Unable to use Nitrokey FIDO2 with Coinbase

Nitrokeys Misc
1

Hello, I just receive my Nitrokey FIDO and I’m very disappointed. It’s useless! I’m unable to set up a 2fa on tutanota mail and coinbase.
During initializing the 2fa on tutanota mail, I receive an error pop up: “Your security key has not been recognized”. smh
Coinbasу error pop up: “Registration was either blocked, canceled or timed out. Please try again.”
OS: Windows 10
Browsers: Opera, Chrome, Mozilla.

2

Hello,

Could you share your Windows 10 version and build number for retests?
It could be taken from the “About” screen in the “Settings” application. The fastest way is to enter “About” in the Start Menu.

1 Like
4

Can you delete my question please?

5

Hi!

Of course. Before that could you share have you resolved your problems? Can we improve documentation somehow?

6

After a week, I still didn’t receive the response from Coinbase what the issue. Maybe you could contact them to make tests? Coinbase was the only one site that I failed to set 2FA using Nitrokey FIDO.

7

We are sorry to hear that you did not receive a reply from Coinbase. However we can not contact individual third parties, for a case-by-case issue.
To be on the safe side, according to this ticket (FIDO2), we advise to make sure you have the latest Nitrokey firmware version.

8

Hi!

During the next days we plan to release a firmware update, which might solve your issue. Will write here once done so.

9

Firmware is up-to-date

1 Like
10

Hi!
Please update your device to 2.1.0 version - it should work better. Site:

11

Updated. Still have the same error popup: “Registration was either blocked, cancelled or timed out. Please try again.”

1 Like
12

Hi!

Sorry for the delay. Is the pop-up showing up in all of the browsers?

13

Greetings! It is still not possible to use nitrokey for Coinbase. Just tried it on Opera and Chrome.

14

I see. We will check it. Could you confirm the firmware is up to date? We had some fixes lately.

cc @jan

15

yep, the latest one version.

16

Thank you. We will make the retests on our side and see what is the problem.

17

Hi @norvele62!

We have reproduced the problem on our side as well on current Google Chrome under macOS, with Nitrokey FIDO2 v2.4.0. From the logs I can see, that the browser itself is not complaining about the Nitrokey FIDO2 response, and probably the error comes from the implementation of the Coinbase’s FIDO2 handling (edit: by this I mean this problem is not Nitrokey FIDO2 device’s fault).
We will run some additional tests, but I do not expect this will change the outcome.

Command used for logging:

$ /path/to/chrome --enable-logging --v=1 --log-level=0 --enable-logging=stderr 2>&1 | grep device_event_log_impl.cc
Log 
[2657:775:0311/150609.550812:VERBOSE1:device_event_log_impl.cc(216)] [15:06:09.550] FIDO: DEBUG: fido_device.cc:49 Sending CTAP2 AuthenticatorGetInfo request to authenticator.
[2657:775:0311/150609.747084:VERBOSE1:device_event_log_impl.cc(216)] [15:06:09.747] FIDO: DEBUG: device_response_converter.cc:223 -> {1: ["U2F_V2", "FIDO_2_0", "FIDO_2_1_PRE"], 2: ["credProtect", "hmac-secret"], 3: h'C39EFBA6FCF44C3E828BFC4A6115A0FF', 4: {"rk": true, "up": true, "plat": false, "clientPin": true, "credentialMgmtPreview": true}, 5: 1200, 6: [1], 7: 20, 8: 128}
[2657:775:0311/150609.747124:VERBOSE1:device_event_log_impl.cc(216)] [15:06:09.747] FIDO: DEBUG: device_response_converter.cc:246 Unexpected protocol version received.
[2657:775:0311/150609.747149:VERBOSE1:device_event_log_impl.cc(216)] [15:06:09.747] FIDO: DEBUG: fido_device.cc:80 The device supports the CTAP2 protocol.
[2657:775:0311/150609.747192:VERBOSE1:device_event_log_impl.cc(216)] [15:06:09.747] FIDO: DEBUG: ctap2_device_operation.h:85 <- 6 {1: 1, 2: 1}
[2657:775:0311/150609.755098:VERBOSE1:device_event_log_impl.cc(216)] [15:06:09.755] FIDO: DEBUG: ctap2_device_operation.h:183 -> {3: 8}
[2657:775:0311/150613.138964:VERBOSE1:device_event_log_impl.cc(216)] [15:06:13.138] FIDO: DEBUG: ctap2_device_operation.h:85 <- 6 {1: 1, 2: 2}
[2657:775:0311/150613.291098:VERBOSE1:device_event_log_impl.cc(216)] [15:06:13.291] FIDO: DEBUG: ctap2_device_operation.h:183 -> {1: {1: 2, 3: -25, -1: 1, -2: h'A0AE0D9DAC5D71E05C6B981AA39FA85341DACEB707C3364EB5A7127965F16E97', -3: h'5776D0042DFD3FACD430362008BBE6257D3E1890000887C01E799D42D8C41B49'}}
[2657:775:0311/150613.291430:VERBOSE1:device_event_log_impl.cc(216)] [15:06:13.291] FIDO: DEBUG: ctap2_device_operation.h:85 <- 6 {1: 1, 2: 5, 3: {1: 2, 3: -25, -1: 1, -2: h'13BD85EEB93C5AB4CFB3122A3E743185A2FC49E678D9C81DCD4A1279F788F338', -3: h'9DFB7D47F3D8EDE5C8F58BE7180A593F20628E46C3B1AC59CB946CFA47751536'}, 6: h'EBF51FFDD4F3C933AB8B5EA142E25473'}
[2657:775:0311/150613.495216:VERBOSE1:device_event_log_impl.cc(216)] [15:06:13.495] FIDO: DEBUG: ctap2_device_operation.h:183 -> {2: h'3CDAACFBBB79A0D20AB1C4A9EA0C2E67'}
[2657:775:0311/150613.531583:VERBOSE1:device_event_log_impl.cc(216)] [15:06:13.531] FIDO: DEBUG: ctap2_device_operation.h:85 <- 1 {1: h'B29E2D1DC2862D54FDC386EF53318A7B3EB8CF6284D8FFE460B906F3BE953A84', 2: {"id": "coinbase.com", "name": "Coinbase"}, 3: {"id": h'35633263393832622D653533362D353439662D613964622D376166653565363636656533', "name": "lennard-xxxxxx", "displayName": "lennard xxxxxxxxxx"}, 4: [{"alg": -7, "type": "public-key"}, {"alg": -257, "type": "public-key"}, {"alg": -65535, "type": "public-key"}], 8: h'CE013214F899DF030403935D0C43EEA1', 9: 1}
[2657:775:0311/150616.355194:VERBOSE1:device_event_log_impl.cc(216)] [15:06:16.355] FIDO: DEBUG: ctap2_device_operation.h:183 -> {1: "packed", 2: h'E27D...', 3: {"alg": -7, "sig": h'3045...', "x5c": [h'3082...']}}
18

Thank you for your work! We can close this ticket.

1 Like