arno/trezor-firmware
1
0
Fork 0
mirror of https://github.com/trezor/trezor-firmware.git synced 2025-01-29 16:51:30 +00:00
Code Issues Releases Wiki Activity

core/webauthn: Add algorithm and curve to WebAuthnListResidentCredentials response.

Browse Source
This commit is contained in:
Andrew Kozlik 2020-03-05 20:48:33 +01:00 committed by Andrew Kozlik
parent f610787f8d
commit 2f905a1157
5 changed files with 27 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
common/protob/messages-webauthn.proto
View File

@ -53,5 +53,7 @@ message WebAuthnCredentials {
optional uint32 creation_time = 8; optional uint32 creation_time = 8;
optional bool hmac_secret = 9; optional bool hmac_secret = 9;
optional bool use_sign_count = 10; optional bool use_sign_count = 10;
optional sint32 algorithm = 11;
optional sint32 curve = 12;
} }
} }

2
core/src/apps/webauthn/list_resident_credentials.py
View File

@ -33,6 +33,8 @@ async def list_resident_credentials(
creation_time=cred.creation_time, creation_time=cred.creation_time,
hmac_secret=cred.hmac_secret, hmac_secret=cred.hmac_secret,
use_sign_count=cred.use_sign_count, use_sign_count=cred.use_sign_count,
algorithm=cred.algorithm,
curve=cred.curve,
) )
for cred in resident_credentials.find_all() for cred in resident_credentials.find_all()
] ]

6
core/src/trezor/messages/WebAuthnCredential.py
View File

@ -24,6 +24,8 @@ class WebAuthnCredential(p.MessageType):
creation_time: int = None, creation_time: int = None,
hmac_secret: bool = None, hmac_secret: bool = None,
use_sign_count: bool = None, use_sign_count: bool = None,
algorithm: int = None,
curve: int = None,
) -> None: ) -> None:
self.index = index self.index = index
self.id = id self.id = id
@ -35,6 +37,8 @@ class WebAuthnCredential(p.MessageType):
self.creation_time = creation_time self.creation_time = creation_time
self.hmac_secret = hmac_secret self.hmac_secret = hmac_secret
self.use_sign_count = use_sign_count self.use_sign_count = use_sign_count
self.algorithm = algorithm
self.curve = curve
@classmethod @classmethod
def get_fields(cls) -> Dict: def get_fields(cls) -> Dict:
@ -49,4 +53,6 @@ class WebAuthnCredential(p.MessageType):
8: ('creation_time', p.UVarintType, 0), 8: ('creation_time', p.UVarintType, 0),
9: ('hmac_secret', p.BoolType, 0), 9: ('hmac_secret', p.BoolType, 0),
10: ('use_sign_count', p.BoolType, 0), 10: ('use_sign_count', p.BoolType, 0),
11: ('algorithm', p.SVarintType, 0),
12: ('curve', p.SVarintType, 0),
} }

11
python/src/trezorlib/cli/fido.py
View File

@ -18,6 +18,10 @@ import click
from .. import fido from .. import fido
ALGORITHM_NAME = {-7: "ES256 (ECDSA w/ SHA-256)", -8: "EdDSA"}
CURVE_NAME = {1: "P-256 (secp256r1)", 6: "Ed25519"}
@click.group(name="fido") @click.group(name="fido")
def cli(): def cli():
@ -33,6 +37,7 @@ def credentials():
@click.pass_obj @click.pass_obj
def credentials_list(connect): def credentials_list(connect):
"""List all resident credentials on the device.""" """List all resident credentials on the device."""
creds = fido.list_credentials(connect()) creds = fido.list_credentials(connect())
for cred in creds: for cred in creds:
click.echo("") click.echo("")
@ -53,6 +58,12 @@ def credentials_list(connect):
click.echo(" hmac-secret enabled: {}".format(cred.hmac_secret)) click.echo(" hmac-secret enabled: {}".format(cred.hmac_secret))
if cred.use_sign_count is not None: if cred.use_sign_count is not None:
click.echo(" Use signature counter: {}".format(cred.use_sign_count)) click.echo(" Use signature counter: {}".format(cred.use_sign_count))
if cred.algorithm is not None:
algorithm = ALGORITHM_NAME.get(cred.algorithm, cred.algorithm)
click.echo(" Algorithm: {}".format(algorithm))
if cred.curve is not None:
curve = CURVE_NAME.get(cred.curve, cred.curve)
click.echo(" Curve: {}".format(curve))
click.echo(" Credential ID: {}".format(cred.id.hex())) click.echo(" Credential ID: {}".format(cred.id.hex()))
if not creds: if not creds:

6
python/src/trezorlib/messages/WebAuthnCredential.py
View File

@ -24,6 +24,8 @@ class WebAuthnCredential(p.MessageType):
creation_time: int = None, creation_time: int = None,
hmac_secret: bool = None, hmac_secret: bool = None,
use_sign_count: bool = None, use_sign_count: bool = None,
algorithm: int = None,
curve: int = None,
) -> None: ) -> None:
self.index = index self.index = index
self.id = id self.id = id
@ -35,6 +37,8 @@ class WebAuthnCredential(p.MessageType):
self.creation_time = creation_time self.creation_time = creation_time
self.hmac_secret = hmac_secret self.hmac_secret = hmac_secret
self.use_sign_count = use_sign_count self.use_sign_count = use_sign_count
self.algorithm = algorithm
self.curve = curve
@classmethod @classmethod
def get_fields(cls) -> Dict: def get_fields(cls) -> Dict:
@ -49,4 +53,6 @@ class WebAuthnCredential(p.MessageType):
8: ('creation_time', p.UVarintType, 0), 8: ('creation_time', p.UVarintType, 0),
9: ('hmac_secret', p.BoolType, 0), 9: ('hmac_secret', p.BoolType, 0),
10: ('use_sign_count', p.BoolType, 0), 10: ('use_sign_count', p.BoolType, 0),
11: ('algorithm', p.SVarintType, 0),
12: ('curve', p.SVarintType, 0),
} }