def test_counter(self): config.init() config.wipe() for i in range(150): self.assertEqual(storage.next_u2f_counter(), i) storage.set_u2f_counter(350) for i in range(351, 500): self.assertEqual(storage.next_u2f_counter(), i) storage.set_u2f_counter(0) self.assertEqual(storage.next_u2f_counter(), 1) storage.set_u2f_counter(None) self.assertEqual(storage.next_u2f_counter(), 0)
def msg_authenticate_sign(challenge: bytes, app_id: bytes, privkey: bytes) -> bytes: flags = bytes([_AUTH_FLAG_TUP]) # get next counter ctr = storage.next_u2f_counter() ctrbuf = ustruct.pack(">L", ctr) # hash input data together with counter dig = hashlib.sha256() dig.update(app_id) # uint8_t appId[32]; dig.update(flags) # uint8_t flags; dig.update(ctrbuf) # uint8_t ctr[4]; dig.update(challenge) # uint8_t chal[32]; dig = dig.digest() # sign the digest and convert to der sig = nist256p1.sign(privkey, dig, False) sig = der.encode_seq((sig[1:33], sig[33:])) # pack to a response buf, resp = make_struct(resp_cmd_authenticate(len(sig))) resp.flags = flags[0] resp.ctr = ctr utils.memcpy(resp.sig, 0, sig, 0, len(sig)) resp.status = _SW_NO_ERROR return buf