Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
# NOTE: In Python 3, `auth_data_rp_id_hash` will be bytes,
# which is expected in `_verify_rp_id_hash()`.
if not _verify_rp_id_hash(auth_data_rp_id_hash, self.rp_id):
raise RegistrationRejectedException(
'Unable to verify RP ID hash.')
# Step 10.
#
# Verify that the User Present bit of the flags in authData
# is set.
# Authenticator data flags.
# https://www.w3.org/TR/webauthn/#authenticator-data
flags = struct.unpack('!B', auth_data[32:33])[0]
if (flags & const.USER_PRESENT) != 0x01:
raise RegistrationRejectedException(
'Malformed request received.')
# Step 11.
#
# If user verification is required for this registration, verify
# that the User Verified bit of the flags in authData is set.
if (self.uv_required and (flags & const.USER_VERIFIED) != 0x04):
raise RegistrationRejectedException(
'Malformed request received.')
# Step 12.
#
# Verify that the values of the client extension outputs in
# clientExtensionResults and the authenticator extension outputs
# in the extensions in authData are as expected, considering the