github
/
python-fido2
mirror of https://github.com/Yubico/python-fido2
1
Fork 0
Code Releases Activity

Move CtapError to ctap.py

This commit is contained in:
Dain Nilsson 2018-03-21 10:40:41 +01:00
parent 413f527921
commit ab1aebdc95
No known key found for this signature in database
GPG Key ID: F04367096FBA95E8
5 changed files with 88 additions and 70 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
fido_host/client.py
View File

@ -27,7 +27,7 @@
from __future__ import absolute_import, unicode_literals
from .hid import CtapError
from .ctap import CtapError
from .u2f import CTAP1, APDU, ApduError
from .fido2 import (CTAP2, PinProtocolV1, AttestedCredentialData,
AuthenticatorData, AttestationObject, AssertionResponse)

68
fido_host/ctap.py
View File

@ -25,6 +25,9 @@
# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
# POSSIBILITY OF SUCH DAMAGE.
from __future__ import absolute_import
from enum import IntEnum, unique
import abc
import six
@ -59,3 +62,68 @@ class CtapDevice(abc.ABC):
Generates instances of cls for discoverable devices.
"""
pass
class CtapError(Exception):
@unique
class ERR(IntEnum):
SUCCESS = 0x00
INVALID_COMMAND = 0x01
INVALID_PARAMETER = 0x02
INVALID_LENGTH = 0x03
INVALID_SEQ = 0x04
TIMEOUT = 0x05
CHANNEL_BUSY = 0x06
LOCK_REQUIRED = 0x0A
INVALID_CHANNEL = 0x0B
CBOR_UNEXPECTED_TYPE = 0x11
INVALID_CBOR = 0x12
MISSING_PARAMETER = 0x14
LIMIT_EXCEEDED = 0x15
UNSUPPORTED_EXTENSION = 0x16
CREDENTIAL_EXCLUDED = 0x19
PROCESSING = 0x21
INVALID_CREDENTIAL = 0x22
USER_ACTION_PENDING = 0x23
OPERATION_PENDING = 0x24
NO_OPERATIONS = 0x25
UNSUPPORTED_ALGORITHM = 0x26
OPERATION_DENIED = 0x27
KEY_STORE_FULL = 0x28
NOT_BUSY = 0x29
NO_OPERATION_PENDING = 0x2A
UNSUPPORTED_OPTION = 0x2B
INVALID_OPTION = 0x2C
KEEPALIVE_CANCEL = 0x2D
NO_CREDENTIALS = 0x2E
USER_ACTION_TIMEOUT = 0x2F
NOT_ALLOWED = 0x30
PIN_INVALID = 0x31
PIN_BLOCKED = 0x32
PIN_AUTH_INVALID = 0x33
PIN_AUTH_BLOCKED = 0x34
PIN_NOT_SET = 0x35
PIN_REQUIRED = 0x36
PIN_POLICY_VIOLATION = 0x37
PIN_TOKEN_EXPIRED = 0x38
REQUEST_TOO_LARGE = 0x39
ACTION_TIMEOUT = 0x3A
UP_REQUIRED = 0x3B
OTHER = 0x7F
SPEC_LAST = 0xDF
EXTENSION_FIRST = 0xE0
EXTENSION_LAST = 0xEF
VENDOR_FIRST = 0xF0
VENDOR_LAST = 0xFF
def __str__(self):
return '0x%02X - %s' % (self.value, self.name)
def __init__(self, code):
try:
code = CtapError.ERR(code)
message = 'CTAP error: %s' % code
except ValueError:
message = 'CTAP error: 0x%02X' % code
self.code = code
super(CtapError, self).__init__(message)

3
fido_host/fido2.py
View File

@ -28,7 +28,8 @@
from __future__ import absolute_import, unicode_literals
from . import cbor
from .hid import CTAPHID, CAPABILITY, CtapError
from .ctap import CtapError
from .hid import CTAPHID, CAPABILITY
from .utils import Timeout, sha256, hmac_sha256
from cryptography.hazmat.backends import default_backend

67
fido_host/hid.py
View File

@ -1,7 +1,7 @@
from __future__ import absolute_import
from .ctap import CtapDevice
from .ctap import CtapDevice, CtapError
from .pyu2f import hidtransport
from enum import IntEnum, unique
@ -39,71 +39,6 @@ class CAPABILITY(IntEnum):
TYPE_INIT = 0x80
class CtapError(Exception):
@unique
class ERR(IntEnum):
SUCCESS = 0x00
INVALID_COMMAND = 0x01
INVALID_PARAMETER = 0x02
INVALID_LENGTH = 0x03
INVALID_SEQ = 0x04
TIMEOUT = 0x05
CHANNEL_BUSY = 0x06
LOCK_REQUIRED = 0x0A
INVALID_CHANNEL = 0x0B
CBOR_UNEXPECTED_TYPE = 0x11
INVALID_CBOR = 0x12
MISSING_PARAMETER = 0x14
LIMIT_EXCEEDED = 0x15
UNSUPPORTED_EXTENSION = 0x16
CREDENTIAL_EXCLUDED = 0x19
PROCESSING = 0x21
INVALID_CREDENTIAL = 0x22
USER_ACTION_PENDING = 0x23
OPERATION_PENDING = 0x24
NO_OPERATIONS = 0x25
UNSUPPORTED_ALGORITHM = 0x26
OPERATION_DENIED = 0x27
KEY_STORE_FULL = 0x28
NOT_BUSY = 0x29
NO_OPERATION_PENDING = 0x2A
UNSUPPORTED_OPTION = 0x2B
INVALID_OPTION = 0x2C
KEEPALIVE_CANCEL = 0x2D
NO_CREDENTIALS = 0x2E
USER_ACTION_TIMEOUT = 0x2F
NOT_ALLOWED = 0x30
PIN_INVALID = 0x31
PIN_BLOCKED = 0x32
PIN_AUTH_INVALID = 0x33
PIN_AUTH_BLOCKED = 0x34
PIN_NOT_SET = 0x35
PIN_REQUIRED = 0x36
PIN_POLICY_VIOLATION = 0x37
PIN_TOKEN_EXPIRED = 0x38
REQUEST_TOO_LARGE = 0x39
ACTION_TIMEOUT = 0x3A
UP_REQUIRED = 0x3B
OTHER = 0x7F
SPEC_LAST = 0xDF
EXTENSION_FIRST = 0xE0
EXTENSION_LAST = 0xEF
VENDOR_FIRST = 0xF0
VENDOR_LAST = 0xFF
def __str__(self):
return '0x%02X - %s' % (self.value, self.name)
def __init__(self, code):
try:
code = CtapError.ERR(code)
message = 'CTAP error: %s' % code
except ValueError:
message = 'CTAP error: 0x%02X' % code
self.code = code
super(CtapError, self).__init__(message)
class _SingleEvent(object):
def __init__(self):
self.flag = False

18
test/test_client.py
View File

@ -34,8 +34,9 @@ import unittest
from threading import Event
from binascii import a2b_hex
from fido_host.utils import sha256, websafe_decode
from fido_host.ctap import CtapError
from fido_host.u2f import ApduError, APDU, RegistrationData, SignatureData
from fido_host.client import ClientData, U2fClient, ClientError
from fido_host.client import ClientData, U2fClient, ClientError, Fido2Client
class TestClientData(unittest.TestCase):
@ -301,5 +302,18 @@ class TestU2fClient(unittest.TestCase):
SIG_DATA)
RP_ID = 'foo.example.com'
class TestFido2Client(unittest.TestCase):
pass
def test_register_wrong_app_id(self):
client = Fido2Client(None, APP_ID)
try:
client.register(
'https://bar.example.com',
[{'version': 'U2F_V2', 'challenge': 'foobar'}],
[],
timeout=1)
self.fail('register did not raise error')
except CtapError as e:
self.assertEqual(e.code, CtapError.ERR.NOT_ALLOWED)