Closed Bug 1400522 Opened 8 years ago Closed 8 years ago

Testing U2F WebAPI - Fx Nightly build 20170915220136 on Arch

Categories

(Core :: DOM: Device Interfaces, defect, P2)

Product:
Core
Component:
DOM: Device Interfaces
Version:
57 Branch
Type:
defect

Tracking

()

Status:
RESOLVED INVALID

People

(Reporter: davross, Unassigned)

Details

(Whiteboard: [webauthn] [webauthn-test] [u2f])

User Agent: Mozilla/5.0 (X11; Linux x86_64; rv:55.0) Gecko/20100101 Firefox/55.0 Build ID: 20170824123605 Steps to reproduce: about:config | search U2F | enable security.webauth.u2f_enable_usbtoken | enable security.webauth.u2f Yubikey 4 - setup with OTP in slot 1, and a fixed master password in slot 2. Navigate to test site 1: https://u2f.bin.coffee/ Navigate to test site 2: https://demo.yubico.com/?tab=one-factor Navigate to test site 3: https://mail.google.com/ Actual results: Test site 1 registers use of key only in `U2F Register`. Does not access slot 2. Test site 2 registers use of both slot 1 and slot 2 as expected. Test site 3 flags "Use your Security Key in Chrome. Security Keys don't work with this browser. Try again in Chrome." Expected results: Full access to U2F WebAPI
Component: Untriaged → DOM: Device Interfaces
Product: Firefox → Core
Test site 4: https://github.com/login My settings are for it to requires OTP. Working in Fx 55 with https://addons.mozilla.org/en-US/firefox/addon/u2f-support-add-on/ Result: "This device is not a registered security key." Needs configuring again by using this WebAPI?
Logged into Github in Nightly by using recovery code. Attempt to add Yubikey results in "This device is already registered."
I'm not sure of the more advanced features of setting up Yubikeys, whether U2F support is always there or if having it not in a slot means it's not available. Matt, you might need to add a test case using the yubikey customizer tool. Regarding site 3: Google's auth both does user agent checking, and also assumes some non-spec static constants exist IIRC, so I haven't gotten that to work yet. The others work for me, though I haven't tried with a Yubikey confogured your way. Will do when I get back into office. Just to confirm: what do you mean by Full access to U2F WebAPI? That register and sign work? Thanks for testing!
OS: Unspecified → All
Priority: -- → P1
QA Contact: mwobensmith
Hardware: Unspecified → All
Whiteboard: [webauthn] [webauthn-test] [u2f]
AHA! Found the problem. Had to remove the WebExtension of that previously mentioned add-on. Test site 1: Three browser crashes. Testing one field is OK. Testing another caused crash, no matter the order of test. Crash reports sent with text "testing webauth". Reloading test site 1 seems buggy after crash, even in new window. Test site 2: works as expected Test site 3: does not provide U2F as an option, even when selecting `more options`. Chrome recognises as default. Test site 4: works as expected
AWS: Yubikey not supported - however https://rizvir.com/articles/faster-TOTP-auth-with-yubikey/ Dropbox: "Currently, security keys are only supported with Google Chrome, version 38 or higher." Lastpass: Bug with Yubikey also in Chromium https://forums.lastpass.com/viewtopic.php?f=12&t=271435 Tests via open source 'hardware' list at https://twofactorauth.org
AFAIK these aren't destined to be fixed in 56 or 57 so I'm setting the priority to P2.
Priority: P1 → P2
Since this is fixed via removing a collision with the u2f4moz addon, I'm going to mark the core bug invalid. The site compat issues are tracked in other bugs already. Thanks for testing, David!
Status: UNCONFIRMED → RESOLVED
Closed: 8 years ago
Resolution: --- → INVALID
You need to log in before you can comment on or make changes to this bug.