def get_transports(cert): """Parses transport extension from attestation cert. As the information is stored as a bitstring, which is a bit unwieldy to work with, we convert it into an integer where each bit represents a transport flag (as defined in the Transport IntEnum). """ try: ext = cert.extensions.get_extension_for_oid(TRANSPORTS_EXT_OID) der_bitstring = ext.value.value int_bytes = [byte2int(b) for b in der_bitstring[3:]] # Mask away unused bits (should already be 0, but make sure) unused_bits = byte2int(der_bitstring[2]) unused_bit_mask = 0xff for _ in range(unused_bits): unused_bit_mask <<= 1 int_bytes[-1] &= unused_bit_mask # Reverse the bitstring and convert to integer transports = 0 for byte in int_bytes: for _ in range(8): transports = (transports << 1) | (byte & 1) byte >>= 1 return transports except ExtensionNotFound: return 0
def __init__(self, app_param, chal_param, data): self.app_param = app_param self.chal_param = chal_param self.data = data if byte2int(data[0]) != 0x05: raise ValueError("Invalid data: %r" % (data,)) data = data[1:] self.pub_key = data[:self.PUBKEY_LEN] data = data[self.PUBKEY_LEN:] kh_len = byte2int(data[0]) data = data[1:] self.key_handle = data[:kh_len] data = data[kh_len:] self.certificate = self._fixsig(certificate_from_der(data)) self.signature = data[len(self.certificate.public_bytes(Encoding.DER)):]