CTAPHID_MSG encoding
32 views
Skip to first unread message
Robin Krahl
Aug 5, 2022, 3:03:18 AM8/5/22
to fido...@fidoalliance.org
Hi,
according to the specification [0], the CTAPHID_MSG request and response
should contain n + 1 bytes: the U2F command byte and the data (request)
or the U2F status code and the data (response). Is this really correct?
The U2F standard [1] does not define a one-byte status code (only the
two-byte status code at the end of the response APDU). All
implementations that I checked seem to ignore this part of the spec and
only send the n data bytes (both in the request and response).
[0] https://fidoalliance.org/specs/fido-v2.1-ps-20210615/fido-client-to-authenticator-protocol-v2.1-ps-20210615.html#usb-hid-msg
[1] https://fidoalliance.org/specs/fido-u2f-v1.2-ps-20170411/fido-u2f-raw-message-formats-v1.2-ps-20170411.html
/Robin
according to the specification [0], the CTAPHID_MSG request and response
should contain n + 1 bytes: the U2F command byte and the data (request)
or the U2F status code and the data (response). Is this really correct?
The U2F standard [1] does not define a one-byte status code (only the
two-byte status code at the end of the response APDU). All
implementations that I checked seem to ignore this part of the spec and
only send the n data bytes (both in the request and response).
[0] https://fidoalliance.org/specs/fido-v2.1-ps-20210615/fido-client-to-authenticator-protocol-v2.1-ps-20210615.html#usb-hid-msg
[1] https://fidoalliance.org/specs/fido-u2f-v1.2-ps-20170411/fido-u2f-raw-message-formats-v1.2-ps-20170411.html
/Robin
Reply all
Reply to author
Forward
0 new messages