Now Safari send the U2F Reg/Auth commands in Extended length APDU command format for this feature through NFC.
https://fidoalliance.org/specs/fido-u2f-v1.2-ps-20170411/fido-u2f-nfc-protocol-v1.2-ps-20170411.html
Is it possible to use short APDU instead ? I see below api is allowed to change this mode.
https://developer.apple.com/documentation/cryptotokenkit/tksmartcard/1773460-usecommandchaining
https://github.com/WebKit/webkit/blob/master/Source/WebCore/Modules/webauthn/apdu/ApduCommand.h
"This class implements only the extended length encoding."
Why do you want to use short APDU? There is currently no way to switch.
Thanks for your feedback and sorry for the late reply.
The reason is some legacy devices with old javacard version can only support short APDU encodings due to limited APUD buffer.
And actually they still can be supported by browers on Windows10 or Chrome on Android.
The FIDO 2 specification does suggest that authenticators may support short exchanges via ISO7816-4 chaining.
It indicates that if a request is sent to the authenticator with the short length, that the authenticator MUST respond short.
It indicates that if a long request is sent the authenticator must respond with extended length APDUs.
It's not clear whether an authenticator which supports only short APDUs and chaining is compliant.
