arno/trezor-firmware
1
0
Fork 0
mirror of https://github.com/trezor/trezor-firmware.git synced 2024-11-15 20:19:23 +00:00
Code Issues Releases Wiki Activity

core/webauthn: Place a 500 ms timeout on CTAP HID continuation packets.

Browse Source
This commit is contained in:
Andrew Kozlik 2019-09-26 18:50:58 +02:00
parent 0495d18b1e
commit 500401d81f
1 changed files with 5 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
core/src/apps/webauthn/__init__.py
View File

@ -113,6 +113,7 @@ _KEEPALIVE_STATUS_UP_NEEDED = const(0x02) # waiting for user presence
# time intervals and timeouts
_KEEPALIVE_INTERVAL_MS = const(80) # interval between keepalive commands
_CTAP_HID_TIMEOUT_MS = const(500)
_U2F_CONFIRM_TIMEOUT_MS = const(10 * 1000)
_FIDO2_CONFIRM_TIMEOUT_MS = const(60 * 1000)
@ -396,7 +397,10 @@ async def read_cmd(iface: io.HID) -> Optional[Cmd]:
data = data[:bcnt]
while datalen < bcnt:
buf = await read
buf = await loop.race(read, loop.sleep(_CTAP_HID_TIMEOUT_MS * 1000))
if not isinstance(buf, (bytes, bytearray)):
await send_cmd(cmd_error(ifrm.cid, _ERR_MSG_TIMEOUT), iface)
return None
cfrm = overlay_struct(buf, desc_cont)