ctap2.1 ClientPin protocol 1/Authr-ClientPin1-GetRetries.js P-3 need power off/on for BLE devices

[nuno0529]

By submitting this issue you are acknowledging that any information regarding this issue will be publicly available.

If you have privacy concerns, please email conformance-tools@fidoalliance.org

FIRST PRE CHECK

• [x] I SOLEMNLY SWEAR THAT I HAVE SEARCHED DOCUMENTATION AND WAS NOT ABLE TO RESOLVE MY ISSUE

What protocol are you implementing?

• [ ] FIDO2 Server
• [ ] CTAP2.0
• [x] CTAP2.1
• [ ] UAF 1.1
• [ ] U2F 1.1
• [ ] U2F 1.2

NOTE: UAF 1.0 certification have been officially sunset. U2F 1.2 only supported version of U2F.

What is your implementation class?

• [x] Security Key / FIDO2 / U2F authenticators
• [ ] Server
• [ ] UAF Client-ASM-Authenticator combo
• [ ] UAF Client
• [ ] UAF ASM-Authenticator

If you are platform authenticator vendor, please email conformance-tools@fidoalliance.org

What is the version of the tool are you using?

v1.6.36

What is the OS and the version are you running?

For desktop tools

• [ ] OSX
• [x] Windows
• [ ] Linux

For UAF mobile tools

• [ ] iOS
• [ ] Android

Issue description

Authr-ClientPin1-GetRetries.js P-3 has PinAuthBlocked test item needs to unplug device for powerCycleState reset. But how about BLE connection type's authenticator? When I try to power off/on the BLE connected authenticator and it always get below disconnect error.

Besides the test item has 60sec timeout, and it's may not be enough for BLE authenticators to power off/on 3 times and wait for the system/tool to reconnect it.

[yackermann]

Currently blocked due to lack of CTAP2.1 BLE device

[pheimfido]

Updated assignees: removed Yuriy Ackermann, assigned @iirachek

[Molyna]

Can update here as you have been unable to verify due to lack of BLE devices, that we have not had any issues with the disconnect error above from at least 1.7.11.

We do need to be very vigilant on doing the power cycle instantly when this test runs so we don't hit the 60 second timeout.

[iirachek]

Besides the test item has 60sec timeout, and it's may not be enough for BLE authenticators to power off/on 3 times and wait for the system/tool to reconnect it.

In the latest 1.7.19 version we have extended certain timeouts for BLE authenticators by 60 seconds to account for extra time it takes to properly handle their reset in ctap2.1. If the test requires an additional reset as one of its steps, the timeout gets extended during each reset.

Ideally, this will give enough room to reliably perform the reset operation on BLE.

Can update here as you have been unable to verify due to lack of BLE devices, that we have not had any issues with the disconnect error above from at least 1.7.11.

At this point I believe it's safe to close the issue as resolved. If this problem reoccurs in the future, please @ me to reopen this, or open a new issue.