dearsky/pico-fido
1
0
Fork 0
Code Issues 46 Pull Requests 1 Actions Packages Projects Releases 22 Wiki Activity

The Yubico OTP feature is not working on the ESP32-S3 with the new Version 7.0. #208

New Issue
Closed
opened 2025-12-02 15:44:25 +08:00 by GN998 · 7 comments
GN998 commented 2025-12-02 15:44:25 +08:00 (Migrated from github.com)
Copy Link

I have two ESP32-S3 devices: one is running an unupgraded Version 6.6, and the other is on Version 7.0.

After testing, Yubico OTP functionality works normally on Version 6.6. However, on Version 7.0 (both the official stable release and Nightly Stable builds), it is unusable, and the BOOT button is unresponsive.

I have two ESP32-S3 devices: one is running an unupgraded Version 6.6, and the other is on Version 7.0. After testing, Yubico OTP functionality works normally on Version 6.6. However, on Version 7.0 (both the official stable release and Nightly Stable builds), it is unusable, and the BOOT button is unresponsive.
👀 1
polhenarejos commented 2025-12-02 16:25:35 +08:00 (Migrated from github.com)
Copy Link

Please provide steps to reproduce it.

Please provide steps to reproduce it.
👀 1
GN998 commented 2025-12-02 17:20:35 +08:00 (Migrated from github.com)
Copy Link

Step 1: In esp32-flasher, select Pico Fido and flash it to ESP32-S3.
Step 2: Then, in pico-commissioner, select the following:

Image

After successful configuration, unplug and replug the device.

Step 3: In yubico-authenticator, select "Slots," click "Short touch," and then set a "Static password." After successful setup,

Step 4: When trying to use "Short touch" in a text document, a single click of the BOOT button produces no input.

Step 1: In esp32-flasher, select Pico Fido and flash it to ESP32-S3. Step 2: Then, in pico-commissioner, select the following: <img width="1000" height="902" alt="Image" src="https://github.com/user-attachments/assets/2268fbac-4c46-4c8a-842f-e044080c24eb" /> After successful configuration, unplug and replug the device. Step 3: In yubico-authenticator, select "Slots," click "Short touch," and then set a "Static password." After successful setup, Step 4: When trying to use "Short touch" in a text document, a single click of the BOOT button produces no input.
👀 1
bobdig commented 2025-12-05 01:51:37 +08:00 (Migrated from github.com)
Copy Link

I still have problems with the new firmware (Challenge-response) and a Waveshare ESP32-S3 Mini Development Board. Is there a way to go back or could one be integrated into /esp32-flasher/.
It mostly worked (I had to click a button three times) with the old firmware and KeePassXC. With the new Firmware, it only worked once.

I still have problems with the new firmware (Challenge-response) and a Waveshare ESP32-S3 Mini Development Board. Is there a way to go back or could one be integrated into /esp32-flasher/. It mostly worked (I had to click a button three times) with the old firmware and KeePassXC. With the new Firmware, it only worked once.
polhenarejos commented 2025-12-05 06:43:04 +08:00 (Migrated from github.com)
Copy Link

Cannot reproduce neither in a RP2040 nor in a ESP32.

  • Registered a challenge-response in OTP Slot 1
  • Created a database in KeepasXC with Slot 1 protection
  • Closed database
  • Reopened database using only Slot 1 -> ok
Cannot reproduce neither in a RP2040 nor in a ESP32. - Registered a challenge-response in OTP Slot 1 - Created a database in KeepasXC with Slot 1 protection - Closed database - Reopened database using only Slot 1 -> ok
bobdig commented 2025-12-05 18:17:53 +08:00 (Migrated from github.com)
Copy Link

I am new to this so I hope I don't waste anyone's time... With the new Firmware it takes 25-35 seconds for me till I can use the key in KeePassXC.
Image

If I press the button before that time, the key will be available just for a millisecond and immediately will be not shown anymore as an option in KeePassXC.
With the old Firmware, if I would press the button ~three times the key would be immediately available towards KeePassXC.

I am new to this so I hope I don't waste anyone's time... With the new Firmware it takes 25-35 seconds for me till I can use the key in KeePassXC. ![Image](https://github.com/user-attachments/assets/69b34508-be8c-4fab-94d4-f4d3d8f91f9c) If I press the button before that time, the key will be available just for a millisecond and immediately will be not shown anymore as an option in KeePassXC. With the old Firmware, if I would press the button ~three times the key would be immediately available towards KeePassXC.
bobdig commented 2025-12-06 22:31:46 +08:00 (Migrated from github.com)
Copy Link

Got another one of those, same problem. But it looks to be specific to KeepassXC. I configured "Static Password" and it works immediately in notepad but takes again almost 40 seconds until it can be used in KeePassXC.

Got another one of those, same problem. But it looks to be specific to KeepassXC. I configured "Static Password" and it works immediately in notepad but takes again almost 40 seconds until it can be used in KeePassXC.
bobdig commented 2025-12-07 02:35:07 +08:00 (Migrated from github.com)
Copy Link

KeepassXC is doing a detection operation (fake challenge-response) according to droidmonkey, which explains the almost 40 seconds wait time I guess, the Pico Key is working fine after that.

KeepassXC is doing a detection operation (fake challenge-response) according to droidmonkey, which explains the almost 40 seconds wait time I guess, the Pico Key is working fine after that.
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
bug
Something isn't working
 documentation
Improvements or additions to documentation
 duplicate
This issue or pull request already exists
 enhancement
New feature or request
 good first issue
Good for newcomers
 help wanted
Extra attention is needed
 invalid
This doesn't seem right
 question
Further information is requested
 wontfix
This will not be worked on
No Label bug
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
dearsky
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: dearsky/pico-fido#208
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?