Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
# not trustworthy per step 16 above, the Relying Party SHOULD fail
# the registration ceremony.
#
# NOTE: However, if permitted by policy, the Relying Party MAY
# register the credential ID and credential public key but
# treat the credential as one with self attestation (see
# 6.3.3 Attestation Types). If doing so, the Relying Party
# is asserting there is no cryptographic proof that the
# public key credential has been generated by a particular
# authenticator model. See [FIDOSecRef] and [UAFProtocol]
# for a more detailed discussion.
sc = auth_data[33:37]
sign_count = struct.unpack('!I', sc)[0]
credential = WebAuthnCredential(
self.rp_id, self.origin, _webauthn_b64_encode(cred_id),
_webauthn_b64_encode(credential_public_key), sign_count)
return credential
except Exception as e:
raise RegistrationRejectedException(
'Registration rejected. Error: {}.'.format(e))