def sign(self, client_data): authenticator_data = AuthenticatorData.create( sha256(self.app_id), flags=AuthenticatorData.FLAG.USER_PRESENT, counter=0) signature = self.priv_key.sign(authenticator_data + client_data.hash, ec.ECDSA(hashes.SHA256())) return authenticator_data, signature
def _get_assertion_1(seed, rp_id_hash, descriptor, client_data_hash): credential_id = descriptor.id assert softkey_valid_credential_id(seed, credential_id) auth_data = AuthenticatorData.create( rp_id_hash=rp_id_hash, flags=AuthenticatorData.FLAG.USER_PRESENT, counter=0xdeadbeef, ) ed25519priv = softkey_derive_ed25519priv(seed, credential_id) signature = ed25519priv.sign(auth_data + client_data_hash) return AssertionResponse.create(descriptor, auth_data, signature)
def _make_authenticator_data( self, rp_id: str, attested_credential_data: Optional[AttestedCredentialData] ) -> AuthenticatorData: flags = (AuthenticatorData.FLAG.USER_PRESENT | AuthenticatorData.FLAG.USER_VERIFIED) if attested_credential_data: flags |= AuthenticatorData.FLAG.ATTESTED rp_id_hash = sha256(rp_id.encode('utf-8')).digest() sig_counter = self._get_timestamp_signature_counter() return AuthenticatorData.create(rp_id_hash, flags, sig_counter, attested_credential_data or b'')
def get_auth_webauthn(user: "******") -> Authenticator: return Authenticator.objects.create( type=3, # u2f user=user, config={ "devices": [ { "binding": { "publicKey": "aowekroawker", "keyHandle": "devicekeyhandle", "appId": "https://dev.getsentry.net:8000/auth/2fa/u2fappid.json", }, "name": "Amused Beetle", "ts": 1512505334, }, { "binding": { "publicKey": "publickey", "keyHandle": "aowerkoweraowerkkro", "appId": "https://dev.getsentry.net:8000/auth/2fa/u2fappid.json", }, "name": "Sentry", "ts": 1512505334, }, { "name": "Alert Escargot", "ts": 1512505334, "binding": AuthenticatorData.create( sha256(b"test"), 0x41, 1, create_credential_object({ "publicKey": "webauthn", "keyHandle": "webauthn", }), ), }, ] }, )