http://bugzilla.opensuse.org/show_bug.cgi?id=1207086 Bug ID: 1207086 Summary: ykman fails to load FIDO 2 app for Yubico Security Key Classification: openSUSE Product: openSUSE Distribution Version: Leap 15.4 Hardware: x86-64 OS: openSUSE Leap 15.4 Status: NEW Severity: Normal Priority: P5 - None Component: Security Assignee: security-team@suse.de Reporter: john.serock@gmail.com QA Contact: qa-bugs@suse.de Found By: --- Blocker: --- Created attachment 864045 --> http://bugzilla.opensuse.org/attachment.cgi?id=864045&action=edit YubiKey Manager GUI error Overview: When using a "Security Key by Yubico" hardware device, the YubiKey Manager "ykman fido info" command fails with an error message. Steps to Reproduce: 1) Install the yubikey-manager package if it is not already installed. 2) Insert a "Security Key by Yubico" device into a USB port. 3) From a terminal, run the "ykman fido info" command. Actual results: The ykman application exits with an error message: Error: Failed to load FIDO 2 Application. Expected Results: The ykman application should display a message about the device PIN. For example, "PIN is set, with 8 tries left." Additional Information: 1) When running "ykman -l DEBUG fido info", a traceback is displayed with a ValueError message: 2023-01-11T15:55:57-0500 DEBUG [ykman.cli.fido.fido:77] Failed to load Fido2Controller Traceback (most recent call last): File "/usr/lib/python3.6/site-packages/ykman/cli/fido.py", line 75, in fido ctx.obj['controller'] = Fido2Controller(dev.driver) File "/usr/lib/python3.6/site-packages/ykman/fido.py", line 44, in __init__ self._info = self.ctap.get_info() File "/usr/lib/python3.6/site-packages/fido2/ctap2.py", line 659, in get_info return self.send_cbor(CTAP2.CMD.GET_INFO, parse=Info) File "/usr/lib/python3.6/site-packages/fido2/ctap2.py", line 591, in send_cbor return parse(response[1:]) File "/usr/lib/python3.6/site-packages/fido2/ctap2.py", line 100, in __init__ data = dict((Info.KEY(k), v) for (k, v) in _parse_cbor(self).items()) File "/usr/lib/python3.6/site-packages/fido2/ctap2.py", line 100, in <genexpr> data = dict((Info.KEY(k), v) for (k, v) in _parse_cbor(self).items()) File "/usr/lib64/python3.6/enum.py", line 293, in __call__ return cls.__new__(cls, value) File "/usr/lib64/python3.6/enum.py", line 535, in __new__ return cls._missing_(value) File "/usr/lib64/python3.6/enum.py", line 548, in _missing_ raise ValueError("%r is not a valid %s" % (value, cls.__name__)) ValueError: 7 is not a valid KEY 2) The ykman-gui application, from the yubikey-manager-qt package, also displays an error message after clicking on Applications > FIDO2. See attached error screenshot. 3) A workaround for the issue is to use python-fido2 0.6.0 or 0.7.3 (available from https://github.com/Yubico/python-fido2/releases) instead of the python3-fido2 0.5.0-1.23 package. See attached workaround screenshot. 4) The issue does not occur with a "YubiKey 5 Nano" device. -- You are receiving this mail because: You are on the CC list for the bug.