async def add_resident_credential(
ctx: wire.Context, msg: WebAuthnAddResidentCredential
) -> Success:
if not msg.credential_id:
raise wire.ProcessError("Missing credential ID parameter.")
try:
cred = Fido2Credential.from_cred_id(bytes(msg.credential_id), None)
except Exception:
text = Text("Import credential", ui.ICON_WRONG, ui.RED)
text.normal(
"The credential you are",
"trying to import does",
"not belong to this",
"authenticator.",
)
await require_confirm(ctx, text, confirm=None, cancel="Close")
raise wire.ActionCancelled("Cancelled") from None
content = ConfirmContent(ConfirmAddCredential(cred))
await require_confirm(ctx, content)
if store_resident_credential(cred):
return Success(message="Credential added")
else:
raise wire.ProcessError("Internal credential storage is full.")
async def remove_resident_credential(
ctx: wire.Context, msg: WebAuthnRemoveResidentCredential
) -> Success:
if msg.index is None:
raise wire.ProcessError("Missing credential index parameter.")
cred = get_resident_credential(msg.index)
if cred is None:
raise wire.ProcessError("Invalid credential index.")
content = ConfirmContent(ConfirmRemoveCredential(cred))
await require_confirm(ctx, content)
erase_resident_credential(msg.index)
return Success(message="Credential removed")
async def remove_resident_credential(
ctx: wire.Context, msg: WebAuthnRemoveResidentCredential) -> Success:
if not storage.device.is_initialized():
raise wire.NotInitialized("Device is not initialized")
if msg.index is None:
raise wire.ProcessError("Missing credential index parameter.")
cred = get_resident_credential(msg.index)
if cred is None:
raise wire.ProcessError("Invalid credential index.")
content = ConfirmContent(ConfirmRemoveCredential(cred))
await require_confirm(ctx, content)
assert cred.index is not None
storage.resident_credentials.delete(cred.index)
return Success(message="Credential removed")