search

mphi-rc / pi-zero-security-key

A FIDO2 USB security key implementation for the Raspberry Pi Zero
Apache License 2.0
66 stars 7 forks source link

Several issues #3

Closed tejado closed 4 years ago

tejado commented 4 years ago

Hi,

at first, I have to thank you! This is really a great project and helps me a lot! But I wonder how you got it working in the current form...

  1. It seems that you don't set the high bit on the command field for all responses to differentiate it from continuation packets (reference -> "Command identifier (bit 7 always set)")
  2. pinHash will never be stored as Gson of optional byte[] fields needs additional serialization factory?!
  3. After creating the keys and sending back the assert during "make credential", no webauthn client is reacting on that. No error code... nothing :(
  4. Several minor topics

Maybe I'm missing something here?! Anyway, I learned a lot from your source and will definitly provide upstream patches if I will get it working... Do you have any hints (especially on point 2 and 3)?

tejado commented 4 years ago

I got it working. Point three was due to some timing issue caused by few adjustments. At least on Windows, it seems that it will get buggy if the responses will take too long.