Jean-Michel Picod
Jean-Michel Picod
Looking at the packets exchanged, the firmware returns `0xF2` (vendor internal error) when receiving an `authenticatorGetInfo (0x04)` command. This can fail when the persistent storage fails to retrieve any of...
I think the reason we weren't adding the `--erase_storage` flag to `stable` is because we don't expect people flash the same dongle alternating between the 2 branches. We're doing our...
Will try to reproduce this morning. But the message tends to point towards modifications on the USB stack. We shouldn't see the error regarding the USB configuration.
I can reproduce on OSX. OpenSK isn't detected as FIDO2 HID device by python fido2 module: - `hid.CtapHidDevice.list_devices()` returns an empty list if OpenSK is the only plugged device -...
It's possible that they whitelist AAGUID to the FIDO certified ones. But my first guess would be to say that they're simply more pedantic about the attestation certificate. IIRC I...
It would be weird for Apple to validate the AAGUID against the MDS and not validate the associated certificates. At least I am aware that some companies start to validate...
That would need more tweaking because to fix the bypass, Nordic made changes to the way the JTAG lockdown works. So we would need to add code to support the...
Why don't you also run some test on Windows through github workflows? And you can even have a scheduled workflow to make a nightly build on all supported OSes every...
Thanks for your report. If I'm correct the Titan K40T is U2F (aka CTAP1) only and therefore it's expected that this security key won't understand CTAP2 protocol. Which is what...
I was also thinking that the tool should be able to distinguish between a the device under test that isn't supporting CTAP2.x protocols and a device that is supposed to...