[Webkit-unassigned] [Bug 213900] New: CTAP2 pin protocol command ordering bug.

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Thu Jul 2 14:38:44 PDT 2020 

https://bugs.webkit.org/show_bug.cgi?id=213900

            Bug ID: 213900
           Summary: CTAP2 pin protocol command ordering bug.
           Product: WebKit
           Version: Safari Technology Preview
          Hardware: iPhone / iPad
                OS: Other
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: WebCore Misc.
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: loginllama at gmail.com

In iOS 14 developer beta
The authenticator has a pin set:

The Authenticator is attached over USB/Lightning or NFC.

Tf the external key is removed from the NFC field or USB/Lightning port after the initial CTAP2 getKeyAgrement command getPinToken will fail.

The problem is that the getKeyAgrement happens before the user is prompted to enter pin.  With NFC the natural thing is to remove the key form the NFC field to use your hand to type the pin then tap again.   Unfortunately, since keys are powered via USB or NFC the key will generate a new EC key pair and that will not agree with the one the phone got prior to the power interuption.

The way that Windows 10 implemented it is with two taps.
The first tap the platform gets authenticatorGetInfo.
If the authenticator receives the option uv = True then it proceeds directly to getAssertion with the option uv=1 to trigger internal UV if that fails the authenticator will return pin-required.

If the authenticatorGetInfo has pinToken = true and (uv is not True or received a pin-required error from the previous step):
    Prompt user for pin 
    Prompt user to tap again or re-insert.
    Perform authenticatorClientPIN (0x06) with subcommand getKeyAgreement (0x03)
    Perform authenticatorClientPIN (0x06) with subcommand getPINToken (0x05)
    Perform authenticatorGetAssertion (0x02) with pinAuth form the previous step (might require more than one call depending on allow list size.)

Windows supports CCID NFC readers on the desktop. 
Android only supports CTAP1 over NFC so is not a good example. 

Brave uses the Yubico SDK to implement NFC support.  You can see the two tap pattern there.  Unfortunately, Brave seems to be having a NFC issue on iOS 14 but may work on iOS 13 or did not long ago.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20200702/7d7f843b/attachment-0001.htm>

More information about the webkit-unassigned mailing list