Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
while not event.is_set():
while (sw1, sw2) == SW_UPDATE:
ka_status = six.indexbytes(resp, 0)
if on_keepalive and last_ka != ka_status:
try:
ka_status = STATUS(ka_status)
except ValueError:
pass # Unknown status value
last_ka = ka_status
on_keepalive(ka_status)
# NFCCTAP_GETRESPONSE
resp, sw1, sw2 = self._chain_apdus(0x80, 0x11, 0x00, 0x00)
if (sw1, sw2) != SW_SUCCESS:
raise CtapError(CtapError.ERR.OTHER) # TODO: Map from SW error
return resp
raise CtapError(CtapError.ERR.KEEPALIVE_CANCEL)
while not event.is_set():
while (sw1, sw2) == SW_UPDATE:
ka_status = six.indexbytes(resp, 0)
if on_keepalive and last_ka != ka_status:
try:
ka_status = STATUS(ka_status)
except ValueError:
pass # Unknown status value
last_ka = ka_status
on_keepalive(ka_status)
# NFCCTAP_GETRESPONSE
resp, sw1, sw2 = self._chain_apdus(0x80, 0x11, 0x00, 0x00, b"")
if (sw1, sw2) != SW_SUCCESS:
raise CtapError(CtapError.ERR.OTHER) # TODO: Map from SW error
return resp
raise CtapError(CtapError.ERR.KEEPALIVE_CANCEL)
ka_status = resp[0]
if on_keepalive and last_ka != ka_status:
try:
ka_status = STATUS(ka_status)
except ValueError:
pass # Unknown status value
last_ka = ka_status
on_keepalive(ka_status)
continue
else:
raise CtapError(CtapError.ERR.INVALID_COMMAND)
# Cancel the request.
self._dev.InternalSend(TYPE_INIT | CTAPHID.CANCEL, bytearray())
self._dev.InternalRecv()
raise CtapError(CtapError.ERR.KEEPALIVE_CANCEL)
def enumerate_creds(self, *args, **kwargs):
"""Convenience method to enumerate all resident credentials for an RP.
See enumerate_creds_begin and enumerate_creds_next for details.
"""
try:
first = self.enumerate_creds_begin(*args, **kwargs)
except CtapError as e:
if e.code == CtapError.ERR.NO_CREDENTIALS:
return []
raise # Other error
rest = [
self.enumerate_creds_next()
for _ in range(
1, first.get(CredentialManagement.RESULT.TOTAL_CREDENTIALS, 1)
)
]
return [first] + rest
pin_auth = hmac_sha256(pin_token, client_data.hash)[:16]
elif self.info.options.get("clientPin") and not uv:
raise ClientError.ERR.BAD_REQUEST("PIN required but not provided")
if uv:
options = {"uv": True}
else:
options = None
if allow_list:
# Filter out credential IDs which are too long
max_len = self.info.max_cred_id_length
if max_len:
allow_list = [e for e in allow_list if len(e) <= max_len]
if not allow_list:
raise CtapError(CtapError.ERR.NO_CREDENTIALS)
# Reject the request if too many credentials remain.
max_creds = self.info.max_creds_in_list
if max_creds and len(allow_list) > max_creds:
raise ClientError.ERR.BAD_REQUEST("allow_list too long")
return self.ctap2.get_assertions(
rp_id,
client_data.hash,
allow_list if allow_list else None,
extensions,
options,
pin_auth,
pin_protocol,
event,
on_keepalive,
def _ctap2client_err(e):
if e.code in [CtapError.ERR.CREDENTIAL_EXCLUDED, CtapError.ERR.NO_CREDENTIALS]:
ce = ClientError.ERR.DEVICE_INELIGIBLE
elif e.code in [
CtapError.ERR.KEEPALIVE_CANCEL,
CtapError.ERR.ACTION_TIMEOUT,
CtapError.ERR.USER_ACTION_TIMEOUT,
]:
ce = ClientError.ERR.TIMEOUT
elif e.code in [
CtapError.ERR.UNSUPPORTED_ALGORITHM,
CtapError.ERR.UNSUPPORTED_OPTION,
CtapError.ERR.UNSUPPORTED_EXTENSION,
CtapError.ERR.KEY_STORE_FULL,
]:
ce = ClientError.ERR.CONFIGURATION_UNSUPPORTED
elif e.code in [
CtapError.ERR.INVALID_COMMAND,