[Bug 265528] webauth u2f doesn't seem to work when hw.usb.usbhid.enable=1 is set (no uhid dev entries)

From: <bugzilla-noreply_at_freebsd.org>
Date: Sun, 31 Jul 2022 06:33:28 UTC 
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=265528

            Bug ID: 265528
           Summary: webauth u2f doesn't seem to work when
                    hw.usb.usbhid.enable=1 is set (no uhid dev entries)
           Product: Base System
           Version: 13.1-RELEASE
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Only Me
          Priority: ---
         Component: usb
          Assignee: usb@FreeBSD.org
          Reporter: trueos@norwegianrockcat.com

There seems to be an issue when running a YubiKey with hw.usb.usbhid.enable set
in /boot/loader.conf

The browser presents the prompt for pressing the YubiKey, but the press is
never registered in the browser.

Steps to reproduce:

0. Have access to a YubiKey
1. Boot 13.1-RELEASE with hw.usb.usbhid.enable=1 in /boot/loader.conf
2. Install www/firefox and sysutils/u2f-devd
2a. Ensure the user is in the u2f group and restart devd for the key to get
proper permissions
3. Go to https://demo.yubico.com/webauthn-technical/registration and click
next.
4. You will get a prompt to press the YubiKey, but the press will never
register, and the only way out is to cancel.

Booting without hw.usb.usbhid.enable=0 (or not set) does work. The only
difference I can see in /dev between the two boots is that there are entries
for uhid* when hw.usb.usbhid.enable=0, but none when enable=1. From looking at
u2f-devd, web browsers use uhid for webauth.

-- 
You are receiving this mail because:
You are the assignee for the bug.