def get_transports(cert):
"""Parses transport extension from attestation cert.
As the information is stored as a bitstring, which is a bit unwieldy to work
with, we convert it into an integer where each bit represents a transport
flag (as defined in the Transport IntEnum).
"""
try:
ext = cert.extensions.get_extension_for_oid(TRANSPORTS_EXT_OID)
der_bitstring = ext.value.value
int_bytes = [byte2int(b) for b in der_bitstring[3:]]
# Mask away unused bits (should already be 0, but make sure)
unused_bits = byte2int(der_bitstring[2])
unused_bit_mask = 0xff
for _ in range(unused_bits):
unused_bit_mask <<= 1
int_bytes[-1] &= unused_bit_mask
# Reverse the bitstring and convert to integer
transports = 0
for byte in int_bytes:
for _ in range(8):
transports = (transports << 1) | (byte & 1)
byte >>= 1
return transports
except ExtensionNotFound:
return 0
def get_transports(cert):
"""Parses transport extension from attestation cert.
As the information is stored as a bitstring, which is a bit unwieldy to work
with, we convert it into an integer where each bit represents a transport
flag (as defined in the Transport IntEnum).
"""
try:
ext = cert.extensions.get_extension_for_oid(TRANSPORTS_EXT_OID)
der_bitstring = ext.value.value
int_bytes = [byte2int(b) for b in der_bitstring[3:]]
# Mask away unused bits (should already be 0, but make sure)
unused_bits = byte2int(der_bitstring[2])
unused_bit_mask = 0xff
for _ in range(unused_bits):
unused_bit_mask <<= 1
int_bytes[-1] &= unused_bit_mask
# Reverse the bitstring and convert to integer
transports = 0
for byte in int_bytes:
for _ in range(8):
transports = (transports << 1) | (byte & 1)
byte >>= 1
return transports
except ExtensionNotFound:
return 0
def __init__(self, app_param, chal_param, data):
self.app_param = app_param
self.chal_param = chal_param
self.data = data
if byte2int(data[0]) != 0x05:
raise ValueError("Invalid data: %r" % (data,))
data = data[1:]
self.pub_key = data[:self.PUBKEY_LEN]
data = data[self.PUBKEY_LEN:]
kh_len = byte2int(data[0])
data = data[1:]
self.key_handle = data[:kh_len]
data = data[kh_len:]
self.certificate = self._fixsig(certificate_from_der(data))
self.signature = data[len(self.certificate.public_bytes(Encoding.DER)):]
def __init__(self, app_param, chal_param, data):
self.app_param = app_param
self.chal_param = chal_param
self.data = data
if byte2int(data[0]) != 0x05:
raise ValueError("Invalid data: %r" % (data,))
data = data[1:]
self.pub_key = data[:self.PUBKEY_LEN]
data = data[self.PUBKEY_LEN:]
kh_len = byte2int(data[0])
data = data[1:]
self.key_handle = data[:kh_len]
data = data[kh_len:]
self.certificate = self._fixsig(certificate_from_der(data))
self.signature = data[len(self.certificate.public_bytes(Encoding.DER)):]
