Fido2luks does not work #177
Comments
|
This is caused by a bug in a |
|
Though the algorithm field is really missing: https://github.com/shimunn/ctap/blob/bf862f6a4bbc007263cbe679db33c8dd3c2ffc79/src/cbor.rs#L589-L590 I’m not sure whether this is valid. |
|
Okay, it’s optional: https://www.rfc-editor.org/rfc/rfc8152#section-7
|
This patch replaces upstream ctap-types with a fork that improves compatibility when deserializing COSE keys. Fixes Nitrokey#177
|
Hi, sorry to bump this, but I'm curious about the state of this issue. Since the fido2luks project seems unmaintained/dead (although the software still works fine with the NK FIDO2), I'm wondering if this can be resolved from this side of the fence. |
|
@intr-cx The CTAP2 issues described above are fixed in the firmware, although we might revert some of the fixes in the future because the specification requires a strict implementation that rejects invalid data. Additionally, there is a bug in the USB descriptor parser used by fido2luks. We don’t want to work around that bug in the firmware. I’ve submitted patches to fix the parser. They might work for you, though I have only tested the device selection, not the entire LUKS setup: |
Fido2luks fails with setting up LUKS device. This works with Nitrokey FIDO2.
Dev returns:
Device returned error: CborError: 0x14: Missing non-optional parameter.)If I have not made mistake during the early retest, this was the
ktyfield, as reported byserde.Logs with full traffic attached, as well as the used Makefile.
Sim version:
v1.2.2-alpha.20221130-111-ga1d9dd0(currentmain), with updated dependencies to the latest (cargo update; see attached Cargo lock file).PS I expect the same problem occurs, while running example of the responsible for the ctap communication underlying
ctap_hmaccrate. Might be easier for the debugging.cc @robin-nitrokey
The text was updated successfully, but these errors were encountered: