mirror of
https://github.com/trezor/trezor-firmware.git
synced 2024-12-15 19:08:07 +00:00
core/webauthn: Validate U2F key handle length.
This commit is contained in:
parent
638a861137
commit
f54c968039
@ -276,6 +276,9 @@ class U2fCredential(Credential):
|
||||
def from_key_handle(
|
||||
key_handle: bytes, rp_id_hash: bytes
|
||||
) -> Optional["U2fCredential"]:
|
||||
if len(key_handle) != _KEY_HANDLE_LENGTH:
|
||||
return None
|
||||
|
||||
# check the keyHandle and generate the signing key
|
||||
node = U2fCredential._node_from_key_handle(rp_id_hash, key_handle, "<8L")
|
||||
if node is None:
|
||||
|
Loading…
Reference in New Issue
Block a user