github
/
python-fido2
mirror of https://github.com/Yubico/python-fido2
1
Fork 0
Code Releases Activity

Update examples.

This commit is contained in:
Dain Nilsson 2022-04-21 09:57:36 +02:00
parent 90d0f63379
commit 7985a4966a
No known key found for this signature in database
GPG Key ID: F04367096FBA95E8
3 changed files with 7 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
examples/hmac_secret.py
View File

@ -33,7 +33,6 @@ derive two separate secrets.
from fido2.hid import CtapHidDevice
from fido2.client import Fido2Client, UserInteraction
from getpass import getpass
from binascii import b2a_hex
import sys
import os
@ -103,7 +102,7 @@ allow_list = [{"type": "public-key", "id": credential.credential_id}]
# Generate a salt for HmacSecret:
salt = os.urandom(32)
print("Authenticate with salt:", b2a_hex(salt))
print("Authenticate with salt:", salt.hex())
# Authenticate the credential
result = client.get_assertion(
@ -118,13 +117,13 @@ result = client.get_assertion(
) # Only one cred in allowList, only one response.
output1 = result.extension_results["hmacGetSecret"]["output1"]
print("Authenticated, secret:", b2a_hex(output1))
print("Authenticated, secret:", output1.hex())
# Authenticate again, using two salts to generate two secrets:
# Generate a second salt for HmacSecret:
salt2 = os.urandom(32)
print("Authenticate with second salt:", b2a_hex(salt2))
print("Authenticate with second salt:", salt2.hex())
# The first salt is reused, which should result in the same secret.
result = client.get_assertion(
@ -139,5 +138,5 @@ result = client.get_assertion(
) # One cred in allowCredentials, single response.
output = result.extension_results["hmacGetSecret"]
print("Old secret:", b2a_hex(output["output1"]))
print("New secret:", b2a_hex(output["output2"]))
print("Old secret:", output["output1"].hex())
print("New secret:", output["output2"].hex())

2
examples/resident_key.py
View File

@ -95,7 +95,7 @@ user = {"id": b"user_id", "name": "A. User"}
# Prepare parameters for makeCredential
create_options, state = server.register_begin(
user,
resident_key=True,
resident_key_requirement="required",
user_verification=uv,
authenticator_attachment="cross-platform",
)

3
examples/verify_attestation.py
View File

@ -39,7 +39,6 @@ from fido2.client import Fido2Client, WindowsClient, UserInteraction
from fido2.server import Fido2Server, AttestationVerifier
from base64 import b64decode
from getpass import getpass
from binascii import b2a_hex
import sys
import ctypes
@ -153,4 +152,4 @@ auth_data = server.register_complete(
credentials = [auth_data.credential_data]
print("New credential created, attestation verified!")
print("Yubico device AAGUID:", b2a_hex(auth_data.credential_data.aaguid))
print("Yubico device AAGUID:", auth_data.credential_data.aaguid.hex())