Esempio n. 1
0
    def test_long_pin(self):
        ctap = mock.MagicMock()
        ctap.info.options = {"clientPin": True}
        prot = ClientPin(ctap, PinProtocolV1())

        with self.assertRaises(ValueError):
            prot.set_pin("1" * 256)
Esempio n. 2
0
class Fido2Controller(object):
    def __init__(self, ctap_device):
        self.ctap = CTAP2(ctap_device)
        self.pin = ClientPin(self.ctap)
        self._info = self.ctap.get_info()
        self._pin = self._info.options["clientPin"]

    @property
    def has_pin(self):
        return self._pin

    def get_resident_credentials(self, pin):
        _credman = CredentialManagement(
            self.ctap,
            self.pin.protocol,
            self.pin.get_pin_token(pin, ClientPin.PERMISSION.CREDENTIAL_MGMT),
        )

        for rp in _credman.enumerate_rps():
            for cred in _credman.enumerate_creds(
                    rp[CredentialManagement.RESULT.RP_ID_HASH]):
                yield ResidentCredential(cred, rp)

    def delete_resident_credential(self, credential_id, pin):
        _credman = CredentialManagement(
            self.ctap,
            self.pin.protocol,
            self.pin.get_pin_token(pin, ClientPin.PERMISSION.CREDENTIAL_MGMT),
        )

        for cred in self.get_resident_credentials(pin):
            if credential_id == cred.credential_id:
                _credman.delete_cred(credential_id)

    def get_pin_retries(self):
        return self.pin.get_pin_retries()

    def set_pin(self, pin):
        self.pin.set_pin(pin)
        self._pin = True

    def change_pin(self, old_pin, new_pin):
        self.pin.change_pin(old_pin, new_pin)

    def reset(self, touch_callback=None):
        if touch_callback:
            touch_timer = Timer(0.500, touch_callback)
            touch_timer.start()
        try:
            self.ctap.reset()
            self._pin = False
        finally:
            if touch_callback:
                touch_timer.cancel()

    @property
    def is_fips(self):
        return False
Esempio n. 3
0
 def fido_set_pin(self, new_pin):
     try:
         with self._open_device([FidoConnection]) as conn:
             ctap2 = Ctap2(conn)
             if len(new_pin) < ctap2.info.min_pin_length:
                 return failure('too short')
             client_pin = ClientPin(ctap2)
             client_pin.set_pin(new_pin)
             return success()
     except CtapError as e:
         if e.code == CtapError.ERR.INVALID_LENGTH or \
                 e.code == CtapError.ERR.PIN_POLICY_VIOLATION:
             return failure('too long')
         raise
Esempio n. 4
0
    def test_set_pin(self):
        prot = ClientPin(mock.MagicMock(), PinProtocolV1())
        prot._get_shared_secret = mock.Mock(return_value=({}, SHARED))

        prot.set_pin("1234")
        prot.ctap.client_pin.assert_called_with(
            1,
            3,
            key_agreement={},
            new_pin_enc=a2b_hex(
                "0222fc42c6dd76a274a7057858b9b29d98e8a722ec2dc6668476168c5320473cec9907b4cd76ce7943c96ba5683943211d84471e64d9c51e54763488cd66526a"  # noqa E501
            ),
            pin_uv_param=a2b_hex("7b40c084ccc5794194189ab57836475f"),
        )
Esempio n. 5
0
 def test_long_pin(self):
     prot = ClientPin(mock.MagicMock(), PinProtocolV1())
     with self.assertRaises(ValueError):
         prot.set_pin("1" * 256)