GitLab

Currently, no response length (L_e) is encoded in U2F commands. The U2F
spec[1] says “if the instruction is not expected to yield any response
bytes, L_e may be omitted” – i.e. we are specifying that no response is
allowed to our commands.

The VASCO SecureClick respects the maximum response length and thus
doesn't send a reply. Therefore Chromium's webauthn stack doesn't
currently work with these tokens.

This change causes us to always specify the maximum possible response
length for U2F register and sign commands, and fixes interop with the
VASCO token.

[1] https://fidoalliance.org/specs/fido-u2f-v1.2-ps-20170411/fido-u2f-raw-message-formats-v1.2-ps-20170411.html#extended-length-encoding

Change-Id: I5cc906eb6f167fb95c9a42a13ff46237d0e58b79
Reviewed-on: https://chromium-review.googlesource.com/979702
Commit-Queue: Jan Wilken Dörrie <jdoerrie@chromium.org>
Reviewed-by: Jan Wilken Dörrie <jdoerrie@chromium.org>
Cr-Commit-Position: refs/heads/master@{#546072}