-
Martin Kreichgauer authored
This adds the ability to selectively ignore HID FIDO devices by VID/PID during discovery in FidoHidDiscovery and ignores the ChromeOS u2fd virtual HID device during WebAuthn requests that don't originate from cryptoken if the ChromeOS platform authenticator is flag-enabled. The virtual HID device and the platform authenticator are both implemented in u2fd and both bring their own UI, so having a single WebAuthn request target both would cause all kinds of trouble. The platform authenticator will be able to challenge credentials registered by the virtual HID device via the appID extension. So eventually we might want to make the platform authenticator feature flag disable the virtual HID device during cryptotoken requests as well, and advise users to switch to the WebAuthn API instead. Change-Id: Ic19152fa76bf75079310719e3dcd2bd35466b3dd Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2351139 Commit-Queue: Martin Kreichgauer <martinkr@google.com> Reviewed-by:
Adam Langley <agl@chromium.org> Cr-Commit-Position: refs/heads/master@{#799431}
211385fc
