def authenticate(device, data, facet, check_only=False): """ Signs an authentication challenge data = { 'version': "U2F_V2", 'challenge': websafe_encode(self.challenge), 'appId': self.binding.app_id, 'keyHandle': websafe_encode(self.binding.key_handle) } """ if isinstance(data, basestring): data = json.loads(data) if data['version'] != VERSION: raise ValueError('Unsupported U2F version: %s' % data['version']) app_id = data.get('appId', facet) verify_facet(app_id, facet) app_param = H(app_id) key_handle = websafe_decode(data['keyHandle']) # Client data client_data = { 'typ': 'navigator.id.getAssertion', 'challenge': data['challenge'], 'origin': facet } client_data = json.dumps(client_data) client_param = H(client_data) request = client_param + app_param + chr( len(key_handle)) + key_handle p1 = 0x07 if check_only else 0x03 p2 = 0 response = device.send_apdu(INS_SIGN, p1, p2, request) return { 'clientData': websafe_encode(client_data), 'signatureData': websafe_encode(response), 'keyHandle': data['keyHandle'] }
def authenticate(device, data, facet, check_only=False): """ Signs an authentication challenge data = { 'version': "U2F_V2", 'challenge': websafe_encode(self.challenge), 'appId': self.binding.app_id, 'keyHandle': websafe_encode(self.binding.key_handle) } """ if isinstance(data, basestring): data = json.loads(data) if data['version'] != VERSION: raise ValueError('Unsupported U2F version: %s' % data['version']) app_id = data.get('appId', facet) verify_facet(app_id, facet) app_param = H(app_id) key_handle = websafe_decode(data['keyHandle']) # Client data client_data = { 'typ': 'navigator.id.getAssertion', 'challenge': data['challenge'], 'origin': facet } client_data = json.dumps(client_data) client_param = H(client_data) request = client_param + app_param + chr(len(key_handle)) + key_handle p1 = 0x07 if check_only else 0x03 p2 = 0 response = device.send_apdu(INS_SIGN, p1, p2, request) return { 'clientData': websafe_encode(client_data), 'signatureData': websafe_encode(response), 'keyHandle': data['keyHandle'] }
def register(device, data, facet): """ Register a U2F device data = { "version": "U2F_V2", "challenge": string, //b64 encoded challenge "appId": string, //app_id } """ if isinstance(data, basestring): data = json.loads(data) if data['version'] != VERSION: raise ValueError('Unsupported U2F version: %s' % data['version']) app_id = data.get('appId', facet) verify_facet(app_id, facet) app_param = H(app_id) client_data = { 'typ': 'navigator.id.finishEnrollment', 'challenge': data['challenge'], 'origin': facet } client_data = json.dumps(client_data) client_param = H(client_data) request = client_param + app_param p1 = 0x03 p2 = 0 response = device.send_apdu(INS_ENROLL, p1, p2, request) return { 'registrationData': websafe_encode(response), 'clientData': websafe_encode(client_data) }