Rework CTAP2.0 GetPinToken-workflow

[msirringhaus]

Trying to rework the GetPinToken-workflow, in order to work for tokens with and without UV.

Tested this with Yubikey BIO.
Would be great to if @andreydanil and @VincentVanlaer could also test this with their ThinC and Mooltipass respectively.

To test, run examples ctap2 and ctap2_discoverable_credentials with this patch and see if

1. the good case works
2. using the wrong finger / PIN will act as expected as well (either repeatedly ask you to touch it, or error out completely after 3 tries).

[msirringhaus]

Once #205 lands, this needs of course some rebasing, and then it should be hopefully rather straight forward to implement the CTAP2.1 auth-workflows.

[andreydanil]

Nice! I can confirm that this code change does not break ThinC CTAP2.0 token.

I wasn't able to build this change into Firefox due to a reason with a dependency with error error: could not compile authrs_bridge due to previous error.

Compiling authrs_bridge v0.1.0 (/Users/andreydanil/development/github/mozilla-unified/dom/webauthn/authrs_bridge)
error[E0004]: non-exhaustive patterns: `Ok(StatusUpdate::PinAuthInvalid)` not covered
    --> dom/webauthn/authrs_bridge/src/lib.rs:338:15
     |
     |         match status_rx.recv() {
     |               ^^^^^^^^^^^^^^^^ pattern `Ok(StatusUpdate::PinAuthInvalid)` not covered

I would love to test UV = Discouraged, Preferred, Required once I can build this into Firefox.

[jschanck]

Similarly, let's add a helper function for the error cases. There's a lot of duplication with sign, and right now they differ unnecessarily.

[msirringhaus]

Sadly, they do NOT differ unnecessarily. They actually are different, because the spec (or at least how vendors interpret it) are different for GetAssertion and MakeCredential, in what they return in case of errors.

[jschanck]

Can't we just handle the difference in repackage_pin_errors? If not, I think we should avoid using repackage_pin_errors entirely. A flat list of cases would be easier to follow.

[msirringhaus]

Since we need repackage_pin_errors in other places as well, I've introduced a new function (which also uses it), that handles the differences, so we can move all of it out of statemachine.rs

[jschanck]

Looks good. Some minor comments below.

[jschanck]

Can't we just handle the difference in repackage_pin_errors? If not, I think we should avoid using repackage_pin_errors entirely. A flat list of cases would be easier to follow.

[VincentVanlaer]

I tested this PR with my mooltipass:

• The ctap2 example works
• The ctap2_discoverable_creds does not work. Registration of the multiple users works well, but fails on unwrapping name in https://github.com/mozilla/authenticator-rs/blob/ctap2-2021/examples/ctap2_discoverable_creds.rs#L342 I does have the same issue before this PR, so that's not a blocker

[msirringhaus]

Thank you @andreydanil and @VincentVanlaer for testing.

@VincentVanlaer: Could you open an issue for the failing ctap2_discoverable_creds-example?

[jschanck]

This does not really "unify the cases" as we're now just pushing the dependence on Self::command() into this function. I'm sorry to go back and forth on this minor point, but I think we should do the flat list of cases instead.

[msirringhaus]

So reverting this change and doing what we did before? Or something else entirely?
"Avoiding duplicate code, if possible" and "having a flat list" unfortunately are at odds in this case.

[jschanck]

Maybe it will be easier for me to just submit a follow up patch with what I'm imagining. This is not as clear as I'd like it to be, but it does appear to be correct.

[jschanck]

This will ultimately call set_shared_secret on Device. Where are we doing that in the UsingInternalUv case?

Maybe we need to implement and integrate getPinUvAuthTokenUsingUvWithPermissions before we can land this patch?

[msirringhaus]

Ah, you are right. I was under the impression, that we do not need the shared_secret, if we don't use a PIN. But we may need it for the hmac-extension (which I'm currently not sure, if it works correctly anyways).
I'll add a dev.establish_shared_secret()?; to the UsingInternalUv-case.

Waiting for getPinUvAuthTokenUsingUvWithPermissions will (probably) not change anything here, since the plan is to do that in a separate function (hence the name determine_pin_uv_auth_ctap_2_0()).
The InternalUv-case needs to work for CTAP2.0-only tokens as well.

[jschanck]

OK, sounds good. I didn't realize that Internal UV did not require the shared secret in 2.0, but we do need it for the hmac extension (even though it's not currently working).

[jschanck]

Looks good!

[jschanck]

OK, sounds good. I didn't realize that Internal UV did not require the shared secret in 2.0, but we do need it for the hmac extension (even though it's not currently working).

[jschanck]

Maybe it will be easier for me to just submit a follow up patch with what I'm imagining. This is not as clear as I'd like it to be, but it does appear to be correct.

[VincentVanlaer]

@VincentVanlaer: Could you open an issue for the failing ctap2_discoverable_creds-example?

I did some digging in the meantime and it seems that the mooltipass is not returning the name field, even though it is set when the credential is created (and is stored as I can see it on the screen). There does seem to be a possibility in the spec to not send the name field back when the user is not verified, but I consider that a discussion to be had on the mooltipass side whether this applies or not (I'm assuming it doesn't really apply and the mooltipass should send the name field)