mirror of
https://github.com/trezor/trezor-firmware.git
synced 2024-12-22 22:38:08 +00:00
core/webauthn: rename storage.webauthn to storage.resident_credentials
This commit is contained in:
parent
f03562cca0
commit
18ab677124
@ -4,7 +4,7 @@ import utime
|
||||
from micropython import const
|
||||
|
||||
import storage
|
||||
import storage.webauthn
|
||||
import storage.resident_credentials
|
||||
from trezor import config, io, log, loop, ui, utils, workflow
|
||||
from trezor.crypto import aes, der, hashlib, hmac, random
|
||||
from trezor.crypto.curve import nist256p1
|
||||
@ -864,7 +864,7 @@ class Fido2ConfirmReset(Fido2State):
|
||||
return await confirm(text)
|
||||
|
||||
async def on_confirm(self) -> None:
|
||||
storage.webauthn.delete_all_resident_credentials()
|
||||
storage.resident_credentials.delete_all()
|
||||
cmd = Cmd(self.cid, _CMD_CBOR, bytes([_ERR_NONE]))
|
||||
await send_cmd(cmd, self.iface)
|
||||
|
||||
|
@ -1,4 +1,4 @@
|
||||
import storage.webauthn
|
||||
import storage.resident_credentials
|
||||
from trezor import wire
|
||||
from trezor.messages.Success import Success
|
||||
from trezor.messages.WebAuthnRemoveResidentCredential import (
|
||||
@ -43,5 +43,5 @@ async def remove_resident_credential(
|
||||
await require_confirm(ctx, content)
|
||||
|
||||
assert cred.index is not None
|
||||
storage.webauthn.delete_resident_credential(cred.index)
|
||||
storage.resident_credentials.delete(cred.index)
|
||||
return Success(message="Credential removed")
|
||||
|
@ -1,7 +1,7 @@
|
||||
from micropython import const
|
||||
|
||||
import storage.webauthn
|
||||
from storage.webauthn import MAX_RESIDENT_CREDENTIALS
|
||||
import storage.resident_credentials
|
||||
from storage.resident_credentials import MAX_RESIDENT_CREDENTIALS
|
||||
|
||||
from apps.webauthn.credential import Fido2Credential
|
||||
|
||||
@ -22,14 +22,14 @@ def _credential_from_data(index: int, data: bytes) -> Fido2Credential:
|
||||
|
||||
def find_all() -> Iterator[Fido2Credential]:
|
||||
for index in range(MAX_RESIDENT_CREDENTIALS):
|
||||
data = storage.webauthn.get_resident_credential(index)
|
||||
data = storage.resident_credentials.get(index)
|
||||
if data is not None:
|
||||
yield _credential_from_data(index, data)
|
||||
|
||||
|
||||
def find_by_rp_id_hash(rp_id_hash: bytes) -> Iterator[Fido2Credential]:
|
||||
for index in range(MAX_RESIDENT_CREDENTIALS):
|
||||
data = storage.webauthn.get_resident_credential(index)
|
||||
data = storage.resident_credentials.get(index)
|
||||
|
||||
if data is None:
|
||||
# empty slot
|
||||
@ -46,7 +46,7 @@ def get_resident_credential(index: int) -> Optional[Fido2Credential]:
|
||||
if not (0 <= index < MAX_RESIDENT_CREDENTIALS):
|
||||
return None
|
||||
|
||||
data = storage.webauthn.get_resident_credential(index)
|
||||
data = storage.resident_credentials.get(index)
|
||||
if data is None:
|
||||
return None
|
||||
|
||||
@ -56,18 +56,18 @@ def get_resident_credential(index: int) -> Optional[Fido2Credential]:
|
||||
def store_resident_credential(cred: Fido2Credential) -> bool:
|
||||
slot = None
|
||||
for index in range(MAX_RESIDENT_CREDENTIALS):
|
||||
data = storage.webauthn.get_resident_credential(index)
|
||||
if data is None:
|
||||
stored_data = storage.resident_credentials.get(index)
|
||||
if stored_data is None:
|
||||
# found candidate empty slot
|
||||
if slot is None:
|
||||
slot = index
|
||||
continue
|
||||
|
||||
if cred.rp_id_hash != data[:RP_ID_HASH_LENGTH]:
|
||||
if cred.rp_id_hash != stored_data[:RP_ID_HASH_LENGTH]:
|
||||
# slot is occupied by a different rp_id_hash
|
||||
continue
|
||||
|
||||
stored_cred = _credential_from_data(index, data)
|
||||
stored_cred = _credential_from_data(index, stored_data)
|
||||
# If a credential for the same RP ID and user ID already exists, then overwrite it.
|
||||
if stored_cred.user_id == cred.user_id:
|
||||
slot = index
|
||||
@ -77,5 +77,5 @@ def store_resident_credential(cred: Fido2Credential) -> bool:
|
||||
return False
|
||||
|
||||
cred_data = cred.rp_id_hash + cred.id
|
||||
storage.webauthn.set_resident_credential(slot, cred_data)
|
||||
storage.resident_credentials.set(slot, cred_data)
|
||||
return True
|
||||
|
@ -11,27 +11,27 @@ _RESIDENT_CREDENTIAL_START_KEY = const(1)
|
||||
MAX_RESIDENT_CREDENTIALS = const(100)
|
||||
|
||||
|
||||
def get_resident_credential(index: int) -> Optional[bytes]:
|
||||
def get(index: int) -> Optional[bytes]:
|
||||
if not (0 <= index < MAX_RESIDENT_CREDENTIALS):
|
||||
raise ValueError # invalid credential index
|
||||
|
||||
return common.get(common.APP_WEBAUTHN, index + _RESIDENT_CREDENTIAL_START_KEY)
|
||||
|
||||
|
||||
def set_resident_credential(index: int, data: bytes) -> None:
|
||||
def set(index: int, data: bytes) -> None:
|
||||
if not (0 <= index < MAX_RESIDENT_CREDENTIALS):
|
||||
raise ValueError # invalid credential index
|
||||
|
||||
common.set(common.APP_WEBAUTHN, index + _RESIDENT_CREDENTIAL_START_KEY, data)
|
||||
|
||||
|
||||
def delete_resident_credential(index: int) -> None:
|
||||
def delete(index: int) -> None:
|
||||
if not (0 <= index < MAX_RESIDENT_CREDENTIALS):
|
||||
raise ValueError # invalid credential index
|
||||
|
||||
common.delete(common.APP_WEBAUTHN, index + _RESIDENT_CREDENTIAL_START_KEY)
|
||||
|
||||
|
||||
def delete_all_resident_credentials() -> None:
|
||||
def delete_all() -> None:
|
||||
for i in range(MAX_RESIDENT_CREDENTIALS):
|
||||
common.delete(common.APP_WEBAUTHN, i + _RESIDENT_CREDENTIAL_START_KEY)
|
Loading…
Reference in New Issue
Block a user