a5f794c0ff
CTAP2 specifies that an empty pinAuth field is special: it indicates that the device should block for touch, i.e. it's just a way of letting a user select from multiple authenticators[1]. This change handles empty pinAuth fields in GetAssertion and MakeCredential commands. [1] https://fidoalliance.org/specs/fido-v2.0-ps-20190130/fido-client-to-authenticator-protocol-v2.0-ps-20190130.html#using-pinToken-in-authenticatorMakeCredential
38 KiB
38 KiB