05 12:07:09.873 7431 7431 W FidoUi : kotlinx.coroutines.TimeoutCancellationException: Timed out waiting for 1000 ms
10-05 12:07:09.873 7431 7431 W FidoUi : at kotlinx.coroutines.TimeoutKt.TimeoutCancellationException(Timeout.kt:184)
10-05 12:07:09.873 7431 7431 W FidoUi : at kotlinx.coroutines.TimeoutCoroutine.run(Timeout.kt:154)
10-05 12:07:09.873 7431 7431 W FidoUi : at kotlinx.coroutines.EventLoopImplBase$DelayedRunnableTask.run(EventLoop.common.kt:508)
10-05 12:07:09.873 7431 7431 W FidoUi : at kotlinx.coroutines.EventLoopImplBase.processNextEvent(EventLoop.common.kt:284)
10-05 12:07:09.873 7431 7431 W FidoUi : at kotlinx.coroutines.DefaultExecutor.run(DefaultExecutor.kt:108)
10-05 12:07:09.873 7431 7431 W FidoUi : at java.lang.Thread.run(Thread.java:923)
10-05 12:07:09.874 7431 7431 D FidoCtapHidConnection: Sent packet /////4YACGvNAg6XgfvgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
10-05 12:07:09.874 7431 7431 D UsbRequestJNI: close
10-05 12:07:09.874 7431 7431 D UsbRequestJNI: init
10-05 12:07:09.874 7431 7431 D FidoCtapHidConnection: Reading 64 bytes from usb
@TheEdgeOfRage
Logcat of two attempts at login below.
10-05 22:03:50.326 6140 6174 D GeckoIdleService: next timeout 5000 msec from now
10-05 22:03:50.326 6140 6174 D GeckoIdleService: SetTimerExpiryIfBefore: next timeout 5000 msec from now
10-05 22:03:50.326 6140 6174 D GeckoIdleService: reset timer expiry to 5010 msec from now
10-05 22:03:50.326 6140 6174 D GeckoIdleService: Reset idle timeout: tell observer 0x70cf7c9528 user is back
10-05 22:03:50.647 6140 6156 W GeckoEditable: Invalid token
10-05 22:03:51.952 3659 3659 V InlineSuggestionRenderService: handleDestroySuggestionViews called for 0:1597396344
10-05 22:03:51.969 6140 6140 I GeckoSession: handleMessage GeckoView:PageStart uri=
10-05 22:03:52.104 6140 6154 W System : A resource failed to call release.
10-05 22:03:52.104 6140 6154 W System : A resource failed to call release.
10-05 22:03:52.227 6140 6390 I places::storage::history: breadcrumb: apply_observation: begin_transaction
10-05 22:03:52.283 6140 6390 I places::storage::history: breadcrumb: apply_observation: commit
10-05 22:03:52.626 6140 6390 I places::storage::history: breadcrumb: apply_observation: begin_transaction
10-05 22:03:52.668 6140 6390 I places::storage::history: breadcrumb: apply_observation: commit
10-05 22:03:55.339 6140 6174 D GeckoIdleService: Get idle time: time since reset 4929 msec
10-05 22:03:55.339 6140 6174 D GeckoIdleService: Idle timer callback: current idle time 4929 msec
10-05 22:03:55.339 6140 6174 D GeckoIdleService: next timeout 71 msec from now
10-05 22:03:55.339 6140 6174 D GeckoIdleService: SetTimerExpiryIfBefore: next timeout 71 msec from now
10-05 22:03:55.340 6140 6174 D GeckoIdleService: reset timer expiry to 81 msec from now
10-05 22:03:55.408 6140 6390 I places::storage::history: breadcrumb: apply_observation: begin_transaction
10-05 22:03:55.436 6140 6174 D GeckoIdleService: Get idle time: time since reset 5025 msec
10-05 22:03:55.436 6140 6174 D GeckoIdleService: Idle timer callback: current idle time 5025 msec
10-05 22:03:55.436 6140 6174 D GeckoIdleService: next timeout 4294967289974 msec from now
10-05 22:03:55.436 6140 6174 D GeckoIdleService: SetTimerExpiryIfBefore: next timeout 4294967289974 msec from now
10-05 22:03:55.436 6140 6174 D GeckoIdleService: reset timer expiry to 4294967289984 msec from now
10-05 22:03:55.436 6140 6174 D GeckoIdleService: Idle timer callback: tell observer 0x70cf7c9528 user is idle
10-05 22:03:55.459 6140 6390 I places::storage::history: breadcrumb: apply_observation: commit
10-05 22:03:55.710 6140 6140 I GeckoSession: handleMessage GeckoView:PageStop uri=null
10-05 22:03:55.716 6140 6930 I SessionStorage/AutoSave: Save: Load finished
10-05 22:03:55.833 19616 19616 D Fido2Privileged: onBind: Intent { act=com.google.android.gms.fido.fido2.privileged.START pkg=com.google.android.gms }
10-05 22:03:55.863 19616 19636 D Fido2Privileged: bound by: GetServiceRequest{serviceId=FIDO2_PRIVILEGED, gmsVersion=12451000, packageName='org.mozilla.firefox', extras=Bundle[{FIDO2_ACTION_START_SERVICE=com.google.android.gms.fido.fido2.privileged.START}]}
10-05 22:03:55.956 6140 6140 I WebAuthnFeature: Received activity delegate request with code: 10
10-05 22:03:49.151 2730 2730 W NotificationHistory: Attempted to add notif for locked/gone/disabled user 0
10-05 22:03:55.957 2730 11408 I ActivityTaskManager: START u0 {cmp=com.google.android.gms/org.microg.gms.fido.core.ui.AuthenticatorActivity (has extras)} from uid 10085
10-05 22:03:55.966 572 572 I android.hardware.power-service-qti: Power setMode: 5 to: 1
10-05 22:03:55.977 2730 2795 D CompatibilityChangeReporter: Compat change id reported: 135634846; UID 10085; state: DISABLED
10-05 22:03:55.978 2730 2812 D CompatibilityChangeReporter: Compat change id reported: 143937733; UID 10085; state: DISABLED
10-05 22:03:55.997 2233 2233 D Zygote : Forked child process 7274
10-05 22:03:56.006 2730 2812 I ActivityManager: Start proc 7274:com.google.android.gms:ui/u0a85 for pre-top-activity {com.google.android.gms/org.microg.gms.fido.core.ui.AuthenticatorActivity}
10-05 22:03:56.014 7274 7274 E .android.gms:u: Not starting debugger since process cannot load the jdwp agent.
10-05 22:03:56.068 7274 7274 D ApplicationLoaders: Returning zygote-cached class loader: /system/framework/android.test.base.jar
10-05 22:03:56.072 7274 7274 W .android.gms:u: ClassLoaderContext classpath size mismatch. expected=1, found=0 (PCL[/system/framework/org.lineageos.platform.jar*1006563850] | PCL[])
10-05 22:03:56.090 7274 7274 D NetworkSecurityConfig: No Network Security Config specified, using platform default
10-05 22:03:56.090 7274 7274 D NetworkSecurityConfig: No Network Security Config specified, using platform default
10-05 22:03:56.091 7274 7274 I MultiDex: VM with version 2.1.0 has multidex support
10-05 22:03:56.091 7274 7274 I MultiDex: Installing application
10-05 22:03:56.091 7274 7274 I MultiDex: VM has multidex support, MultiDex support library is disabled.
10-05 22:03:56.155 7274 7274 D FidoUi : onCreate caller=org.mozilla.firefox options=BrowserPublicKeyCredentialRequestOptions[PublicKeyCredentialRequestOptions[challenge=AJhMu1kz8rOeOsZ9M7zD2WkLOJ1PfrhBLbk0QfjgRqmMi7NYhmT86icV8zEQ7Hznf7Vt0SaWLOPaupmm0LOshlyb_lId21Wy-F-DjspFeA2QIbHk4valH846MQilCFoWYT95oF7Ka20lMvqAG9fw7WmIM4YNwKaHGSrEGTDekND4RM61EV2sLyAwZbUHpPykoS9sxfDh9DBb26RpJXgyIAPKr_MEwNOkD1FuIwsdVnbYO44IgDFFH5ZIDNwPPpDWf9Fo8eBbWiVfSohDRg3RZC7VzEDV4uCDQOWJqeDNqeQA0L3zM7A1vFVF9Yc5E1J_cwSaUoR8OZ03wOe3ZMQFfwJuI-1nQXUizcdqTyrAi0IbT6woWMuaRhutKUK0kvkWa1jR7lgw4qDLHydx-N1HR7GH0jMkli6oPEjycFiMD_V4EZESZQYd0JRkjpB4MnKLLewdciJilkI1ZNAGuza0rSq-A3Qw9FAQrjMBzpRiBi457n29tYlFfoDyDK-sBNnQzQIaHRnUWqG4P7PuxYuDPcW5uNVfk7E7bWm6g9j64wv9Y0mWdIiUzL3QrzHVAFth6x5tfh60DdzjwatRbH-zmkExteyLOC2ToqIoVuDO1sufh06IaAR6RaehG3mZJq-OvpFsjglWzrs4PSXXo-8rCaS9_G5rezqHsjOeGKOExIsydeYDXLUo1FZEeBxWPyAyvSjCEXUr8TgE8a5pkZcfk7rG9bgGdRyP2gWRpAi7IZhiHlNRbiTQYlke1ZDKfiPtHpC6nvD4KgSMq7V2k0Daf3uccr_v_LdPNG9x9Xe3XiL4vfR1zsUHzzp9uVpjlJas_twSMfbAvqCQiaHvdkNknoX9EerHHEMwR4HyEOHfsdZceXL6S57igPHGhyM3YHLuTabH0EFUGdFDtbw3hwZGQL43O04pTS4aO-jOkoeFeEPIAS0pw04Ny77QN2SfcPKws9mU_j67FaN18sCAdKJXfgG3lnlGhZKudyWA5mS_zTVyIbpzKqo9n8P6yqk1AM4sjNX7-j_sjYolV2zyo2X7tJ5MeQFzVzrGQd9ryr7EJAKa5nvJV9vgbDDTQF0zG_jfl65OwP7HzGnTaUY6SPq91uRTonAJFk6sP4GkGuUXFvCxtrXLQKSsRY1oGOScKlUaGinANimFYg6hqdmLmWfoCOmwBT7fMlr_zDvSc1shGp5stoy2lesYKlbbgMHibbWFfShuiBIn-mUeaI7EKAGzaY-5mijTEaxQr_ze4bb_kbF48z0PGZlnQbgFFUsA_sk5LEqqYI4oOkvD7n0fISzIeytka2EyJq-Frpr76U35ZkPFKW1Gz-UrNf6zdWHbtfNnZ2nVtGr8HV37a2KacyFv0fMiDuxtfoeQtks28kABOVixgqR6ChQiUrFqAHiVPxAmjbvMkPDKI2wCjpzRh_tmrySzesvUWycdroVLCwXG8OMwVFEB1MJLgSjcG0MUauYfdPbeiO-g0xf4EqLR2OYQ6xH6Dhwtq3-jhDKmItDQI4TCdcYxtFlkaUuJFu_cHN7cdWFf48DxdObQ7-mklrdj0Z3mnuNB84V1X3YL5913_rh1gWwWLeu7vYVHEwqQaH_plzkgmJZ27oBhC_GC-nQmBnERoTg27COcLVFF9fBt_uFL8WyEXqYnyfsS7InNuoet6zOTgLc9_nVJhyOQmpFICK1FXWOzBNcU0SQuEJm4ETDBCSKj2r8S-h9fLWUB4oXk0UEHfarYrKuOLz5gz1l6sO4N6cPWBUGR4Z_kdjNLrYF3GyWjk36gts-7EwC8ZLkxDYMt8c_wzQhMJ14RrO-3Y2tu0e80o_UtvJKDkweOPyyTttFRPan3AfJRvrJDhYar3dEy5owumHvpmY__o8AX40ulLTt14E-8kKNfARwNXuHiAoJmPk8bsrHJqTAg5KZSxRURGQz0PHwSZ8mAbckrrT26OgBU8UMdps8UJjZExcwnlh6vm00eidj0XeXD8P4jjbwzEihVN7KtMjn37ETK4l80MdYSBkP7MkZQ_mFqb5pX8JumDRb7lJDhh3wlQgzsv-8c1FYnXU9x5vG3Ph9TC3nMg1PFCSYm3oWaK0U8PrGEfvOWXyjc4OPrZKNxDWQ4_S8dKtlDYrywatbm50Axl6IJz4cudkAc7Ef1Ki1avQaGO6-xzdQhHAQwpsvOYQbWr09f-2rwjIQJhjmXGBt5RQiOJUlZBnOGlyPC7-OagX_hLwlnkDzzI4OBWtN9NYPR7x3tW_kbmu3oyLMG4Z1Jrka-XNakD9ZGie5QdJZy3-2gdoiOI9YKuQgV2u-ZVdoJQwZg4R4BvdosrNcY3TS0H1BPgbPS6Ge3oSG5GPy1XNmRXzSkgxhXnWP5i7BHX_ZTEjbnAzIJds2iQYLg2UHEjmHVEm7Q8VuxkcK-VYtUZ1iV0HMDaDdKRFh89lYKpkeRaRvjJoUqDRD1KZgHKkyC1ElgmfP8hONkjOLO8RyF9KRknLS2H-uQEaNIMfcDPA0um8-hJN0urWuXJaFhNH4drz_TWSYAFdvWjPb259esatRQmGM5LuCaELsAD0dMcfxAqgoERoBjW2ki8g9_IY4OpLz0ekAfw7LD-CATILiaaiTOwTR2AWNJDhD8kybvLoMCyAy99Jhy6yJVz1yLkFDBrrQsZGjv42LTxAJcd2bDAW-Zk3P5HNrmSc_azJ-MXjfYWBvTeIP4Cl70ZRcfH6qKtocHzce7QS6EvSlcXhbLOkbHQBF3lkGrdQgyDhUBlZoZX713kfClBkkFeEVMktjSJlf1pWdihrJpxiW-3Zdiv_pxvrpmnhHYLbZgPUNvvpL19dL_OGyPxvtCEJBd4YKP5jdI4aMsZJTFhRr7Ll11NoGH9tkg5cE4AxOdPb8, timeoutSeconds=120.0, rpId="google.com", allowList=[PublicKeyCredentialDescriptor[W-DEYiPMMcqip9pm5ToRee3jCaOCZcc8qrIPUTuPGbOntMZx7ovaJBDKIXhZMhV60-_Y_7PIkwKSzZMu47sVhA, type=public-key, transports=[]], PublicKeyCredentialDescriptor[sWETwJbeOiv7aAIRqNdclyUXdM7A8Xe0kEN1Mz-dJHCRMXT3TTylpSWyYpGpYj11JuolVvuoK7qYFmLH_fT_nw, type=public-key, transports=[]]], authenticationExtensions=AuthenticationExtensions[fidoAppIdExtension="https://www.gstatic.com/securitykey/origins.json"]], origin=https://accounts.google.com]
10-05 22:03:56.227 7274 7274 D FidoUi : Finish with error: FIDO AppId must be same TLD+1 (NOT_ALLOWED_ERR)
10-05 22:03:56.270 6140 6140 I WebAuthnFeature: Received activity result with code: 10 and original request code: 10
10-05 22:03:56.281 6140 6140 E WebAuthnTokenManager: errorCode.name: NOT_ALLOWED_ERR
10-05 22:03:56.281 6140 6140 E WebAuthnTokenManager: errorMessage: FIDO AppId must be same TLD+1
10-05 22:03:56.298 572 572 I android.hardware.power-service-qti: Power setMode: 5 to: 0
10-05 22:03:56.339 3434 3451 W System : A resource failed to call release.
10-05 22:03:56.339 3434 3451 I chatty : uid=10149(com.android.launcher3) FinalizerDaemon identical 1 line
10-05 22:03:56.339 3434 3451 W System : A resource failed to call release.
10-05 22:03:56.352 6140 6390 I places::storage::history: breadcrumb: apply_observation: begin_transaction
10-05 22:03:56.385 6140 6390 I places::storage::history: breadcrumb: apply_observation: commit
10-05 22:03:56.412 3205 3236 I ndroid.systemu: NativeAlloc concurrent copying GC freed 25535(1260KB) AllocSpace objects, 2(40KB) LOS objects, 49% free, 10MB/20MB, paused 87us total 167.717ms
10-05 22:03:59.373 6140 6174 D GeckoIdleService: next timeout 5000 msec from now
10-05 22:03:59.373 6140 6174 D GeckoIdleService: SetTimerExpiryIfBefore: next timeout 5000 msec from now
10-05 22:03:59.373 6140 6174 D GeckoIdleService: reset timer expiry to 5010 msec from now
10-05 22:03:59.373 6140 6174 D GeckoIdleService: Reset idle timeout: tell observer 0x70cf7c9528 user is back
[ telephony & keyguard entries removed ]
10-05 22:04:00.365 6140 6390 I places::storage::history: breadcrumb: apply_observation: begin_transaction
10-05 22:04:00.398 6140 6390 I places::storage::history: breadcrumb: apply_observation: commit
10-05 22:04:00.483 6140 6140 I WebAuthnFeature: Received activity delegate request with code: 11
10-05 22:04:00.486 2730 11113 I ActivityTaskManager: START u0 {cmp=com.google.android.gms/org.microg.gms.fido.core.ui.AuthenticatorActivity (has extras)} from uid 10085
10-05 22:04:00.489 572 572 I android.hardware.power-service-qti: Power setMode: 5 to: 1
10-05 22:04:00.496 6140 6152 I mozilla.firefo: Background concurrent copying GC freed 162140(6069KB) AllocSpace objects, 8(132KB) LOS objects, 49% free, 4912KB/9825KB, paused 287us total 178.640ms
10-05 22:04:00.501 2730 11113 W ActivityTaskManager: Tried to set launchTime (0) < mLastActivityLaunchTime (63140476)
10-05 22:04:00.524 6140 6154 W System : A resource failed to call release.
10-05 22:04:00.537 7274 7274 D FidoUi : onCreate caller=org.mozilla.firefox options=BrowserPublicKeyCredentialRequestOptions[PublicKeyCredentialRequestOptions[challenge=AJhMu1kpVg9_Ct8qsWStT3NFCIJD12Xzwlj_TOzAWzHWll_mnVBVJNhn5CkobyRVX8EkUqoBWc9jwFUrYlZ6IdSu-ICzeZCBCXkERGNJUE3tER7YzAJIeYTRNUmS_QHUnYL-Y5236G3biSLRj4_A_CS-A6Jv4P0BsPBfpDHMqX2Z5ue0qeuQO2-Gd2dbOZjIx-gU6jI-TnuiUrgPkVg1RDzKTb30FiuDZDsTQQwpwad0oq1YFH04g53sExTTOZvXkxXk6hpCTovN8Yygo2T4VxVuSqmmlJVKxBwwTh9v6MKwldBuH026b-stGkzFnilzPVdyQGtD5X1u2A59uSe6meL8MM5A1iYJteHv6idHaNgghrWwdbNPNpwehidGQHWl7cCkvTvrmWGIkT_Ae6fhp04D_KBdpTaq1CpntfF9TolM5KpdVgRKhP9BDwtqd_b3MJLTI_RcANxGNwanZijB9w7s2Ja2xJHWZP0NhQLtIqTEDwLOhGZEOt4NcXy4BOZImxwCEwXU2Vy3HP465bYgVQIZUPWbw6dA1tvf4BmosJG2kC04hJW-S7CkjLHK_sXV5i3wF-g0mCCl__HIA7PW-t837_C4F42rhgzo6JycA2iQWCWg9D7kIBnUoLFJkp2zV8T-0M4rMXhlltmFGHzFONjWhIPwMK6l0X_qTs_2dEirkmS6n0yPVTpgKKxasevZ9gAp9k2NhTlZayKsCtzLQaNlBfZ_xMefObxIrqQQvJCXhrrEwVoWhu_tMKzRSDy9fDDjtbMh4K4r_IBZ_xa-ujxxDGIJ9iK__pqI21nH7ljG1L7bkbKnL-58ug-TdaKzrSxRcMmqd48th3ad5_cqeQrJiChPnq0rK3Vyk-RnC68PBBKlsvYw3yoUVf_zrUZTwaqMwpPMmx24sJ89Fj1BhvqyY9pCiVykn4gnYgzGWchO2DIg9PeM5lKCUILECycSNwVwTIPZXvXlyVFr5UgSeE96fLEW-_6Dgp1TOuGcGp8h2b1SjrVLOQbqwDECGYcz8w8dYH-RL9TYBcmUxv0m1JE9UID7KoTYaZrbZ1sxvaeGXtdboJsnO1o49mRrD7Nlh1nah1OrIsYy8obegePwzX4iiDiqX38uQ_2LyBGL_YM1ZInBTd8Zuyeem3ynWtjSTX6CcdoLLvA7S5xt_n49bvaDf_9UXB-jecryDbXOiafvuXo894F1gVfy8EfqV_8_Htd5NFa-nBPWwyEEA_kR_DdTbn0sykA0Tm0Qc8iLbQGqssoSkM1yrO6vvGiQUM2LI1cnVfW164GJBUNK1s1ZrezB1OL-npzBbtYZmV6Ne7SHvoPNZo10hc0Dgs_Hm6nJhANy1mC2jS3IUSzvQcueSjz78pAh10CsEcrxVvhxC1H8nOqMTmvXXxyzIP5tyDiVZN96r-4X2cEj297GpvUqQHAcEQ1_AgRQqR-5TrmbuRUJfHj8TUOnt8yLzunlwM2UPazvMiAV-V5VPgwh2EF1tIL_wkgmjqKkUvebbWtxQ834sQTnuWsIlCHOt5YSWNGCbMnB8Y3o04ajlT2ZFak0EgeooQXFJlg9MoMWDalj3QE6ECSzCKT5aE9fpb4wjwp4UED2UAG3YUcI2k6C7diSq68oJZtDPw2R6FZZ6JNGPIqIFTNgs2XjuNu3iCRRmU1UYltG_l1PwaYSy6sqlgHjBXsy_f0SjBYuBbCHHDSk2tETRKmoA86NKJ4cul9aM_FTRJLSsR-awSp2Usg2Do1BkoSn9chSeDve_Lql1nTEnN_kR_Yg9pRAzmvJIMinJYu4WcoDvdu_r5yFd0vgNeRdfePW6dDhygmSHlSsdflO8lnZsFH6LmZGeG71ZnkQwzjA_W-FG4PaCItLnofI8FggWRNfdEDvegkUqpxgdQDwEXJ_Vsvkzx0BM-2Vc-Ridcql4U9zk3xhQ4UbtJjKQILEAzWecfgJv-z8ALNYmGgv5DdwnvJgjbAgAIeoHAXwLIq3Sdb7d4JRZiskfcyoQTQyUIlKGMaWNZa-WfjwWcgKxGeWlJzsz5UaLq2L_kCoMtic9sHC3-xjFqyvA_lxtJPMfEwGvReTPNLzbHC04gBWkAXoJWcfS6wlktQQEetuBeboMmOevizt-bDOtrXvYQfJvJ30Ve7LxaaH117dmQNsubnT8fq3Nv-uGOYLt_O2TqSLHEiWAuqiLmNFv0rcxWQ6-dSq3BB98ReC8eTDPHo-FrBuLIxP5uYZQ5AAmyzNYlxKY-c8IF3memuvKn4MH4h6xUTBslAFIhqil6Crv3rPCugogkqPa4g6dpkF4GbVMDKsAC7drzyvB5oAuiVCugKoqWqPyT2P02CapXX7NkIh0MdgTwWtUSusf2MP5V2uvGBqTNj0MTLgMItyiOGZGpNqgDVxC_trXRVb2we6-ruC9XrEsBVk-tV6q9O9126QQGTI_A99Vqbal_8RntaPnds7zlgoinFdz_4SO7IuKMbOvjjejAXX6s5HGhsQS6KpZCgAIF1n00xmlxFNhQHUeS5y5ADNU4IcVMxa5osHEFgSJxBZ_A_vIdM2paG382WAm1VV267oIwqdP-fypBLWvglhfULLSEiJ_tqJTT1_jbwY7Z-cneG3p-jb2PgdSFG4SqOavl5MHc0B_qEVqjoH93k1xhUCYSFoY5EZyqggbuqF2ZvtfCKw31oZjWjGcnxEWpXzzBmN9d9JdzhI8V8WCv-0oujw80WGfUuMsudQnIgtvyYSIJ4Dfso_YdfhacXhJ5JMf9U9X6T2BhWLJs901T0d4W-l37NOEQvegZWcsuStXijiMjYeDbEImCOmV-6ywVWDQLb7ONYnbmTtuk5_3TAESVd0-HlDGjRDPXY5a_hrxmJup3IPbkura9ayDZg, timeoutSeconds=120.0, rpId="google.com", allowList=[PublicKeyCredentialDescriptor[W-DEYiPMMcqip9pm5ToRee3jCaOCZcc8qrIPUTuPGbOntMZx7ovaJBDKIXhZMhV60-_Y_7PIkwKSzZMu47sVhA, type=public-key, transports=[]], PublicKeyCredentialDescriptor[sWETwJbeOiv7aAIRqNdclyUXdM7A8Xe0kEN1Mz-dJHCRMXT3TTylpSWyYpGpYj11JuolVvuoK7qYFmLH_fT_nw, type=public-key, transports=[]]], authenticationExtensions=AuthenticationExtensions[fidoAppIdExtension="https://www.gstatic.com/securitykey/origins.json"]], origin=https://accounts.google.com]
10-05 22:04:00.538 7274 7274 D FidoUi : Finish with error: FIDO AppId must be same TLD+1 (NOT_ALLOWED_ERR)
10-05 22:04:00.564 6140 6140 I WebAuthnFeature: Received activity result with code: 11 and original request code: 11
10-05 22:04:00.577 6140 6140 E WebAuthnTokenManager: errorCode.name: NOT_ALLOWED_ERR
10-05 22:04:00.577 6140 6140 E WebAuthnTokenManager: errorMessage: FIDO AppId must be same TLD+1
10-05 22:04:00.590 572 572 I android.hardware.power-service-qti: Power setMode: 5 to: 0
10-05 22:04:00.658 6140 6390 I places::storage::history: breadcrumb: apply_observation: begin_transaction
10-05 22:04:00.672 3205 3236 I ndroid.systemu: NativeAlloc concurrent copying GC freed 3957(283KB) AllocSpace objects, 0(0B) LOS objects, 49% free, 10MB/20MB, paused 593us total 120.928ms
10-05 22:04:00.735 6140 6390 I places::storage::history: breadcrumb: apply_observation: commit
10-05 22:04:02.493 3205 3205 V ShadeControllerImpl: NotificationShadeWindow: com.android.systemui.statusbar.phone.NotificationShadeWindowView{2f20a7c I.E...... ......ID 0,0-1080,1920} canPanelBeCollapsed(): false
10-05 22:04:02.495 2730 11408 I ActivityTaskManager: START u0 {act=android.intent.action.MAIN cat=[android.intent.category.HOME] flg=0x10000000 pkg=com.android.launcher3 cmp=com.android.launcher3/.uioverrides.QuickstepLauncher (has extras)} from uid 10149
10-05 22:04:02.496 572 572 I android.hardware.power-service-qti: Power setMode: 5 to: 1
10-05 22:04:02.530 2730 3647 W ActivityManager: Unable to start service Intent { act=com.android.launcher3.WINDOW_OVERLAY dat=app://com.android.launcher3:10149?v=9&cv=14 pkg=com.google.android.googlequicksearchbox } U=0: not found
10-05 22:04:02.532 3434 3434 D RecentsOrientedState: current RecentsOrientedState: [this=RecentsOrientedState@c2f9bc4 mOrientationHandler=PortraitPagedViewHandler@f533aad mDisplayRotation=0 mTouchRotation=0 mRecentsActivityRotation=0 isRecentsActivityRotationAllowed=false mSystemRotation=false mFlags=291]
10-05 22:04:02.536 2730 11408 W ActivityManager: Unable to start service Intent { act=com.android.launcher3.WINDOW_OVERLAY dat=app://com.android.launcher3:10149?v=9&cv=14 pkg=com.google.android.googlequicksearchbox } U=0: not found
10-05 22:04:02.532 3434 3434 D RecentsOrientedState: current RecentsOrientedState: [this=RecentsOrientedState@c2f9bc4 mOrientationHandler=PortraitPagedViewHandler@f533aad mDisplayRotation=0 mTouchRotation=0 mRecentsActivityRotation=0 isRecentsActivityRotationAllowed=false mSystemRotation=false mFlags=291]
10-05 22:04:02.578 3434 3434 D RecentsOrientedState: current RecentsOrientedState: [this=RecentsOrientedState@4c45838 mOrientationHandler=PortraitPagedViewHandler@f533aad mDisplayRotation=0 mTouchRotation=0 mRecentsActivityRotation=0 isRecentsActivityRotationAllowed=false mSystemRotation=false mFlags=35]
10-05 22:04:02.578 3434 3434 I chatty : uid=10149(com.android.launcher3) identical 2 lines
10-05 22:04:02.578 3434 3434 D RecentsOrientedState: current RecentsOrientedState: [this=RecentsOrientedState@4c45838 mOrientationHandler=PortraitPagedViewHandler@f533aad mDisplayRotation=0 mTouchRotation=0 mRecentsActivityRotation=0 isRecentsActivityRotationAllowed=false mSystemRotation=false mFlags=35]
10-05 22:04:02.581 572 572 I android.hardware.power-service-qti: Power setMode: 5 to: 0
10-05 22:04:02.694 3205 3236 I ndroid.systemu: NativeAlloc concurrent copying GC freed 1741(175KB) AllocSpace objects, 0(0B) LOS objects, 49% free, 10MB/20MB, paused 82us total 104.298ms
10-05 22:04:02.894 619 619 E Layer : [Surface(name=Task=1)/@0x6d6133a - animation-leash#0] No local sync point found
10-05 22:04:02.895 619 619 E Layer : [Surface(name=Task=144)/@0xe9d808d - animation-leash#0] No local sync point found
10-05 22:04:02.900 6140 6140 I MemoryController: onTrimMemory(20)
10-05 22:04:02.900 6140 6140 I FenixApplication: onTrimMemory(), level=20, main=true
10-05 22:04:03.230 6140 6140 I SessionStorage/AutoSave: Save: Background
10-05 22:04:03.242 6140 6172 I libglean_ffi: glean_core::metrics::ping: Glean disabled: not submitting any pings.
10-05 22:04:03.242 6140 6172 I libglean_ffi: glean_core::core: baseline ping not submitted on inactive
10-05 22:04:03.242 6140 6172 I libglean_ffi: glean_core::metrics::ping: Glean disabled: not submitting any pings.
10-05 22:04:03.242 6140 6172 I libglean_ffi: glean_core::core: events ping not submitted on inactive
10-05 22:04:03.329 2730 11113 D ConnectivityService: requestNetwork for uid/pid:10167/6140 NetworkRequest [ TRACK_DEFAULT id=2664, [ Capabilities: INTERNET&NOT_RESTRICTED&TRUSTED Uid: 10167 AdministratorUids: [] RequestorUid: 10167 RequestorPackageName: org.mozilla.firefox] ]
10-05 22:04:03.329 2730 3161 D ConnectivityService: NetReassign [2664 : null → 129]
10-05 22:04:03.331 2730 3157 D UntrustedWifiNetworkFactory: got request NetworkRequest [ TRACK_DEFAULT id=2664, [ Capabilities: INTERNET&NOT_RESTRICTED&TRUSTED Uid: 10167 AdministratorUids: [] RequestorUid: 10167 RequestorPackageName: org.mozilla.firefox] ] with score 60 and providerId 5
10-05 22:04:03.333 2730 3193 D Ethernet: got request NetworkRequest [ TRACK_DEFAULT id=2664, [ Capabilities: INTERNET&NOT_RESTRICTED&TRUSTED Uid: 10167 AdministratorUids: [] RequestorUid: 10167 RequestorPackageName: org.mozilla.firefox] ] with score 60 and providerId 5
10-05 22:04:03.334 3614 3614 D PhoneSwitcherNetworkRequstListener: got request NetworkRequest [ TRACK_DEFAULT id=2664, [ Capabilities: INTERNET&NOT_RESTRICTED&TRUSTED Uid: 10167 AdministratorUids: [] RequestorUid: 10167 RequestorPackageName: org.mozilla.firefox] ] with score 60 and providerId 5
10-05 22:04:03.334 2730 3157 D WifiNetworkFactory: got request NetworkRequest [ TRACK_DEFAULT id=2664, [ Capabilities: INTERNET&NOT_RESTRICTED&TRUSTED Uid: 10167 AdministratorUids: [] RequestorUid: 10167 RequestorPackageName: org.mozilla.firefox] ] with score 60 and providerId 5
[ telephony & keyguard entries removed ]
10-05 22:04:03.359 3614 3614 D Telephony: isEmergencyPreferredAccount: subId=1, activeData=1
10-05 22:04:03.359 3614 3614 D Telephony: isEmergencyPreferredAccount: Device does not require preference.
10-05 22:04:03.359 3614 3614 D Telephony: isEmergencyPreferredAccount: subId=2, activeData=1
10-05 22:04:03.359 3614 3614 D Telephony: isEmergencyPreferredAccount: Device does not require preference.
10-05 22:04:03.372 6140 6260 I libglean_ffi: glean_core::upload: New upload task with id db44e1bc-24bd-4ac7-8846-183163def2f8 (path: /submit/org-mozilla-firefox/deletion-request/1/db44e1bc-24bd-4ac7-8846-183163def2f8)
10-05 22:04:03.431 6140 6260 W glean/ConceptFetchHttpUploader: IOException while uploading ping
10-05 22:04:03.431 6140 6260 W glean/ConceptFetchHttpUploader: java.io.IOException: org.mozilla.geckoview.WebRequestError: Request failed, error=0x43, category=0x3
10-05 22:04:03.431 6140 6260 W glean/ConceptFetchHttpUploader: at mozilla.components.browser.engine.gecko.fetch.GeckoViewFetchClient.fetch(GeckoViewFetchClient.kt:63)
10-05 22:04:03.431 6140 6260 W glean/ConceptFetchHttpUploader: at mozilla.components.service.glean.net.ConceptFetchHttpUploader.performUpload$service_glean_release(ConceptFetchHttpUploader.kt:5)
10-05 22:04:03.431 6140 6260 W glean/ConceptFetchHttpUploader: at mozilla.components.service.glean.net.ConceptFetchHttpUploader.upload(ConceptFetchHttpUploader.kt:14)
10-05 22:04:03.431 6140 6260 W glean/ConceptFetchHttpUploader: at mozilla.telemetry.glean.net.BaseUploader.upload(Unknown Source:17)
10-05 22:04:03.431 6140 6260 W glean/ConceptFetchHttpUploader: at mozilla.telemetry.glean.net.BaseUploader.doUpload$glean_release(BaseUploader.kt:2)
10-05 22:04:03.431 6140 6260 W glean/ConceptFetchHttpUploader: at mozilla.telemetry.glean.scheduler.PingUploadWorker.doWork(PingUploadWorker.kt:16)
10-05 22:04:03.431 6140 6260 W glean/ConceptFetchHttpUploader: at androidx.work.Worker$1.run(Worker.java:1)
10-05 22:04:03.431 6140 6260 W glean/ConceptFetchHttpUploader: at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1167)
10-05 22:04:03.431 6140 6260 W glean/ConceptFetchHttpUploader: at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:641)
10-05 22:04:03.431 6140 6260 W glean/ConceptFetchHttpUploader: at java.lang.Thread.run(Thread.java:923)
10-05 22:04:03.431 6140 6260 W glean/ConceptFetchHttpUploader: Caused by: org.mozilla.geckoview.WebRequestError: Request failed, error=0x43, category=0x3
10-05 22:04:03.431 6140 6260 W glean/ConceptFetchHttpUploader: at org.mozilla.gecko.mozglue.GeckoLoader.nativeRun(Native Method)
10-05 22:04:03.431 6140 6260 W glean/ConceptFetchHttpUploader: at org.mozilla.gecko.GeckoThread.run(GeckoThread.java:151)
10-05 22:04:03.433 6140 6260 W libglean_ffi: glean_core::upload: Recoverable upload failure while attempting to send ping db44e1bc-24bd-4ac7-8846-183163def2f8, will retry. Error was RecoverableFailure { unused: 0 }
10-05 22:04:03.433 6140 6260 I libglean_ffi: glean_core::upload::directory: Processing ping at: /data/user/0/org.mozilla.firefox/glean_data/deletion_request/db44e1bc-24bd-4ac7-8846-183163def2f8
10-05 22:04:03.435 6140 6260 I libglean_ffi: glean_core::upload: New upload task with id db44e1bc-24bd-4ac7-8846-183163def2f8 (path: /submit/org-mozilla-firefox/deletion-request/1/db44e1bc-24bd-4ac7-8846-183163def2f8)
10-05 22:04:03.471 6140 6260 W glean/ConceptFetchHttpUploader: IOException while uploading ping
10-05 22:04:03.471 6140 6260 W glean/ConceptFetchHttpUploader: java.io.IOException: org.mozilla.geckoview.WebRequestError: Request failed, error=0x43, category=0x3
10-05 22:04:03.471 6140 6260 W glean/ConceptFetchHttpUploader: at mozilla.components.browser.engine.gecko.fetch.GeckoViewFetchClient.fetch(GeckoViewFetchClient.kt:63)
10-05 22:04:03.471 6140 6260 W glean/ConceptFetchHttpUploader: at mozilla.components.service.glean.net.ConceptFetchHttpUploader.performUpload$service_glean_release(ConceptFetchHttpUploader.kt:5)
10-05 22:04:03.471 6140 6260 W glean/ConceptFetchHttpUploader: at mozilla.components.service.glean.net.ConceptFetchHttpUploader.upload(ConceptFetchHttpUploader.kt:14)
10-05 22:04:03.471 6140 6260 W glean/ConceptFetchHttpUploader: at mozilla.telemetry.glean.net.BaseUploader.upload(Unknown Source:17)
10-05 22:04:03.471 6140 6260 W glean/ConceptFetchHttpUploader: at mozilla.telemetry.glean.net.BaseUploader.doUpload$glean_release(BaseUploader.kt:2)
10-05 22:04:03.471 6140 6260 W glean/ConceptFetchHttpUploader: at mozilla.telemetry.glean.scheduler.PingUploadWorker.doWork(PingUploadWorker.kt:16)
10-05 22:04:03.471 6140 6260 W glean/ConceptFetchHttpUploader: at androidx.work.Worker$1.run(Worker.java:1)
10-05 22:04:03.471 6140 6260 W glean/ConceptFetchHttpUploader: at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1167)
10-05 22:04:03.471 6140 6260 W glean/ConceptFetchHttpUploader: at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:641)
10-05 22:04:03.471 6140 6260 W glean/ConceptFetchHttpUploader: at java.lang.Thread.run(Thread.java:923)
10-05 22:04:03.471 6140 6260 W glean/ConceptFetchHttpUploader: Caused by: org.mozilla.geckoview.WebRequestError: Request failed, error=0x43, category=0x3
10-05 22:04:03.471 6140 6260 W glean/ConceptFetchHttpUploader: at org.mozilla.gecko.mozglue.GeckoLoader.nativeRun(Native Method)
10-05 22:04:03.471 6140 6260 W glean/ConceptFetchHttpUploader: at org.mozilla.gecko.GeckoThread.run(GeckoThread.java:151)
10-05 22:04:03.472 6140 6260 W libglean_ffi: glean_core::upload: Recoverable upload failure while attempting to send ping db44e1bc-24bd-4ac7-8846-183163def2f8, will retry. Error was RecoverableFailure { unused: 0 }
10-05 22:04:03.473 6140 6260 I libglean_ffi: glean_core::upload::directory: Processing ping at: /data/user/0/org.mozilla.firefox/glean_data/deletion_request/db44e1bc-24bd-4ac7-8846-183163def2f8
10-05 22:04:03.474 6140 6260 I libglean_ffi: glean_core::upload: New upload task with id db44e1bc-24bd-4ac7-8846-183163def2f8 (path: /submit/org-mozilla-firefox/deletion-request/1/db44e1bc-24bd-4ac7-8846-183163def2f8)
10-05 22:04:03.491 6140 6260 W glean/ConceptFetchHttpUploader: IOException while uploading ping
10-05 22:04:03.491 6140 6260 W glean/ConceptFetchHttpUploader: java.io.IOException: org.mozilla.geckoview.WebRequestError: Request failed, error=0x43, category=0x3
10-05 22:04:03.491 6140 6260 W glean/ConceptFetchHttpUploader: at mozilla.components.browser.engine.gecko.fetch.GeckoViewFetchClient.fetch(GeckoViewFetchClient.kt:63)
10-05 22:04:03.491 6140 6260 W glean/ConceptFetchHttpUploader: at mozilla.components.service.glean.net.ConceptFetchHttpUploader.performUpload$service_glean_release(ConceptFetchHttpUploader.kt:5)
10-05 22:04:03.491 6140 6260 W glean/ConceptFetchHttpUploader: at mozilla.components.service.glean.net.ConceptFetchHttpUploader.upload(ConceptFetchHttpUploader.kt:14)
10-05 22:04:03.491 6140 6260 W glean/ConceptFetchHttpUploader: at mozilla.telemetry.glean.net.BaseUploader.upload(Unknown Source:17)
10-05 22:04:03.491 6140 6260 W glean/ConceptFetchHttpUploader: at mozilla.telemetry.glean.net.BaseUploader.doUpload$glean_release(BaseUploader.kt:2)
10-05 22:04:03.491 6140 6260 W glean/ConceptFetchHttpUploader: at mozilla.telemetry.glean.scheduler.PingUploadWorker.doWork(PingUploadWorker.kt:16)
10-05 22:04:03.491 6140 6260 W glean/ConceptFetchHttpUploader: at androidx.work.Worker$1.run(Worker.java:1)
10-05 22:04:03.491 6140 6260 W glean/ConceptFetchHttpUploader: at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1167)
10-05 22:04:03.491 6140 6260 W glean/ConceptFetchHttpUploader: at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:641)
10-05 22:04:03.491 6140 6260 W glean/ConceptFetchHttpUploader: at java.lang.Thread.run(Thread.java:923)
10-05 22:04:03.491 6140 6260 W glean/ConceptFetchHttpUploader: Caused by: org.mozilla.geckoview.WebRequestError: Request failed, error=0x43, category=0x3
10-05 22:04:03.491 6140 6260 W glean/ConceptFetchHttpUploader: at org.mozilla.gecko.mozglue.GeckoLoader.nativeRun(Native Method)
10-05 22:04:03.491 6140 6260 W glean/ConceptFetchHttpUploader: at org.mozilla.gecko.GeckoThread.run(GeckoThread.java:151)
10-05 22:04:03.493 6140 6260 W libglean_ffi: glean_core::upload: Recoverable upload failure while attempting to send ping db44e1bc-24bd-4ac7-8846-183163def2f8, will retry. Error was RecoverableFailure { unused: 0 }
10-05 22:04:03.493 6140 6260 I libglean_ffi: glean_core::upload::directory: Processing ping at: /data/user/0/org.mozilla.firefox/glean_data/deletion_request/db44e1bc-24bd-4ac7-8846-183163def2f8
10-05 22:04:03.494 6140 6260 W libglean_ffi: glean_core::upload: Reached maximum recoverable failures for the current uploading window. You are done.
10-05 22:04:03.497 6140 6210 I WM-WorkerWrapper: Worker result SUCCESS for Work [ id=62e5166c-ddc5-4ebe-a445-2e510b1f8862, tags={ mozilla.telemetry.glean.scheduler.PingUploadWorker, mozac_service_glean_ping_upload_worker } ]
10-05 22:04:03.502 2730 3161 D ConnectivityService: releasing NetworkRequest [ TRACK_DEFAULT id=2664, [ Capabilities: INTERNET&NOT_RESTRICTED&TRUSTED Uid: 10167 AdministratorUids: [] RequestorUid: 10167 RequestorPackageName: org.mozilla.firefox] ] (release request)
Maybe I'm again living in the past with my Fairphone 3 /e/OS 1.4 build, apologies. In case not:
I tried to register the Fairphone against a server that required Passwordless compatibility (userVerification required, residentKey required, keyProps report requested, credProtect = 2 required). Basically the client-side JS you can find here: https://github.com/simplesamlphp/simplesamlphp-module-webauthn/blob/release-2.0/www/assets/js/webauthn.js#L116
To my surprise, the microG "token" went through a successful registration but did not report about a resident key being created (it did execute and report about userVerification being done).
This is not a conformant implementation: if residentKey is set to required, it needs to fail the registration process if it cannot assert resident keys. And if it does support resident keys with the credProps client extension, it needs to respond with credProps or fail the request if it doesn't understand the extension.
Of course, once it properly creates and stores and reports about resident keys, a natural question would be how the security of the stored credentials is ascertained. Like, does microG use TEE storage if available on the phone, etc.
Hi @restena-sw
First of all, thanks for looking into these things, it's very much appreciated.
The WebAuthn implementation on Android is a little bit more complex than on desktops. This is because parts of what the client / user agent is supposed to do according to the WebAuthn specification are done in the browser app, while other parts are done in Play Services / microG.
Browsers do not forward the credProps extension from the webauthn registration operation to microG. Either it is meant to be handled entirely in the browser, or not supported at all. credProps was also not part of WebAuthn L1, so maybe support for L2 is just not available to Android yet (enterprise attestation also is not supported).
microG does store the keys in the Android key store, which will use TEE or SE on supported devices. Since 304c3522e992a3db641411fd21df4088db579dad we also have support for the android-key attestation statement on supported devices (and android-safetynet attestation statement for unsupported devices).
I believe https://github.com/microg/GmsCore/wiki/Implementation-Status needs updating to indicate partial support?
Hi, Tried installing latest nightly on a fresh LineageOS install, and it works exactly the same. Keys work, with the exception of logging into a Google account, which fails to bring up a security key prompt.
Re the firefox tests on e/OS/: my bad... yes, I tried Firefox which means there is no Level 2 support - Firefox has open bugs and lots of votes on passwordless FIDO. Also on a desktop, Firefox doesn't know how to handle passwordless. I should really have run those tests with a Chromium-based browser, where Level 2 is available.
So I used the e/OS/ built-in fork of Bromite, but that doesn't have any FIDO capabilities at all :-( So, for the moment, there is no way for me to test UV, resident keys or credProtect on this device. IOW: forgot what I said.
FWIW, credProps is indeed part of WebAuthN Level 2, see chapter 10.4 (https://www.w3.org/TR/webauthn/#sctn-authenticator-credential-properties-extension)
@restena-sw According to https://chromestatus.com/feature/5701094648840192 credProps extension support is only available on Chrome/Chromium Desktop since version 89. Mobile Chrome (and forks) are still at L1. The latest (beta) version of the official fido library for Android (available here) is dated January 2021 and does not support L2, the PR for WebAuthn L2 is dated February 2021 and Chrome 89 was released March 2021. So for now, no support for WebAuthn L2 on Android (when using the official fido library, other implementations like the Hardware Security SDK might be able to support it in case you need it).
Hi, Tried installing latest nightly on a fresh LineageOS install, and it works exactly the same. Keys work, with the exception of logging into a Google account, which fails to bring up a security key prompt.
@luken-dev A logcat would surely help in debugging this issue.
@mar-v-in Soon I will be able to test it with a Fido2 key that support USB/NFC/Bluetooth. How is the current bluetooth support?
I don't have a key with Bluetooth yet, so I couldn't test and thus didn't start development
Meanwhile I will report whether it works or not with USB once it is arrived. I have ordered this: https://shop.ftsafe.us/collections/multipass-fido-series/products/k25
@Yannik see here: https://github.com/microg/GmsCore/issues/849#issuecomment-1268929313
@mar-v-in I have seen a report on a forum that say that adding a Google account with SafetyNet disabled make microG 0.2.25.223616 crash. It may be related to the new FIDO code.
@ale5000-git It's not directly related to FIDO code but was introduced with adding support for DroidGuard attestation for MinuteMaid account sign-up flow (which indeed is new in 0.2.25).
Just confirmed that a Fairphone 3 with e/OS/ 1.5 Android 12 (microG 0.2.24.223616-101) can both register and authenticate WebAuthN with the fingerprint sensor of the device. Hooray! Given the absence of a browser app that could possibly support Passwordless auth, I guess this is as far as we can go right now. Thanks VERY much @mar-v-in !
Hey there,
I use LineageOS for MicroG on my NFC enabled phone and recently bought a Yubikey 5 NFC. While the phone does detect the Yubikey via NFC or UCB-OTG, there seems to be no support for U2F/ Fido2 / webauthn. I used the Yubico U2F demo site to test it.
If I understand correctly, this functionality is provided on stock Android with the usual Google Apps through the Google play services library, which then exposes it via an API to the mobile browser. On my device, depending on the browser I either get "The user agent does not support public key credentials" (Jelly), or I get a timeout while trying (Chrome, Firefox, Brave).
On a non LineageOS / non-microg device with the Chrome browser, the Yubico demo site works fine.
The browsers (except Jelly) all have support for U2F if I am not mistaken, so that is not the reason I think...
Are there any plans to incorporate this in MicroG? I could not find any info on it, so I'm asking here.
Thanks for any leads - and of course for MicroG in general, I appreciate it very much!