def verify_signature(self, pubkey):
data = self.app_param + self.user_presence + self.counter + \
self.chal_param
digest = H(data)
pub_key = pub_key_from_der(pubkey)
if not pub_key.verify_dsa_asn1(digest, self.signature) == 1:
raise Exception('Challenge signature verification failed!')
def verify_signature(self, pubkey):
data = (self.app_param + self.user_presence + self.counter +
self.chal_param)
digest = sha_256(data)
pub_key = pub_key_from_der(pubkey)
verify_ecdsa_signature(digest, pub_key, self.signature)
def verify_signature(self, pubkey):
data = self.app_param + self.user_presence + self.counter + \
self.chal_param
digest = sha_256(data)
pub_key = pub_key_from_der(pubkey)
if not pub_key.verify_dsa_asn1(digest, self.signature) == 1:
raise Exception('Challenge signature verification failed!')
def webauthnuser(self):
d = json.loads(self.json_data)
# We manually need to convert the pubkey from DER format (used in our
# former U2F implementation) to the format required by webauthn. This
# is based on the following example:
# https://www.w3.org/TR/webauthn/#sctn-encoded-credPubKey-examples
pub_key = pub_key_from_der(
websafe_decode(d['publicKey'].replace('+', '-').replace('/', '_')))
pub_key = binascii.unhexlify(
'A5010203262001215820{:064x}225820{:064x}'.format(
pub_key.public_numbers().x,
pub_key.public_numbers().y))
return webauthn.WebAuthnUser(d['keyHandle'], self.user.email,
str(self.user),
settings.SITE_URL, d['keyHandle'],
websafe_encode(pub_key), 1,
urlparse(settings.SITE_URL).netloc)
def verify_signature(self, pubkey):
data = (self.app_param + self.user_presence + self.counter +
self.chal_param)
pub_key = pub_key_from_der(pubkey)
verify_ecdsa_signature(data, pub_key, self.signature)
