Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
def test_different_keys(self):
att = AttestationObject(
a2b_hex(
b"a363666d74667061636b65646761747453746d74a363616c6726637369675847304502200d15daf337d727ab4719b4027114a2ac43cd565d394ced62c3d9d1d90825f0b3022100989615e7394c87f4ad91f8fdae86f7a3326df332b3633db088aac76bffb9a46b63783563815902bb308202b73082019fa00302010202041d31330d300d06092a864886f70d01010b0500302a3128302606035504030c1f59756269636f2050726576696577204649444f204174746573746174696f6e301e170d3138303332383036333932345a170d3139303332383036333932345a306e310b300906035504061302534531123010060355040a0c0959756269636f20414231223020060355040b0c1941757468656e74696361746f72204174746573746174696f6e3127302506035504030c1e59756269636f205532462045452053657269616c203438393736333539373059301306072a8648ce3d020106082a8648ce3d030107034200047d71e8367cafd0ea6cf0d61e4c6a416ba5bb6d8fad52db2389ad07969f0f463bfdddddc29d39d3199163ee49575a3336c04b3309d607f6160c81e023373e0197a36c306a302206092b0601040182c40a020415312e332e362e312e342e312e34313438322e312e323013060b2b0601040182e51c0201010404030204303021060b2b0601040182e51c01010404120410f8a011f38c0a4d15800617111f9edc7d300c0603551d130101ff04023000300d06092a864886f70d01010b050003820101009b904ceadbe1f1985486fead02baeaa77e5ab4e6e52b7e6a2666a4dc06e241578169193b63dadec5b2b78605a128b2e03f7fe2a98eaeb4219f52220995f400ce15d630cf0598ba662d7162459f1ad1fc623067376d4e4091be65ac1a33d8561b9996c0529ec1816d1710786384d5e8783aa1f7474cb99fe8f5a63a79ff454380361c299d67cb5cc7c79f0d8c09f8849b0500f6d625408c77cbbc26ddee11cb581beb7947137ad4f05aaf38bd98da10042ddcac277604a395a5b3eaa88a5c8bb27ab59c8127d59d6bbba5f11506bf7b75fda7561a0837c46f025fd54dcf1014fc8d17c859507ac57d4b1dea99485df0ba8f34d00103c3eef2ef3bbfec7a6613de68617574684461746158c40021f5fc0b85cd22e60623bcd7d1ca48948909249b4776eb515154e57b66ae124100000003f8a011f38c0a4d15800617111f9edc7d004060a386206a3aacecbdbb22d601853d955fdc5d11adfbd1aa6a950d966b348c7663d40173714a9f987df6461beadfb9cd6419ffdfe4d4cf2eec1aa605a4f59bdaa50102032620012158200edb27580389494d74d2373b8f8c2e8b76fa135946d4f30d0e187e120b423349225820e03400d189e85a55de9ab0f538ed60736eb750f5f0306a80060fe1b13010560d" # noqa E501
)
)
Attestation.for_type(att.fmt)().verify(
att.att_statement,
att.auth_data,
a2b_hex(
b"985B6187D042FB1258892ED637CEC88617DDF5F6632351A545617AA2B75261BF"
),
)
att2 = att.with_int_keys()
self.assertNotEqual(att, att2)
self.assertEqual(att.data, att2.data)
self.assertEqual(att.with_int_keys(), att2)
def test_make_credential_ctap2(self, PatchedCTAP2):
dev = mock.Mock()
dev.capabilities = CAPABILITY.CBOR
ctap2 = mock.MagicMock()
ctap2.get_info.return_value = Info(_INFO_NO_PIN)
ctap2.make_credential.return_value = AttestationObject(_MC_RESP)
PatchedCTAP2.return_value = ctap2
client = Fido2Client(dev, APP_ID)
attestation, client_data = client.make_credential(
PublicKeyCredentialCreationOptions(
rp,
user,
challenge,
[{"type": "public-key", "alg": -7}],
timeout=1000,
authenticator_selection={"userVerification": "discouraged"},
)
)
self.assertIsInstance(attestation, AttestationObject)
self.assertIsInstance(client_data, ClientData)
def with_string_keys(self):
"""Get a copy of this AttestationObject, using Webauthn string values as
map keys in the CBOR representation.
:return: The attestation object, using str keys.
:rtype: AttestationObject
"""
return AttestationObject(
cbor.encode(dict((k.string_key, v) for k, v in self.data.items()))
)
def u2f_complete():
data = cbor.decode(request.get_data())
client_data = ClientData.from_b64(data["clientData"])
reg_data = RegistrationData.from_b64(data["registrationData"])
print("clientData", client_data)
print("U2F RegistrationData:", reg_data)
att_obj = AttestationObject.from_ctap1(sha256(b"https://localhost:5000"), reg_data)
print("AttestationObject:", att_obj)
auth_data = att_obj.auth_data
credentials.append(auth_data.credential_data)
print("REGISTERED U2F CREDENTIAL:", auth_data.credential_data)
return cbor.encode({"status": "OK"})
def register_complete():
data = cbor.decode(request.get_data())
client_data = ClientData(data["clientDataJSON"])
att_obj = AttestationObject(data["attestationObject"])
print("clientData", client_data)
print("AttestationObject:", att_obj)
auth_data = server.register_complete(session["state"], client_data, att_obj)
credentials.append(auth_data.credential_data)
print("REGISTERED CREDENTIAL:", auth_data.credential_data)
return cbor.encode({"status": "OK"})
def __init__(self, _):
super(AttestationObject, self).__init__()
data = dict(
(AttestationObject.KEY.for_key(k), v)
for (k, v) in cbor.decode(self).items()
)
self.fmt = data[AttestationObject.KEY.FMT]
self.auth_data = AuthenticatorData(data[AttestationObject.KEY.AUTH_DATA])
data[AttestationObject.KEY.AUTH_DATA] = self.auth_data
self.att_statement = data[AttestationObject.KEY.ATT_STMT]
self.data = data
def register_complete():
data = cbor.decode(request.get_data())
client_data = ClientData(data["clientDataJSON"])
att_obj = AttestationObject(data["attestationObject"])
print("clientData", client_data)
print("AttestationObject:", att_obj)
auth_data = server.register_complete(session["state"], client_data, att_obj)
credentials.append(auth_data.credential_data)
print("REGISTERED CREDENTIAL:", auth_data.credential_data)
return cbor.encode({"status": "OK"})
try:
self.ctap1.authenticate(dummy_param, app_param, key_handle, True)
raise ClientError.ERR.OTHER_ERROR() # Shouldn't happen
except ApduError as e:
if e.code == APDU.USE_NOT_SATISFIED:
_call_polling(
self.ctap1_poll_delay,
event,
on_keepalive,
self.ctap1.register,
dummy_param,
dummy_param,
)
raise ClientError.ERR.DEVICE_INELIGIBLE()
return AttestationObject.from_ctap1(
app_param,
_call_polling(
self.ctap1_poll_delay,
event,
on_keepalive,
self.ctap1.register,
client_data.hash,
app_param,
),