webauth: Do not ignore u2fhid on ChromeOS
Since u2f credentials are not handled properly on ChromeOS, we decided to disable platform authenticator when U2F is enabled. This is done by making ChromeOS Authenticator return IsUvpaa=false when U2F is enabled. Thus ChromeOS platform authenticator and u2fhid are mutually exclusive for WebAuthn. Bug: 1155335, b/174709984 TEST=Enable U2F and enable ChromeOS WebAuthn feature flag, register PIN, ==> PublicKeyCredential .isUserVerifyingPlatformAuthenticatorAvailable() .then(console.log) returns false even if PIN is available. ==> When attachment=undefined or cross-platform, can use u2fhid to do WebAuthn MakeCredential and GetAssertion. ==> When attachment=platform, "Your device doesn't support the type of security key requested by this site". TEST=Disable U2F and enable ChromeOS WebAuthn feature flag, register PIN, => PublicKeyCredential .isUserVerifyingPlatformAuthenticatorAvailable() .then(console.log) returns true. => When attachment=undefined or cross-platform, u2fhid doesn't show up. => When attachment=platform, can use ChromeOS PIN to do MakeCredential and GetAssertion. Change-Id: I4ce5c9de4aecaa5c1569101065a1278576c9d0cc Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2572130 Commit-Queue: Yicheng Li <yichengli@chromium.org> Reviewed-by:Martin Kreichgauer <martinkr@google.com> Cr-Commit-Position: refs/heads/master@{#833570}
Showing
Please register or sign in to comment