android-webauthn-token icon indicating copy to clipboard operation
android-webauthn-token copied to clipboard

Published 20 hours ago verified publisher icon Trojan295

No Response of GET_INFO Command

Open GitPointer opened this issue 5 years ago • 4 comments

I tried to use it but i am getting stuck in middle. here are the steps i followed:

  1. For demo I am using https://webauthn.io on Mac Chrome version-75.0.3770.90
  2. Somehow i was able to do the pairing and my mobile device was displaying as Authenticator in this demo.
  3. When i clicked on my device for selection it call the onCharacteristicsWrite for GET_INFO command but after this there is no communication happened between FIDO Client and Authenticator.

Are you aware of this problem? please suggest how to run your demo app with https://webauthn.io

Attached Device log...... device_log.log

GitPointer avatar Jun 20 '19 02:06 GitPointer

@GitPointer From the logs I see on the Android device the authenticatorGetInfo and authenticatorMakeCredential requests, which means proabably the client received the response for getInfo. Unfortunately, I don't log anything about the response, so I don't really know, if and what response was send.

For each key signing (registration or login) you need to authenticate youself in the Android device using a fingerprint scanner (a popup for that should appear). I don't really know, what happens, if the device does not have such, cause I didn't test it on such one. Does your phone have that? Was there a prompt for scanning your fingerprint?

Trojan295 avatar Jun 21 '19 09:06 Trojan295

@Trojan295

For each key signing (registration or login) you need to authenticate youself in the Android device using a fingerprint scanner (a popup for that should appear). I don't really know, what happens, if the device does not have such, cause I didn't test it on such one. Does your phone have that? Was there a prompt for scanning your fingerprint?

My device support fingerprint scanner and i am not getting any prompt for scanning of fingerprint. What i think.. when i am running this application in debug i am getting call in onCharacteristicsWrite for GET_INFO command but after sending response to authenticator there is no call on onCharacteristicsWrite for MAKE_CREDENTIALS or GET_ASSERTION means there is something wrong in GET_INFO command?

GitPointer avatar Jun 24 '19 02:06 GitPointer

@GitPointer, there is the call for MAKE_CREDENTIALS in line 53 in your logs. In line 50 you have the GET_INFO request. From the point of view of the BLE interface it looks fine, cause the payloads are arriving at the smartphone, so I think it's not a problem with the CTAP part, but something with the key pair creation/biometric auth on the phone. I have only one device (OnePlus 5T) and it works there, and I'm not able to reproduce it.

It would be great, if we could setup some debugging session. Mail me at [email protected], if you are willing to.

Trojan295 avatar Jun 24 '19 13:06 Trojan295

@GitPointer, there is the call for MAKE_CREDENTIALS in line 53 in your logs. In line 50 you have the GET_INFO request. From the point of view of the BLE interface it looks fine, cause the payloads are arriving at the smartphone, so I think it's not a problem with the CTAP part, but something with the key pair creation/biometric auth on the phone. I have only one device (OnePlus 5T) and it works there, and I'm not able to reproduce it.

It would be great, if we could setup some debugging session. Mail me at [email protected], if you are willing to.

Thanks for the explanation..Let me check with some other devices...

GitPointer avatar Jun 25 '19 00:06 GitPointer