Undocumented Pin Policy

[kathmm]

Description

I had issues with setting the FIDO2 pin on a Nitrokey 3C NFC. The issue was that my pin got rejected due to a pin policy violation and when looking into the official documentation for further clarification on what the policy was I couldn't find any in the following:

• https://github.com/Nitrokey/nitrokey-documentation/blob/master/nitrokey3/shared/set-pins.rst.inc

Could you please specify in your documentation on what the expected policy is and if there have been changes to it depending on the firmware version as I am currently on v1.6.0 while a previous Nitrokey I used was on v1.5.0 and had no issues with a password with the same allowance of characters to what I was attempting to use. I attempted to use the following:

m'(%8LJcr5\\dcQhtZu^p:F>T\\4ARCl_4[O8cA+v~y=\{<25f\}~iK-%KU@B$eTQi`0&+Mh1?Z^,DV#+S]$AliI

<h4>w<Gpg*kkc+B&CryRq/J$;L'6I;XSk3jLcs1k:_j=-A\}E4?jBR^B2I9),g*(x

Below is a snippet of the log that states that there was a pin policy violation.

  File "<python-path>/site-packages/fido2/ctap2/base.py", line 241, in send_cbor
    raise CtapError(status)
fido2.ctap.CtapError: CTAP error: 0x37 - PIN_POLICY_VIOLATION
12208     DEBUG       root listing all connected devices:
12218     DEBUG       root :: 'Nitrokey FIDO2' keys
12219     DEBUG       root :: 'Nitrokey Start' keys:
12229     DEBUG       root :: 'Nitrokey 3' keys

Thank you in advance Kathrin