Yubico.NET.SDK icon indicating copy to clipboard operation
Yubico.NET.SDK copied to clipboard
verified publisher icon Yubico

[BUG] ApduException thrown when key reconnects after SetEnabledUsbCapabilities means YubiKeyDeviceListener doesn't properly load device

Open canton7 opened this issue 9 months ago • 0 comments

Is there an existing issue for this?

  • [x] I have searched the existing issues

Current Behavior

This is a fun one.

When you call IYubiKeyDevice.SetEnabledUsbCapabilities, the device disconnects and reconnects (as expected).

However, when it reconnects, there is an approximately 10% chance that YubiKeyDeviceListener internally throws an ApduException. This does get handled internally, but it means that the IYubiKeyDevice exposed by the YubiKeyDeviceListener hasn't been properly loaded, and it's impossible to perform basic operations on it. It seems to be impossible to get the YubiKeyDeviceListener to reload the device, short of disconnecting and reconnecting it.

The command I'm sending is either:

device.SetEnabledUsbCapabilities(YubiKeyCapabilities.Piv);

or:

device.SetEnabledUsbCapabilities(device.AvailableUsbCapabilities);

(both can trigger it)

The exception is:

Yubico.Core.Iso7816.ApduException
  HResult=0x80131500
  Message=Failed to select the smart card application. 0x6A82
  Source=Yubico.YubiKey
  StackTrace:
   at Yubico.YubiKey.SmartCardConnection.SelectApplication() in /_/Yubico.YubiKey/src/Yubico/YubiKey/SmartCardConnection.cs:line 197

The full call stack is:

Yubico.YubiKey.dll!Yubico.YubiKey.SmartCardConnection.SelectApplication() Line 197	C#
Yubico.YubiKey.dll!Yubico.YubiKey.SmartCardConnection.SmartCardConnection(Yubico.Core.Devices.SmartCard.ISmartCardDevice smartCardDevice, Yubico.YubiKey.YubiKeyApplication yubiKeyApplication) Line 61	C#
Yubico.YubiKey.dll!Yubico.YubiKey.SmartCardDeviceInfoFactory.TryGetSerialNumberFromOtp(Yubico.Core.Devices.SmartCard.ISmartCardDevice device, out int? serialNumber) Line 209	C#
Yubico.YubiKey.dll!Yubico.YubiKey.SmartCardDeviceInfoFactory.GetDeviceInfo(Yubico.Core.Devices.SmartCard.ISmartCardDevice device) Line 48	C#
Yubico.YubiKey.dll!Yubico.YubiKey.YubiKeyDevice.YubicoDeviceWithInfo.GetDeviceInfo() Line 163	C#
Yubico.YubiKey.dll!Yubico.YubiKey.YubiKeyDevice.YubicoDeviceWithInfo.YubicoDeviceWithInfo(Yubico.Core.Devices.IDevice device) Line 138	C#
Yubico.YubiKey.dll!Yubico.YubiKey.YubiKeyDeviceListener.Update() Line 202	C#
Yubico.YubiKey.dll!Yubico.YubiKey.YubiKeyDeviceListener.ListenForChanges() Line 147	C#

The responseApdu is: Image

This results in YubiKeyDeviceListener.Instance.Arrived being fired, but the device passed to it hasn't been properly initialised (this is a YubiKey 5 NFC): Image

Trying to call e.g. PivSession.GetMetadata on this device throws:

This operation is not supported by this version of YubiKey.
   at Yubico.YubiKey.Piv.PivSession.GetMetadata(Byte slotNumber)

And I can't find a way to get the SDK to re-load the device, without manually unplugging and re-inserting it.

Expected Behavior

Calling SetEnabledUsbCapabilities does not result in the SDK falling over itself in a way which means I can't interact with the device when it reconnects.

Steps To Reproduce

See above.

Version

1.13.0

Version

5.7.4

Anything else?

No response

canton7 avatar May 12 '25 14:05 canton7