GNU bug report logs -
#45613
U2F does not work in IceCat
Previous Next
Reported by: John Doe <likeslisp <at> protonmail.com>
Date: Sat, 2 Jan 2021 19:42:02 UTC
Severity: normal
Done: Maxim Cournoyer <maxim.cournoyer <at> gmail.com>
Bug is archived. No further changes may be made.
To add a comment to this bug, you must first unarchive it, by sending
a message to control AT debbugs.gnu.org, with unarchive 45613 in the body.
You can then email your comments to 45613 AT debbugs.gnu.org in the normal way.
Toggle the display of automated, internal messages from the tracker.
Report forwarded
to
bug-guix <at> gnu.org:
bug#45613; Package
guix.
(Sat, 02 Jan 2021 19:42:02 GMT)
Full text and
rfc822 format available.
Acknowledgement sent
to
John Doe <likeslisp <at> protonmail.com>:
New bug report received and forwarded. Copy sent to
bug-guix <at> gnu.org.
(Sat, 02 Jan 2021 19:42:02 GMT)
Full text and
rfc822 format available.
Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):
I've been trying to get U2F to work in IceCat without success with the Nitrokey FIDO2 and FIDO U2F devices. To test 2 websites were used: vault.bitwarden.com and u2f.bin.coffee .
For vault.bitwarden.com, after entering the password, the following error popup appears repeatedly:
"An error has occurred. U2F Error: 1"
For u2f.bin.coffee, when clicking the U2F Register button, the following error appears:
"
Sending request with appId: https://u2f.bin.coffee
{
"version": "U2F_V2",
"challenge": "pyvBtAPUygH0mZg4_thmdo_Ltnk"
}
Got response:
{
"errorCode": 1
}
[FAIL] Imported credential public key
Failures: 1 TODOs: 0
"
A similar error appears for the U2F Sign button.
The same websites work without trouble in ungoogled-chromium as well as Firefox installed in Flatpak and run with the options "flatpak run --user --device=all org.mozilla.firefox".
I have installed the pam-u2f package which includes the libu2f-server and libu2f-host packages.
In /etc/config.scm I have the following configuration to add udev rules for the Nitrokey device:
"
(use-modules (guix download)
(guix packages)
(use-service-modules security-token)
;; ...
(define %nitrokey-udev-rule
(file->udev-rule
"41-nitrokey.rules"
(let ((version "2019"))
(origin
(method url-fetch)
(uri "https://raw.githubusercontent.com/Nitrokey/libnitrokey/master/data/41-nitrokey.rules")
(sha256
(base32 "1j8x9i2ypr6jadpmjbcffk7rjqd3a4x0krqx5hqk7bfgsxzima23"))))))
;; ref. https://lists.gnu.org/archive/html/help-guix/2019-07/msg00051.html
(define %updated-desktop-services
(modify-services
%desktop-services
(udev-service-type config =>
(udev-configuration
(inherit config)
(rules (append (udev-configuration-rules config)
(list %nitrokey-udev-rule)))))))
(operating-system
;; ...
(services
(append
(list
(service xfce-desktop-service-type)
(set-xorg-configuration
(xorg-configuration
(keyboard-layout keyboard-layout))))
(list
;; ...
(service pcscd-service-type))
%updated-desktop-services))
;; ...
"
Please let me know if there is any additional information I can provide.
Information forwarded
to
bug-guix <at> gnu.org:
bug#45613; Package
guix.
(Sun, 03 Jan 2021 17:20:01 GMT)
Full text and
rfc822 format available.
Message #8 received at 45613 <at> debbugs.gnu.org (full text, mbox):
Forgot to mention in the original report: The issue is very similar to the following bug: https://debbugs.gnu.org/cgi/bugreport.cgi?bug=38341
Information forwarded
to
bug-guix <at> gnu.org:
bug#45613; Package
guix.
(Mon, 11 Oct 2021 14:13:02 GMT)
Full text and
rfc822 format available.
Message #11 received at 45613 <at> debbugs.gnu.org (full text, mbox):
To me it looks like this bug is now solved.
I remember having the same problem months ago, but today it seems to work fine
(on a foreign distro).
Guix:
---
guix 6eded1a
repository URL: https://git.savannah.gnu.org/git/guix.git
branch: master
commit: 6eded1a04186e3118b293486b038c994e05efedf
---
Icecat:
---
icecat 78.14.0-guix0-preview1 out
/gnu/store/xwzp1lj8b429yc9nbx3nwy1ia9r1sr2x-icecat-78.14.0-guix0-preview1
---
It worked both with https://u2f.bin.coffee/ and other services.
Note that I'm "cheating" a little bit though: I'm using an emulated device, not
an actual USB device (but the same emulated device previously didn't work with a
Guix-built icecat).
Reply sent
to
Maxim Cournoyer <maxim.cournoyer <at> gmail.com>:
You have taken responsibility.
(Mon, 13 Feb 2023 16:42:01 GMT)
Full text and
rfc822 format available.
Notification sent
to
John Doe <likeslisp <at> protonmail.com>:
bug acknowledged by developer.
(Mon, 13 Feb 2023 16:42:02 GMT)
Full text and
rfc822 format available.
Message #16 received at 45613-done <at> debbugs.gnu.org (full text, mbox):
Hi,
Raphaël Mélotte <raphael.melotte <at> mind.be> writes:
> To me it looks like this bug is now solved.
>
> I remember having the same problem months ago, but today it seems to
> work fine (on a foreign distro).
>
> Guix:
> ---
> guix 6eded1a
> repository URL: https://git.savannah.gnu.org/git/guix.git
> branch: master
> commit: 6eded1a04186e3118b293486b038c994e05efedf
> ---
>
> Icecat:
> ---
> icecat 78.14.0-guix0-preview1 out
> /gnu/store/xwzp1lj8b429yc9nbx3nwy1ia9r1sr2x-icecat-78.14.0-guix0-preview1
> ---
>
> It worked both with https://u2f.bin.coffee/ and other services.
>
> Note that I'm "cheating" a little bit though: I'm using an emulated
> device, not an actual USB device (but the same emulated device
> previously didn't work with a Guix-built icecat).
Thanks for the heads-up.
Closing!
--
Thanks,
Maxim
bug archived.
Request was from
Debbugs Internal Request <help-debbugs <at> gnu.org>
to
internal_control <at> debbugs.gnu.org.
(Tue, 14 Mar 2023 11:24:05 GMT)
Full text and
rfc822 format available.
This bug report was last modified 1 year and 36 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.