This commit is contained in:
EggMan20339 2024-05-09 22:26:26 -04:00
parent e800879339
commit b42085c6ef

14
main.py
View File

@ -38,6 +38,7 @@ if gpie:
import RPi.GPIO as GPIO import RPi.GPIO as GPIO
import pickle import pickle
import psycopg2 import psycopg2
import ndef
import fido2.webauthn import fido2.webauthn
from fido2.hid import CtapHidDevice from fido2.hid import CtapHidDevice
from fido2.client import Fido2Client, WindowsClient, UserInteraction from fido2.client import Fido2Client, WindowsClient, UserInteraction
@ -46,12 +47,14 @@ from getpass import getpass
import sys import sys
import ctypes import ctypes
from fido2.ctap2 import Ctap2 from fido2.ctap2 import Ctap2
from fido2 import cbor
import nfc import nfc
config = configparser.ConfigParser() config = configparser.ConfigParser()
config.read('config.ini') config.read('config.ini')
nfc = False
dbusername = config.get('Setup', 'dbusername') dbusername = config.get('Setup', 'dbusername')
dbpassword = config.get('Setup', 'dbpassword') dbpassword = config.get('Setup', 'dbpassword')
@ -70,7 +73,9 @@ redLed = 7
door = 40 door = 40
def send_fido2_over_nfc(encoded_message):
ndef_message = ndef.Message(ndef.Record('application/fido2', '', encoded_message))
return clf.connect(rdwr={'on-connect': lambda tag: tag.ndef.records.append(ndef_message)})
if gpie: if gpie:
# badCredentials = False # badCredentials = False
@ -110,6 +115,7 @@ def read_nfc_tag():
clf = None clf = None
try: try:
tag = clf.connect(rdwr={'on-connect': lambda tag: False}) tag = clf.connect(rdwr={'on-connect': lambda tag: False})
nfc = True
return tag.identifier if tag else None return tag.identifier if tag else None
except Exception as e: except Exception as e:
# print("NFC read error:", e) # print("NFC read error:", e)
@ -120,6 +126,7 @@ def read_nfc_tag():
pass pass
while True: while True:
nfc = False
if gpie: if gpie:
GPIO.output(door, GPIO.LOW) GPIO.output(door, GPIO.LOW)
@ -240,8 +247,11 @@ while True:
request_options, state = server.authenticate_begin(credentials, user_verification=uv) request_options, state = server.authenticate_begin(credentials, user_verification=uv)
# Authenticate the credential # Authenticate the credential
if not nfc:
result = client.get_assertion(request_options["publicKey"]) result = client.get_assertion(request_options["publicKey"])
else:
sendme = cbor.encode(credentials)
send_fido2_over_nfc(sendme)
# Only one cred in allowCredentials, only one response. # Only one cred in allowCredentials, only one response.
result = result.get_response(0) result = result.get_response(0)