I am implementing CTAP2 backward compatible U2F on USB, BLE hardware security key. It work with Facebook site. But google site RpID Hash (use to login with CTAP2) and APPID(use to register with U2F) is not same.
In addition, when I use the usb security key to login google site on Google Chrome Window, after I returning
CTAP2_ERR_NO_CREDENTIALS with the CTAP2 get assertion packages, the key continues to receive the U2f package. This is the opposite of BLE key, after I return
CTAP2_ERR_NO_CREDENTIALS with CTAP2 get assertion packets I don't get u2f packet but keep getting CTAP2 get assertion packet with payload that can't be parsing cbor.
This is packet BLE I can't be parsing cbor:
83 00 73 02 07 d8 77 dc 8c 0c 76 c6 6e a7 2b 84 d8 4b ea ec 20 52 f8 52 cb 47 83 19 96 76 c9 1f 5c 00 ac 61 cd a5 46 72 b2 22 c4 cf 95 e1 51 ed 8d 4d 3c 76 7a 6c c3 49 43 59 43 79 4e 88 4f 3d 02 3a 82 29 fd 30 c7 61 0a cd d7 0d db 4b 36 ce db ba 6c 0a b7 ae d2 0c cd 17 35 c6 51 43 5f 59 aa 65 be bf 60 aa 93 bd 30 da 33 dc 5a ed 88 d8 b9 0b 8d 59 01 5f
Has anyone encountered this situation before?