fido_dev_make_cred returns success but attstmt and authdata are null
VedaviBalaji opened this issue · 3 comments
Trying to perform registration using my YubiKey 5C Nano device.
I have a YubiKey 5C Nano device with PIN set. Product details - YubiKey OTP+FIDO+CCID.
I tried to use fido_dev_make_cred(device, cred, pin) , this returns a FIDO_ERR_SUCCESS but the attstmt and authdata are null. AFAIK, this device requires a touch to generate credentials, however, the UV support is FALSE and when fido_dev_make_cred is called, it bypasses the wait for touch and returns SUCCESS.
If I set the UV to fido_opt_t_FIDO_OPT_TRUE, it fails with UNSUPPORTED error, but that is because the fido_dev_supports_uv returns false.
Why is the touch bypassed and how can I get credentials with a device with PIN.
I am able to get this code to work with a device without PIN (setting the pin to NULL). Is PIN not supported for this device in libfido? What devices are supported with PIN ?
Platform: OSX
Language: libfido2 rust
Thanks.
Any FIDO2-compliant authenticator with clientPin support should work with libfido2. This is the case of the YubiKey 5C Nano, provided FIDO2 has not been disabled on the key. As to the exact issue you are observing, we would need a lot more info (outlined in https://github.com/Yubico/libfido2/blob/main/.github/ISSUE_TEMPLATE/bug_report.md) to understand the problem.
Thanks. I have created new bug report - #694.
Closing as a duplicate.