search

google / CTAP2-test-tool

Test tool for CTAP2 authenticators
Apache License 2.0
57 stars 25 forks source link

Support CTAP 2.1 #16

Open kaczmarczyck opened 3 years ago

kaczmarczyck commented 3 years ago

The test tool currently supports commands from version 2.0. GetInfo informs about supported versions.

For old commands, tests should differentiate between authenticator versions. For new commands, tests should only run if an authenticator claims it is compatible.

geofli commented 3 years ago

any update about supporting CTAP 2.1?

kaczmarczyck commented 3 years ago

Review draft 3 looks like it's going to closely resemble the final version. Also, I almost finished the implementation for OpenSK (see this issue). I'll start working on the test tool soon.

dangfan commented 1 year ago

Hi there, the PS version has been published for a while. Is there any update about supporting CTAP 2.1? Thanks!

kaczmarczyck commented 1 year ago

The CTAP code itself has worked in all my tests. We are working on a few other feature before we could do a release. If you want to test CTAP 2.1 support, feel free to try our develop branch and we welcome your feedback!

dangfan commented 1 year ago

Thank you for the reply. Unfortunately, I don't see the develop branch. Also, I noticed that there is an AuthenticatorCredentialManagementPositiveTest function in fido_commands.cc, but I cannot find an invocation to it. Should I add such tests in GetTests? Thanks!

kaczmarczyck commented 1 year ago

Oh nevermind my last comment, I was working on OpenSK before and didn't realize that this is my Test Tool.

We don't have tests for 2.1 here yet. If you want to add any, feel free to.

dangfan commented 1 year ago

Okay. Thanks a lot!

szszszsz commented 1 year ago

Hey @kaczmarczyck !

  1. I saw there are 10 or so CTAP 2.1 tests. Any plans on extending that?
  2. Do you plan to support CTAP 2.2? If so, do you have any rough time plan? I do not see any mentions of it on OpenSK project, which I understand would be required to proceed on this.
kaczmarczyck commented 1 year ago

Hi! Support for newer Test Tool versions is on hold. We will look into testing for 2.1 or 2.2 when OpenSK releases its next version.

There is no timeline for that yet. I don't think the difference between 2.1 and 2.2 is as big as from 2.0 to 2.1, so I don't expect CTAP to be a major blocker. There are other open questions for a new OpenSK release though.

szszszsz commented 1 year ago

All clear, thank you for the update!