1
0
mirror of https://github.com/trezor/trezor-firmware.git synced 2024-12-22 22:38:08 +00:00

core/webauthn: rename storage.webauthn to storage.resident_credentials

This commit is contained in:
matejcik 2019-11-08 12:47:54 +01:00
parent f03562cca0
commit 18ab677124
4 changed files with 18 additions and 18 deletions

View File

@ -4,7 +4,7 @@ import utime
from micropython import const
import storage
import storage.webauthn
import storage.resident_credentials
from trezor import config, io, log, loop, ui, utils, workflow
from trezor.crypto import aes, der, hashlib, hmac, random
from trezor.crypto.curve import nist256p1
@ -864,7 +864,7 @@ class Fido2ConfirmReset(Fido2State):
return await confirm(text)
async def on_confirm(self) -> None:
storage.webauthn.delete_all_resident_credentials()
storage.resident_credentials.delete_all()
cmd = Cmd(self.cid, _CMD_CBOR, bytes([_ERR_NONE]))
await send_cmd(cmd, self.iface)

View File

@ -1,4 +1,4 @@
import storage.webauthn
import storage.resident_credentials
from trezor import wire
from trezor.messages.Success import Success
from trezor.messages.WebAuthnRemoveResidentCredential import (
@ -43,5 +43,5 @@ async def remove_resident_credential(
await require_confirm(ctx, content)
assert cred.index is not None
storage.webauthn.delete_resident_credential(cred.index)
storage.resident_credentials.delete(cred.index)
return Success(message="Credential removed")

View File

@ -1,7 +1,7 @@
from micropython import const
import storage.webauthn
from storage.webauthn import MAX_RESIDENT_CREDENTIALS
import storage.resident_credentials
from storage.resident_credentials import MAX_RESIDENT_CREDENTIALS
from apps.webauthn.credential import Fido2Credential
@ -22,14 +22,14 @@ def _credential_from_data(index: int, data: bytes) -> Fido2Credential:
def find_all() -> Iterator[Fido2Credential]:
for index in range(MAX_RESIDENT_CREDENTIALS):
data = storage.webauthn.get_resident_credential(index)
data = storage.resident_credentials.get(index)
if data is not None:
yield _credential_from_data(index, data)
def find_by_rp_id_hash(rp_id_hash: bytes) -> Iterator[Fido2Credential]:
for index in range(MAX_RESIDENT_CREDENTIALS):
data = storage.webauthn.get_resident_credential(index)
data = storage.resident_credentials.get(index)
if data is None:
# empty slot
@ -46,7 +46,7 @@ def get_resident_credential(index: int) -> Optional[Fido2Credential]:
if not (0 <= index < MAX_RESIDENT_CREDENTIALS):
return None
data = storage.webauthn.get_resident_credential(index)
data = storage.resident_credentials.get(index)
if data is None:
return None
@ -56,18 +56,18 @@ def get_resident_credential(index: int) -> Optional[Fido2Credential]:
def store_resident_credential(cred: Fido2Credential) -> bool:
slot = None
for index in range(MAX_RESIDENT_CREDENTIALS):
data = storage.webauthn.get_resident_credential(index)
if data is None:
stored_data = storage.resident_credentials.get(index)
if stored_data is None:
# found candidate empty slot
if slot is None:
slot = index
continue
if cred.rp_id_hash != data[:RP_ID_HASH_LENGTH]:
if cred.rp_id_hash != stored_data[:RP_ID_HASH_LENGTH]:
# slot is occupied by a different rp_id_hash
continue
stored_cred = _credential_from_data(index, data)
stored_cred = _credential_from_data(index, stored_data)
# If a credential for the same RP ID and user ID already exists, then overwrite it.
if stored_cred.user_id == cred.user_id:
slot = index
@ -77,5 +77,5 @@ def store_resident_credential(cred: Fido2Credential) -> bool:
return False
cred_data = cred.rp_id_hash + cred.id
storage.webauthn.set_resident_credential(slot, cred_data)
storage.resident_credentials.set(slot, cred_data)
return True

View File

@ -11,27 +11,27 @@ _RESIDENT_CREDENTIAL_START_KEY = const(1)
MAX_RESIDENT_CREDENTIALS = const(100)
def get_resident_credential(index: int) -> Optional[bytes]:
def get(index: int) -> Optional[bytes]:
if not (0 <= index < MAX_RESIDENT_CREDENTIALS):
raise ValueError # invalid credential index
return common.get(common.APP_WEBAUTHN, index + _RESIDENT_CREDENTIAL_START_KEY)
def set_resident_credential(index: int, data: bytes) -> None:
def set(index: int, data: bytes) -> None:
if not (0 <= index < MAX_RESIDENT_CREDENTIALS):
raise ValueError # invalid credential index
common.set(common.APP_WEBAUTHN, index + _RESIDENT_CREDENTIAL_START_KEY, data)
def delete_resident_credential(index: int) -> None:
def delete(index: int) -> None:
if not (0 <= index < MAX_RESIDENT_CREDENTIALS):
raise ValueError # invalid credential index
common.delete(common.APP_WEBAUTHN, index + _RESIDENT_CREDENTIAL_START_KEY)
def delete_all_resident_credentials() -> None:
def delete_all() -> None:
for i in range(MAX_RESIDENT_CREDENTIALS):
common.delete(common.APP_WEBAUTHN, i + _RESIDENT_CREDENTIAL_START_KEY)