CNSA-276-FP/u2fClient.py

from fido2.hid import CtapHidDevice
from fido2.client import Fido2Client
from fido2.server import Fido2Server
from fido2.webauthn import PublicKeyCredentialRpEntity

# Discover FIDO2 devices connected via USB
devices = list(CtapHidDevice.list_devices())
if not devices:
    raise ValueError("No FIDO2 device found")
device = devices[0]

# Use the first available device
client = Fido2Client(device, "https://example.com")
rp = PublicKeyCredentialRpEntity("example.com", "Example RP")
server = Fido2Server(rp)

# Example: Registration
user = {"id": b"user_id", "name": "john_doe", "displayName": "John Doe"}
challenge = server.register_begin(user)

print(challenge)

# Prompt user to perform registration action on the device
attestation_object, client_data = client.make_credential()

# Finalize registration on the server
auth_data = server.register_complete(challenge['state'], client_data, attestation_object)

print("Registration complete. Credential ID:", auth_data.credential_data.credential_id)

# Example: Authentication
credentials = [auth_data.credential_data]
challenge = server.authenticate_begin(credentials)

# Prompt user to perform authentication action on the device
assertion, client_data = client.get_assertion(challenge['publicKey'])
assertion_response = assertion[0]  # Assuming the first assertion (most common scenario)

# Finalize authentication on the server
server.authenticate_complete(challenge['state'], credentials, assertion_response, client_data)
print("Authentication successful!")
did a little work 2024-04-26 15:55:11 -04:00			`from fido2.hid import CtapHidDevice`
			`from fido2.client import Fido2Client`
			`from fido2.server import Fido2Server`
			`from fido2.webauthn import PublicKeyCredentialRpEntity`

			`# Discover FIDO2 devices connected via USB`
			`devices = list(CtapHidDevice.list_devices())`
			`if not devices:`
			`raise ValueError("No FIDO2 device found")`
			`device = devices[0]`

			`# Use the first available device`
			`client = Fido2Client(device, "https://example.com")`
			`rp = PublicKeyCredentialRpEntity("example.com", "Example RP")`
			`server = Fido2Server(rp)`

			`# Example: Registration`
			`user = {"id": b"user_id", "name": "john_doe", "displayName": "John Doe"}`
			`challenge = server.register_begin(user)`

little bit o work 2024-04-26 16:26:05 -04:00			`print(challenge)`

did a little work 2024-04-26 15:55:11 -04:00			`# Prompt user to perform registration action on the device`
little bit o work 2024-04-26 16:26:05 -04:00			`attestation_object, client_data = client.make_credential()`
did a little work 2024-04-26 15:55:11 -04:00
			`# Finalize registration on the server`
			`auth_data = server.register_complete(challenge['state'], client_data, attestation_object)`

			`print("Registration complete. Credential ID:", auth_data.credential_data.credential_id)`

			`# Example: Authentication`
			`credentials = [auth_data.credential_data]`
			`challenge = server.authenticate_begin(credentials)`

			`# Prompt user to perform authentication action on the device`
			`assertion, client_data = client.get_assertion(challenge['publicKey'])`
			`assertion_response = assertion[0] # Assuming the first assertion (most common scenario)`

			`# Finalize authentication on the server`
			`server.authenticate_complete(challenge['state'], credentials, assertion_response, client_data)`
			`print("Authentication successful!")`