From 32dec1836626397cc12a7234b7fb1795a6253d26 Mon Sep 17 00:00:00 2001 From: Andrew Kozlik Date: Fri, 10 Mar 2023 14:22:37 +0100 Subject: [PATCH] feat(core): Don't store blank names in FIDO2 credentials. --- core/src/apps/webauthn/credential.py | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/core/src/apps/webauthn/credential.py b/core/src/apps/webauthn/credential.py index 0b066bf6b..89b022ea6 100644 --- a/core/src/apps/webauthn/credential.py +++ b/core/src/apps/webauthn/credential.py @@ -240,16 +240,16 @@ class Fido2Credential(Credential): return cred def truncate_names(self) -> None: - if self.rp_name: - self.rp_name = utils.truncate_utf8(self.rp_name, _NAME_MAX_LENGTH) - - if self.user_name: - self.user_name = utils.truncate_utf8(self.user_name, _NAME_MAX_LENGTH) - - if self.user_display_name: - self.user_display_name = utils.truncate_utf8( - self.user_display_name, _NAME_MAX_LENGTH - ) + for name in ("rp_name", "user_name", "user_display_name"): + value = getattr(self, name) + if value: + if value.isspace(): + # Don't store blank names. + value = None + else: + # If the name is stored then the WebAuthn spec allows truncation. + value = utils.truncate_utf8(value, _NAME_MAX_LENGTH) + setattr(self, name, value) def check_required_fields(self) -> bool: return (