Esempio n. 1
0
 def fido_change_pin(self, current_pin, new_pin):
     try:
         with self._open_device(TRANSPORT.FIDO) as dev:
             controller = Fido2Controller(dev.driver)
             controller.change_pin(old_pin=current_pin, new_pin=new_pin)
             return {'success': True, 'error': None}
     except CtapError as e:
         if e.code == CtapError.ERR.INVALID_LENGTH:
             return {
                 'success': False,
                 'error': 'Too long PIN, maximum size is 128 bytes.'
             }
         if e.code == CtapError.ERR.PIN_INVALID:
             return {'success': False, 'error': 'The current PIN is wrong.'}
         if e.code == CtapError.ERR.PIN_AUTH_BLOCKED:
             return {
                 'success':
                 False,
                 'error':
                 'PIN authentication is currently blocked. '
                 'Remove and re-insert the YubiKey.'
             }
         if e.code == CtapError.ERR.PIN_BLOCKED:
             return {'success': False, 'error': 'PIN is blocked.'}
         logger.error('Failed to set PIN', exc_info=e)
         return {'success': False, 'error': str(e)}
     except Exception as e:
         logger.error('Failed to set PIN', exc_info=e)
         return {'success': False, 'error': str(e)}
Esempio n. 2
0
 def fido_has_pin(self):
     try:
         with self._open_device(TRANSPORT.FIDO) as dev:
             dev = self._descriptor.open_device(TRANSPORT.FIDO)
             controller = Fido2Controller(dev.driver)
         return {'hasPin': controller.has_pin, 'error': None}
     except Exception as e:
         logger.error('Failed to read if PIN is set', exc_info=e)
         return {'hasPin': None, 'error': str(e)}
Esempio n. 3
0
 def fido_set_pin(self, new_pin):
     try:
         with self._open_device(TRANSPORT.FIDO) as dev:
             dev = self._descriptor.open_device(TRANSPORT.FIDO)
             controller = Fido2Controller(dev.driver)
             controller.set_pin(new_pin)
             return {'success': True, 'error': None}
     except CtapError as e:
         if e.code == CtapError.ERR.INVALID_LENGTH:
             return {'success': False, 'error': 'too long'}
         logger.error('Failed to set PIN', exc_info=e)
         return {'success': False, 'error': str(e)}
     except Exception as e:
         logger.error('Failed to set PIN', exc_info=e)
         return {'success': False, 'error': str(e)}
Esempio n. 4
0
 def fido_reset(self):
     try:
         with self._open_device(TRANSPORT.FIDO) as dev:
             controller = Fido2Controller(dev.driver)
             controller.reset()
             return {'success': True, 'error': None}
     except CtapError as e:
         if e.code == CtapError.ERR.NOT_ALLOWED:
             return {'success': False, 'error': 'not allowed'}
         if e.code == CtapError.ERR.ACTION_TIMEOUT:
             return {'success': False, 'error': 'touch timeout'}
         else:
             logger.error('Reset throwed an exception', exc_info=e)
             return {'success': False, 'error': str(e)}
     except Exception as e:
         logger.error('Reset throwed an exception', exc_info=e)
         return {'success': False, 'error': str(e)}
Esempio n. 5
0
 def fido_change_pin(self, current_pin, new_pin):
     try:
         with self._open_device(TRANSPORT.FIDO) as dev:
             controller = Fido2Controller(dev.driver)
             controller.change_pin(old_pin=current_pin, new_pin=new_pin)
             return {'success': True, 'error': None}
     except CtapError as e:
         if e.code == CtapError.ERR.INVALID_LENGTH:
             return {'success': False, 'error': 'too long'}
         if e.code == CtapError.ERR.PIN_INVALID:
             return {'success': False, 'error': 'wrong pin'}
         if e.code == CtapError.ERR.PIN_AUTH_BLOCKED:
             return {'success': False, 'error': 'currently blocked'}
         if e.code == CtapError.ERR.PIN_BLOCKED:
             return {'success': False, 'error': 'blocked.'}
         logger.error('Failed to set PIN', exc_info=e)
         return {'success': False, 'error': str(e)}
     except Exception as e:
         logger.error('Failed to set PIN', exc_info=e)
         return {'success': False, 'error': str(e)}
Esempio n. 6
0
 def fido_pin_retries(self):
     try:
         with self._open_device(TRANSPORT.FIDO) as dev:
             dev = self._descriptor.open_device(TRANSPORT.FIDO)
             controller = Fido2Controller(dev.driver)
             return {'retries': controller.get_pin_retries(), 'error': None}
     except CtapError as e:
         if e.code == CtapError.ERR.PIN_AUTH_BLOCKED:
             return {
                 'retries':
                 None,
                 'error':
                 'PIN authentication is currently blocked. '
                 'Remove and re-insert the YubiKey.'
             }
         if e.code == CtapError.ERR.PIN_BLOCKED:
             return {'retries': None, 'error': 'PIN is blocked.'}
     except Exception as e:
         logger.error('Failed to read PIN retries', exc_info=e)
         return {'retries': None, 'error': str(e)}
Esempio n. 7
0
 def __enter__(self):
     return Fido2Controller(self._dev.driver)