mirror of https://github.com/Yubico/python-fido2
Allow the hmac-secret extension to instantiate a ClientPin even if clientPin is not advertised in CTAP info.
This commit is contained in:
parent
54cee2216a
commit
36c4a5ed66
|
@ -124,7 +124,9 @@ class HmacSecretExtension(Ctap2Extension):
|
|||
):
|
||||
raise ValueError("Invalid salt length")
|
||||
|
||||
client_pin = ClientPin(self.ctap, self.pin_protocol)
|
||||
# HMAC-secret extension requires clientPin even when
|
||||
# clientPin is not advertised in CTAP info
|
||||
client_pin = ClientPin(self.ctap, self.pin_protocol, require_support=False)
|
||||
key_agreement, self.shared_secret = client_pin._get_shared_secret()
|
||||
if self.pin_protocol is None:
|
||||
self.pin_protocol = client_pin.protocol
|
||||
|
|
|
@ -253,8 +253,13 @@ class ClientPin:
|
|||
def is_supported(info):
|
||||
return "clientPin" in info.options
|
||||
|
||||
def __init__(self, ctap: Ctap2, protocol: Optional[PinProtocol] = None):
|
||||
if not self.is_supported(ctap.info):
|
||||
def __init__(
|
||||
self,
|
||||
ctap: Ctap2,
|
||||
protocol: Optional[PinProtocol] = None,
|
||||
require_support: Optional[bool] = True
|
||||
):
|
||||
if require_support and not self.is_supported(ctap.info):
|
||||
raise ValueError("Authenticator does not support ClientPin")
|
||||
|
||||
self.ctap = ctap
|
||||
|
|
Loading…
Reference in New Issue