Mercurial Repositories > eric / annotate

src/eric7/WebBrowser/WebAuth/Fido2Management.py@30c45bd597e6 (annotated)

src/eric7/WebBrowser/WebAuth/Fido2Management.py

Fri, 19 Jul 2024 18:06:48 +0200

author
Detlev Offenbach <detlev@die-offenbachs.de>
date
Fri, 19 Jul 2024 18:06:48 +0200
branch
eric7
changeset 10854
30c45bd597e6
child 10856
b19cefceca15
permissions
-rw-r--r--

Started implementing a dialog to manage FIDO2 security keys.

10854
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
1 # -*- coding: utf-8 -*-
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
2 # Copyright (c) 2024 Detlev Offenbach <detlev@die-offenbachs.de>
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
3 #
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
4
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
5 """
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
6 Module implementing a manager for FIDO2 security keys.
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
7 """
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
8
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
9 from fido2.ctap import CtapError
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
10 from fido2.ctap2 import ClientPin, CredentialManagement, Ctap2
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
11 from fido2.hid import CtapHidDevice
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
12 from fido2.webauthn import PublicKeyCredentialUserEntity
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
13 from PyQt6.QtCore import QObject, pyqtSignal
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
14
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
15
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
16 class Fido2PinError(Exception):
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
17 """
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
18 Class signaling an issue with the PIN.
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
19 """
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
20
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
21 pass
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
22
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
23
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
24 class Fido2DeviceError(Exception):
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
25 """
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
26 Class signaling an issue with the device.
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
27 """
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
28
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
29 pass
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
30
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
31
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
32 class Fido2Management(QObject):
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
33 """
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
34 Class implementing a manager for FIDO2 security keys.
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
35
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
36 @signal deviceConnected() emitted to indicate a connect to the security key
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
37 @signal deviceDisconnected() emitted to indicate a disconnect from the security key
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
38 """
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
39
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
40 deviceConnected = pyqtSignal()
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
41 deviceDisconnected = pyqtSignal()
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
42
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
43 def __init__(self, parent=None):
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
44 """
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
45 Constructor
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
46
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
47 @param parent reference to the parent object (defaults to None)
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
48 @type QObject (optional)
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
49 """
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
50 super().__init__(parent)
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
51
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
52 self.disconnectFromDevice()
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
53
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
54 def connectToDevice(self, device):
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
55 """
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
56 Public method to connect to a given security key.
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
57
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
58 @param device reference to the security key device class
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
59 @type CtapHidDevice
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
60 """
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
61 if self.__ctap2 is not None:
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
62 self.disconnectFromDevice()
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
63
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
64 self.__ctap2 = Ctap2(device)
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
65 self.__clientPin = ClientPin(self.__ctap2)
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
66 self.__pin = None
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
67
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
68 self.deviceConnected.emit()
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
69
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
70 def disconnectFromDevice(self):
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
71 """
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
72 Public method to disconnect from the current device.
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
73 """
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
74 self.__ctap2 = None
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
75 self.__clientPin = None
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
76 self.__pin = None
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
77
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
78 self.deviceDisconnected.emit()
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
79
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
80 def unlockDevice(self, pin):
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
81 """
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
82 Public method to unlock the device (i.e. store the PIN for later use).
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
83
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
84 @param pin PIN to be stored
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
85 @type str
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
86 """
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
87 self.__pin = pin
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
88
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
89 def lockDevice(self):
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
90 """
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
91 Public method to lock the device (i.e. delete the stored PIN).
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
92 """
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
93 self.__pin = None
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
94
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
95 def isDeviceLocked(self):
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
96 """
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
97 Public method to check, if the device is in locked state (i.e. the stored PIN
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
98 is None).
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
99
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
100 @return flag indicating the locked state
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
101 @rtype bool
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
102 """
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
103 return self.__pin is None
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
104
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
105 def getDevices(self):
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
106 """
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
107 Public method to get a list of connected security keys.
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
108
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
109 @return list of connected security keys
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
110 @rtype list of CtapHidDevice
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
111 """
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
112 return list(CtapHidDevice.list_devices())
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
113
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
114 def getKeyInfo(self):
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
115 """
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
116 Public method to get information about the connected security key.
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
117
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
118 @return dictionary containing the info data
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
119 @rtype dict[str, Any]
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
120 """
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
121 # TODO: not implemented yet
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
122 return {}
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
123
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
124 def resetDevice(self):
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
125 """
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
126 Public method to reset the connected security key.
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
127 """
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
128 # TODO: not implemented yet
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
129 pass
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
130
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
131 ############################################################################
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
132 ## methods related to PIN handling
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
133 ############################################################################
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
134
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
135 def getMinimumPinLength(self):
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
136 """
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
137 Public method to get the minimum PIN length defined by the security key.
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
138
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
139 @return minimum length for the PIN
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
140 @rtype int
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
141 """
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
142 if self.__ctap2 is None:
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
143 return None
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
144 else:
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
145 return self.__ctap2.info.min_pin_length
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
146
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
147 def hasPin(self):
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
148 """
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
149 Public method to check, if the connected security key has a PIN set.
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
150
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
151 @return flag indicating that a PIN has been set or None in case no device
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
152 was connected yet or it does not support PIN
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
153 @rtype bool or None
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
154 """
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
155 if self.__ctap2 is None:
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
156 return None
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
157
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
158 return self.__ctap2.info.options.get("clientPin")
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
159
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
160 def forcedPinChange(self):
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
161 """
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
162 Public method to check for a forced PIN change.
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
163
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
164 @return flag indicating a forced PIN change is required
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
165 @rtype bool
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
166 """
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
167 if self.__ctap2 is None:
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
168 return False
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
169
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
170 return self.__ctap2.info.force_pin_change
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
171
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
172 def getPinRetries(self):
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
173 """
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
174 Public method to get the number of PIN retries left and an indication for the
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
175 need of a power cycle.
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
176
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
177 @return tuple containing the number of retries left and a flag indicating a
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
178 power cycle is required
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
179 @rtype tuple of (int, bool)
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
180 """
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
181 if self.__ctap2 is None or self.__clientPin is None:
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
182 return (None, None)
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
183
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
184 return self.__clientPin.get_pin_retries()
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
185
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
186 def changePin(self, pin, newPin):
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
187 """
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
188 Public method to change the PIN of the connected security key.
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
189
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
190 @param pin current PIN
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
191 @type str
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
192 @param newPin new PIN
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
193 @type str
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
194 """
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
195 # TODO: not implemented yet
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
196 pass
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
197
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
198 def setPin(self, pin):
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
199 """
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
200 Public method to set a PIN for the connected security key.
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
201
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
202 @param pin PIN to be set
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
203 @type str
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
204 """
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
205 # TODO: not implemented yet
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
206 pass
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
207
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
208 def verifyPin(self, pin):
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
209 """
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
210 Public method to verify a given PIN.
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
211
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
212 A successful verification of the PIN will reset the "retries" counter.
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
213
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
214 @param pin PIN to be verified
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
215 @type str
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
216 @return flag indicating successful verification and a verification message
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
217 @rtype tuple of (bool, str)
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
218 """
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
219 if self.__ctap2 is None or self.__clientPin is None:
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
220 return False
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
221
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
222 try:
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
223 self.__clientPin.get_pin_token(
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
224 pin, ClientPin.PERMISSION.GET_ASSERTION, "eric-ide.python-projects.org"
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
225 )
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
226 return True, self.tr("PIN verified")
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
227 except CtapError as err:
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
228 return (
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
229 False,
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
230 self.tr("<p>PIN verification failed.</p><p>Reason: {0}").format(
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
231 self.__pinErrorMessage(err)
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
232 ),
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
233 )
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
234
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
235 def __pinErrorMessage(self, err):
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
236 """
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
237 Private method to get a message for a PIN error.
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
238
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
239 @param err reference to the exception object
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
240 @type CtapError
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
241 @return message for the given PIN error
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
242 @rtype str
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
243 """
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
244 errorCode = err.code
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
245 if errorCode == CtapError.ERR.PIN_INVALID:
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
246 msg = self.tr("Invalid PIN")
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
247 elif errorCode == CtapError.ERR.PIN_BLOCKED:
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
248 msg = self.tr("PIN is blocked.")
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
249 elif errorCode == CtapError.ERR.PIN_NOT_SET:
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
250 msg = self.tr("No PIN set.")
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
251 else:
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
252 msg = str(err)
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
253 return msg
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
254
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
255 ############################################################################
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
256 ## methods related to passkey (credential) handling
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
257 ############################################################################
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
258
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
259 def getPasskeys(self, pin):
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
260 """
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
261 Public method to get all stored passkeys.
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
262
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
263 @param pin PIN to unlock the connected security key
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
264 @type str
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
265 @return tuple containing a dictionary containing the stored passkeys grouped
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
266 by Relying Party ID, the count of used credential slots and the count
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
267 of available credential slots
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
268 @rtype tuple of [dict[str, list[dict[str, Any]]], int, int]
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
269 """
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
270 credentials = {}
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
271
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
272 credentialManager = self.__initializeCredentialManager(pin)
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
273 data = credentialManager.get_metadata()
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
274 if data.get(CredentialManagement.RESULT.EXISTING_CRED_COUNT) > 0:
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
275 for relyingParty in credentialManager.enumerate_rps():
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
276 relyingPartyId = relyingParty[CredentialManagement.RESULT.RP]["id"]
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
277 credentials[relyingPartyId] = []
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
278 for credential in credentialManager.enumerate_creds(
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
279 relyingParty[CredentialManagement.RESULT.RP_ID_HASH]
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
280 ):
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
281 credentials[relyingPartyId].append(
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
282 {
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
283 "credentialId": credential[
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
284 CredentialManagement.RESULT.CREDENTIAL_ID
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
285 ],
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
286 "userId": credential[CredentialManagement.RESULT.USER][
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
287 "id"
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
288 ],
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
289 "userName": credential[
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
290 CredentialManagement.RESULT.USER
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
291 ].get("name", ""),
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
292 "displayName": credential[
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
293 CredentialManagement.RESULT.USER
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
294 ].get("displayName", ""),
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
295 }
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
296 )
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
297
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
298 return (
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
299 credentials,
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
300 data.get(CredentialManagement.RESULT.EXISTING_CRED_COUNT),
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
301 data.get(CredentialManagement.RESULT.MAX_REMAINING_COUNT),
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
302 )
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
303
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
304 def deletePasskey(self, pin, credentialId):
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
305 """
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
306 Public method to delete the passkey of the given ID.
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
307
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
308 @param pin PIN to unlock the connected security key
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
309 @type str
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
310 @param credentialId ID of the passkey to be deleted
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
311 @type fido2.webauthn.PublicKeyCredentialDescriptor
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
312 """
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
313 credentialManager = self.__initializeCredentialManager(pin)
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
314 credentialManager.delete_cred(cred_id=credentialId)
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
315
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
316 def changePasskeyUserInfo(self, pin, credentialId, userId, userName, displayName):
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
317 """
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
318 Public method to change the user info of a stored passkey.
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
319
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
320 @param pin PIN to unlock the connected security key
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
321 @type str
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
322 @param credentialId ID of the passkey to change
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
323 @type fido2.webauthn.PublicKeyCredentialDescriptor
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
324 @param userId ID of the user
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
325 @type bytes
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
326 @param userName user name to set
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
327 @type str
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
328 @param displayName display name to set
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
329 @type str
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
330 """
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
331 userInfo = PublicKeyCredentialUserEntity(
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
332 name=userName, id=userId, display_name=displayName
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
333 )
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
334 credentialManager = self.__initializeCredentialManager(pin)
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
335 credentialManager.update_user_info(cred_id=credentialId, user_info=userInfo)
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
336
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
337 def __initializeCredentialManager(self, pin):
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
338 """
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
339 Private method to initialize a credential manager object.
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
340
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
341 @param pin PIN to unlock the connected security key
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
342 @type str
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
343 @return reference to the credential manager object
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
344 @rtype CredentialManagement
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
345 @exception Fido2DeviceError raised to indicate an issue with the selected
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
346 security key
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
347 @exception Fido2PinError raised to indicate an issue with the PIN
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
348 """
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
349 if self.__clientPin is None:
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
350 self.__clientPin = ClientPin(self.__ctap2)
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
351
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
352 if pin == "":
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
353 pin = self.__pin
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
354 if pin is None:
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
355 # Error
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
356 raise Fido2PinError(
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
357 self.tr(
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
358 "The selected security key is not unlocked or no PIN was entered."
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
359 )
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
360 )
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
361
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
362 try:
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
363 pinToken = self.__clientPin.get_pin_token(
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
364 pin, ClientPin.PERMISSION.CREDENTIAL_MGMT
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
365 )
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
366 except CtapError as err:
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
367 raise Fido2PinError(
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
368 self.tr("PIN error: {0}").format(self.__pinErrorMessage(err))
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
369 )
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
370 except OSError:
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
371 raise Fido2DeviceError(
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
372 self.tr("Connected security key unplugged. Reinsert and try again.")
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
373 )
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
374
30c45bd597e6 Started implementing a dialog to manage FIDO2 security keys.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
375 return CredentialManagement(self.__ctap2, self.__clientPin.protocol, pinToken)

Mercurial Repository: eric

eric ide

mercurial