Hi, I developed a BLE authenticator application for Android and iOS. I have tested it with webauthn.io, can do register and login in webauthn.io. However, I got a problem during login. Whenever I do login using Webauthn.io, Get assertion command always comes two times. So need to do fingerprint authentication two times as well, below is the detail:
1. Whenever we do login using Webauthn.io, Get assertion command always comes two times. Following is the sample of first get assertion command received by authenticator: 83007002A4016B776562617574686E2E696F025820C50B730F8BE2FF0F0B7BEDE87441BC2F5A96C4D004A47162A55F7BD74D3109B00381A262696458207B5CE0F1EB3D20988B4D22E88A365BB49AC640C0114DA776EA2202330634248164747970656A7075626C69632D6B657905A1627570F4.
After receiving above command, authenticator continue with fingerprint
authentication and send following response: 8300ED00A501A262696458207B5CE0F1EB3D20988B4D22E88A365BB49AC640C0114DA776EA2202330634248164747970656A7075626C69632D6B657902582574A6EA9213C99C2F74B22492B320CF40262A94C1A950A0397F29250B60841EF00500000001035846304402205868E68985086E4FFD51A66BC445B7B25B21BA447DAB3BEBF04DB9097885DE38022014DD62B10F811E9AC3DD6DEFC9531CE4076C49A697A33E6DDFC528B4E209C92C04A46269644AF7A00C00000000000000646E616D656C68616C6F7468697369736D656B646973706C61794E616D656C68616C6F7468697369736D656469636F6E600501.
2. Then, Webauthn.io send the second get
assertion command, following is the command: 83007402A4016B776562617574686E2E696F025820C50B730F8BE2FF0F0B7BEDE87441BC2F5A96C4D004A47162A55F7BD74D3109B00381A262696458207B5CE0F1EB3D20988B4D22E88A365BB49AC640C0114DA776EA2202330634248164747970656A7075626C69632D6B657905A2627570F5627576F5.
After receiving above command, authenticator continue with fingerprint
authentication and send following response: 8300EE00A501A262696458207B5CE0F1EB3D20988B4D22E88A365BB49AC640C0114DA776EA2202330634248164747970656A7075626C69632D6B657902582574A6EA9213C99C2F74B22492B320CF40262A94C1A950A0397F29250B60841EF005000000020358473045022033E026A6C4F1A1A6C57E3EFA9E7B62A4089135BA7E553EDD1CB44EF0D70E3F9A022100EC63F375F560B526A2762E09B7579AE37A2DF0E6500B95FEADACEC3A7199B28F04A46269644AF7A00C00000000000000646E616D656C68616C6F7468697369736D656B646973706C61794E616D656C68616C6F7468697369736D656469636F6E600501.
Only after the second response the login process in Webauthn.io
succeed. We tried to break out first and second Get assertion command, the only
different between them is the option value. The first command, the option value
is “up = false” and the second command the value is “up = true, uv =
true”. Can you suggest us how to solve this issue, so the Authenticator
only receive 1 Get assertion command? FYI, our FIDO Authenticator option is,
up = false, uv = true and rk = true
Really appreciate your help on this issue.
Best Regards,
Thank you
--
You received this message because you are subscribed to the Google Groups "FIDO Dev (fido-dev)" group.
To unsubscribe from this group and stop receiving emails from it, send an email to fido-dev+u...@fidoalliance.org.
To view this discussion on the web visit https://groups.google.com/a/fidoalliance.org/d/msgid/fido-dev/8e641b77-7b44-4cce-a106-cebfdf552670n%40fidoalliance.org.