How to use the fido2.utils.bytes2int function in fido2

To help you get started, we’ve selected a few fido2 examples, based on popular ways it is used in public projects.

Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.

github Yubico / python-fido2 / test / utils.py View on Github external
def __init__(self, credential_id, app_id):
        assert isinstance(credential_id, six.binary_type)
        assert isinstance(app_id, six.binary_type)
        # Note: do not use in production, no garantees is provided this is
        # cryptographically safe to use.
        priv_key_params = ConcatKDFHash(
            algorithm=hashes.SHA256(),
            length=32,
            otherinfo=credential_id + app_id,
            backend=default_backend(),
        ).derive(self._priv_key_bytes)
        self.app_id = app_id

        self.priv_key = ec.derive_private_key(
            bytes2int(priv_key_params), ec.SECP256R1(), default_backend()
        )
        self.pub_key = self.priv_key.public_key()
        self.public_key_bytes = self.pub_key.public_bytes(
            serialization.Encoding.X962, serialization.PublicFormat.UncompressedPoint
        )

        self.credential_id = self.key_handle = credential_id
github Yubico / python-fido2 / fido2 / cose.py View on Github external
def verify(self, message, signature):
        if self[-1] != 1:
            raise ValueError("Unsupported elliptic curve")
        ec.EllipticCurvePublicNumbers(
            bytes2int(self[-2]), bytes2int(self[-3]), ec.SECP256R1()
        ).public_key(default_backend()).verify(
            signature, message, ec.ECDSA(self._HASH_ALG)
        )
github Yubico / python-fido2 / fido2 / _tpm.py View on Github external
def public_key(self):
        if self.sign_alg == TpmAlgAsym.RSA:
            exponent = self.parameters.exponent
            modulus = bytes2int(self.unique)
            return rsa.RSAPublicNumbers(exponent, modulus).public_key(default_backend())
        elif self.sign_alg == TpmAlgAsym.ECC:
            return ec.EllipticCurvePublicNumbers(
                bytes2int(self.unique.x),
                bytes2int(self.unique.y),
                self.parameters.to_curve(),
            ).public_key(default_backend())

        raise NotImplementedError(
            "public_key not implemented for {0!r}".format(self.sign_alg)
        )
github Yubico / python-fido2 / fido2 / ctap2.py View on Github external
sk = ec.generate_private_key(ec.SECP256R1(), be)
        pn = sk.public_key().public_numbers()
        key_agreement = {
            1: 2,
            3: -25,  # Per the spec, "although this is NOT the algorithm actually used"
            -1: 1,
            -2: int2bytes(pn.x, 32),
            -3: int2bytes(pn.y, 32),
        }

        resp = self.ctap.client_pin(
            PinProtocolV1.VERSION, PinProtocolV1.CMD.GET_KEY_AGREEMENT
        )
        pk = resp[PinProtocolV1.RESULT.KEY_AGREEMENT]
        x = bytes2int(pk[-2])
        y = bytes2int(pk[-3])
        pk = ec.EllipticCurvePublicNumbers(x, y, ec.SECP256R1()).public_key(be)
        shared_secret = sha256(sk.exchange(ec.ECDH(), pk))  # x-coordinate, 32b
        return key_agreement, shared_secret
github Yubico / python-fido2 / fido2 / ctap1.py View on Github external
def __init__(self, _):
        super(RegistrationData, self).__init__()

        if six.indexbytes(self, 0) != 0x05:
            raise ValueError("Reserved byte != 0x05")

        self.public_key = self[1:66]
        kh_len = six.indexbytes(self, 66)
        self.key_handle = self[67 : 67 + kh_len]

        cert_offs = 67 + kh_len
        cert_len = six.indexbytes(self, cert_offs + 1)
        if cert_len > 0x80:
            n_bytes = cert_len - 0x80
            cert_len = (
                bytes2int(self[cert_offs + 2 : cert_offs + 2 + n_bytes]) + n_bytes
            )
        cert_len += 2
        self.certificate = self[cert_offs : cert_offs + cert_len]
        self.signature = self[cert_offs + cert_len :]
github Yubico / python-fido2 / fido2 / cose.py View on Github external
def verify(self, message, signature):
        rsa.RSAPublicNumbers(bytes2int(self[-2]), bytes2int(self[-1])).public_key(
            default_backend()
        ).verify(signature, message, padding.PKCS1v15(), self._HASH_ALG)
github Yubico / python-fido2 / fido2 / _tpm.py View on Github external
def public_key(self):
        if self.sign_alg == TpmAlgAsym.RSA:
            exponent = self.parameters.exponent
            modulus = bytes2int(self.unique)
            return rsa.RSAPublicNumbers(exponent, modulus).public_key(default_backend())
        elif self.sign_alg == TpmAlgAsym.ECC:
            return ec.EllipticCurvePublicNumbers(
                bytes2int(self.unique.x),
                bytes2int(self.unique.y),
                self.parameters.to_curve(),
            ).public_key(default_backend())

        raise NotImplementedError(
            "public_key not implemented for {0!r}".format(self.sign_alg)
        )