U2F Devices may be unnecessarily abandoned |
||||||||
Issue descriptionCertain older U2F devices may not be able to handle key handles of a certain length. For instance, a particular Yubico consumer device responds with an undefined error code (0x50) when sent a key handle of length 80. The authenticator falls to https://cs.chromium.org/chromium/src/device/fido/u2f_sign_operation.cc?rcl=a979fce69fb980ef1284f29840eb601879677fa2&l=182 when an unknown error code is received, and no further key handles are checked. This means that if a valid key handle has not been checked, the authentication will never succeed.
,
Oct 23
,
Oct 23
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/9a9f7aa17fcb035f167bd5385ca70575be043fa4 commit 9a9f7aa17fcb035f167bd5385ca70575be043fa4 Author: Casey Piper <piperc@chromium.org> Date: Tue Oct 23 19:00:42 2018 Handle input size error codes when evaluating key handles Some security keys will respond with the length of the key handle as an error response instead of an ISO7816 error code. Handle these errors by treating them as an invalid length error so further key handles can still be evaluated. Bug: 898008 Change-Id: I9d604c2012b7eb452e6476e8ced38e51ebd316d4 Reviewed-on: https://chromium-review.googlesource.com/c/1296050 Commit-Queue: Casey Piper <piperc@chromium.org> Reviewed-by: Kim Paulhamus <kpaulhamus@chromium.org> Cr-Commit-Position: refs/heads/master@{#602039} [modify] https://crrev.com/9a9f7aa17fcb035f167bd5385ca70575be043fa4/device/fido/fido_test_data.h [modify] https://crrev.com/9a9f7aa17fcb035f167bd5385ca70575be043fa4/device/fido/u2f_sign_operation.cc [modify] https://crrev.com/9a9f7aa17fcb035f167bd5385ca70575be043fa4/device/fido/u2f_sign_operation_unittest.cc
,
Oct 23
,
Oct 25
Requesting merge of https://chromium-review.googlesource.com/c/chromium/src/+/1296050 to M71.
,
Oct 25
This bug requires manual review: M71 has already been promoted to the beta branch, so this requires manual review Please contact the milestone owner if you have questions. Owners: benmason@(Android), kariahda@(iOS), kbleicher@(ChromeOS), govind@(Desktop) For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
Oct 25
Could you pls provide merge safety and justification details as M71 is in Beta already?
,
Oct 25
Merge safety: Changes only apply to legacy devices that respond with an error code. Flag guarded behind "Web Authentication API". Justification: Affects external users using off-the-shelf security keys sold by Amazon.
,
Oct 25
Approving merge to M71 branch 3578 based on comment #8. Pls merge ASAP so we can pick it up for next week beta release. Thank you.
,
Oct 25
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/9069235fca0e46b5046c5d145d00e86769909bf2 commit 9069235fca0e46b5046c5d145d00e86769909bf2 Author: Casey Piper <piperc@chromium.org> Date: Thu Oct 25 18:13:02 2018 Handle input size error codes when evaluating key handles Some security keys will respond with the length of the key handle as an error response instead of an ISO7816 error code. Handle these errors by treating them as an invalid length error so further key handles can still be evaluated. Bug: 898008 Change-Id: I9d604c2012b7eb452e6476e8ced38e51ebd316d4 Reviewed-on: https://chromium-review.googlesource.com/c/1296050 Commit-Queue: Casey Piper <piperc@chromium.org> Reviewed-by: Kim Paulhamus <kpaulhamus@chromium.org> Cr-Original-Commit-Position: refs/heads/master@{#602039}(cherry picked from commit 9a9f7aa17fcb035f167bd5385ca70575be043fa4) Reviewed-on: https://chromium-review.googlesource.com/c/1299775 Reviewed-by: Jun Choi <hongjunchoi@chromium.org> Cr-Commit-Position: refs/branch-heads/3578@{#327} Cr-Branched-From: 4226ddf99103e493d7afb23a4c7902ee496108b6-refs/heads/master@{#599034} [modify] https://crrev.com/9069235fca0e46b5046c5d145d00e86769909bf2/device/fido/fido_test_data.h [modify] https://crrev.com/9069235fca0e46b5046c5d145d00e86769909bf2/device/fido/u2f_sign_operation.cc [modify] https://crrev.com/9069235fca0e46b5046c5d145d00e86769909bf2/device/fido/u2f_sign_operation_unittest.cc
,
Oct 25
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/9069235fca0e46b5046c5d145d00e86769909bf2 Commit: 9069235fca0e46b5046c5d145d00e86769909bf2 Author: piperc@chromium.org Commiter: hongjunchoi@chromium.org Date: 2018-10-25 18:13:02 +0000 UTC Handle input size error codes when evaluating key handles Some security keys will respond with the length of the key handle as an error response instead of an ISO7816 error code. Handle these errors by treating them as an invalid length error so further key handles can still be evaluated. Bug: 898008 Change-Id: I9d604c2012b7eb452e6476e8ced38e51ebd316d4 Reviewed-on: https://chromium-review.googlesource.com/c/1296050 Commit-Queue: Casey Piper <piperc@chromium.org> Reviewed-by: Kim Paulhamus <kpaulhamus@chromium.org> Cr-Original-Commit-Position: refs/heads/master@{#602039}(cherry picked from commit 9a9f7aa17fcb035f167bd5385ca70575be043fa4) Reviewed-on: https://chromium-review.googlesource.com/c/1299775 Reviewed-by: Jun Choi <hongjunchoi@chromium.org> Cr-Commit-Position: refs/branch-heads/3578@{#327} Cr-Branched-From: 4226ddf99103e493d7afb23a4c7902ee496108b6-refs/heads/master@{#599034} |
||||||||
►
Sign in to add a comment |
||||||||
Comment 1 by piperc@chromium.org
, Oct 23