def test_long_pin(self): ctap = mock.MagicMock() ctap.info.options = {"clientPin": True} prot = ClientPin(ctap, PinProtocolV1()) with self.assertRaises(ValueError): prot.set_pin("1" * 256)
class Fido2Controller(object): def __init__(self, ctap_device): self.ctap = CTAP2(ctap_device) self.pin = ClientPin(self.ctap) self._info = self.ctap.get_info() self._pin = self._info.options["clientPin"] @property def has_pin(self): return self._pin def get_resident_credentials(self, pin): _credman = CredentialManagement( self.ctap, self.pin.protocol, self.pin.get_pin_token(pin, ClientPin.PERMISSION.CREDENTIAL_MGMT), ) for rp in _credman.enumerate_rps(): for cred in _credman.enumerate_creds( rp[CredentialManagement.RESULT.RP_ID_HASH]): yield ResidentCredential(cred, rp) def delete_resident_credential(self, credential_id, pin): _credman = CredentialManagement( self.ctap, self.pin.protocol, self.pin.get_pin_token(pin, ClientPin.PERMISSION.CREDENTIAL_MGMT), ) for cred in self.get_resident_credentials(pin): if credential_id == cred.credential_id: _credman.delete_cred(credential_id) def get_pin_retries(self): return self.pin.get_pin_retries() def set_pin(self, pin): self.pin.set_pin(pin) self._pin = True def change_pin(self, old_pin, new_pin): self.pin.change_pin(old_pin, new_pin) def reset(self, touch_callback=None): if touch_callback: touch_timer = Timer(0.500, touch_callback) touch_timer.start() try: self.ctap.reset() self._pin = False finally: if touch_callback: touch_timer.cancel() @property def is_fips(self): return False
def fido_set_pin(self, new_pin): try: with self._open_device([FidoConnection]) as conn: ctap2 = Ctap2(conn) if len(new_pin) < ctap2.info.min_pin_length: return failure('too short') client_pin = ClientPin(ctap2) client_pin.set_pin(new_pin) return success() except CtapError as e: if e.code == CtapError.ERR.INVALID_LENGTH or \ e.code == CtapError.ERR.PIN_POLICY_VIOLATION: return failure('too long') raise
def test_set_pin(self): prot = ClientPin(mock.MagicMock(), PinProtocolV1()) prot._get_shared_secret = mock.Mock(return_value=({}, SHARED)) prot.set_pin("1234") prot.ctap.client_pin.assert_called_with( 1, 3, key_agreement={}, new_pin_enc=a2b_hex( "0222fc42c6dd76a274a7057858b9b29d98e8a722ec2dc6668476168c5320473cec9907b4cd76ce7943c96ba5683943211d84471e64d9c51e54763488cd66526a" # noqa E501 ), pin_uv_param=a2b_hex("7b40c084ccc5794194189ab57836475f"), )
def test_long_pin(self): prot = ClientPin(mock.MagicMock(), PinProtocolV1()) with self.assertRaises(ValueError): prot.set_pin("1" * 256)