Merge pull request 'gpio' (#2) from test into main

Reviewed-on: #2

.idea/CNSA-276-FP.iml

@@ -5,7 +5,7 @@
       <excludeFolder url="file://$MODULE_DIR$/.venv" />
       <excludeFolder url="file://$MODULE_DIR$/venv" />
     </content>
-    <orderEntry type="jdk" jdkName="Python 3.12 (CNSA-276-FP)" jdkType="Python SDK" />
+    <orderEntry type="inheritedJdk" />
     <orderEntry type="sourceFolder" forTests="false" />
   </component>
 </module>

install.sh

@@ -5,20 +5,25 @@ sudo apt-get upgrade -y
 sudo apt-get update
 sudo apt-get install python3-psycopg2 -y
 sudo apt-get install python3-fido2 -y
-sudo apt-get install python3-nfcpy -y
 sudo apt-get install screen -y
 
+sudo apt-get update
+sudo apt-get upgrade -y
+
 sudo mkdir /user/CNSA
 
 # Define crontab job
-JOB="@reboot /bin/sh /user/CNSA/CNSA-276-FP/startup.sh"
+JOB="@reboot /bin/sh /user/CNSA/script/startup.sh"
 
 # Check if the job is already in the crontab and add it if it's not
 ( crontab -l | grep -F "$JOB" || echo "$JOB" ) | crontab -
 
 sudo git clone https://gitea.eggtech.net/eggman20339/CNSA-276-FP.git /user/CNSA/CNSA-276-FP
 
-sudo chmod 777 /user/CNSA/CNSA-276-FP/startup.sh
+sudo mkdir /user/CNSA/script
+sudo cp /user/CNSA/CNSA-276-FP/startup.sh /user/CNSA/script/startup.sh
+
+sudo chmod 777 /user/CNSA/script/startup.sh
 
 pip3 install --upgrade fido2 --break-system-packages
 pip3 install nfcpy --break-system-packages

main.py

@@ -33,7 +33,7 @@ On Windows, the native WebAuthn API will be used.
 """
 import time
 import configparser
-gpie = False
+gpie = True
 if gpie:
     import RPi.GPIO as GPIO
 import pickle
@@ -46,13 +46,13 @@ from getpass import getpass
 import sys
 import ctypes
 from fido2.ctap2 import Ctap2
-import nfc
+from fido2 import cbor
+# from fido2 import CtapNfcDevice
 
 config = configparser.ConfigParser()
 
 config.read('config.ini')
-
-
+# test
 dbusername = config.get('Setup', 'dbusername')
 dbpassword = config.get('Setup', 'dbpassword')
 dbname = config.get('Setup', 'dbname')
@@ -70,8 +70,6 @@ redLed = 7
 
 door = 40
 
-
-
 if gpie:
     # badCredentials = False
     GPIO.setup(greenLed, GPIO.OUT)
@@ -105,26 +103,20 @@ class CliInteraction(UserInteraction):
         print("User Verification required.")
         return True
 
-try:
-    clf = nfc.ContactlessFrontend('usb')  # Ensure this matches your connection
-    print("NFC reader initialized.")
-except Exception as e:
-    print("Failed to initialize NFC reader:", e)
-    
-
 
 
 while True:
+    # isNfc = False
     if gpie:
         GPIO.output(door, GPIO.LOW)
-        # GPIO.output(14, GPIO.LOW)
+        
     print("Waiting for device...")
     badCredentials = False
     if gpie:
         GPIO.output(redLed, GPIO.HIGH)
     while True:
         try:
-            # GPIO.output(14, GPIO.LOW)
+
             dev = next(CtapHidDevice.list_devices(), None)
 
             if dev:
@@ -235,6 +227,7 @@ while True:
         request_options, state = server.authenticate_begin(credentials, user_verification=uv)
 
         # Authenticate the credential
+
         result = client.get_assertion(request_options["publicKey"])
 
         # Only one cred in allowCredentials, only one response.
@@ -334,7 +327,7 @@ while True:
 
             GPIO.output(greenLed, GPIO.HIGH)
             GPIO.output(door, GPIO.HIGH)
-            time.sleep(5)
+            time.sleep(3)
             GPIO.output(greenLed, GPIO.LOW)
 
 

startup.sh

@@ -3,7 +3,6 @@ sudo cp /user/CNSA/CNSA-276-FP/config.ini /config.bak
 sudo rm -R /user/CNSA/CNSA-276-FP
 
 
-
 # Function to check internet connectivity
 check_internet_connection() {
     ping -c 1 1.1.1.1 > /dev/null 2>&1
@@ -28,3 +27,5 @@ sudo chmod 777 /user/CNSA/CNSA-276-FP/startup.sh
 sudo cp /config.bak /user/CNSA/CNSA-276-FP/config.ini
 
 screen -dmS DoorAuth bash -c "cd /user/CNSA/CNSA-276-FP/ && python3 main.py"
+
+sudo cp /user/CNSA/CNSA-276-FP/startup.sh /user/CNSA/script/startup.sh

test.py

@@ -1,26 +1,38 @@
-import nfc
-import time
+from fido2.pcsc import CtapPcscDevice
+from fido2.utils import sha256
+from fido2.ctap1 import Ctap1
+import sys
 
-def connected(tag):
-    print("Tag detected:", tag)
-    return True
 
-def read_nfc():
-    try:
-        clf = nfc.ContactlessFrontend('usb')  # Ensure this matches your connection
-        print("NFC reader initialized.")
-    except Exception as e:
-        print("Failed to initialize NFC reader:", e)
-        return
+dev = next(CtapPcscDevice.list_devices(), None)
+if not dev:
+    print("No NFC u2f device found")
+    sys.exit(1)
 
-    try:
-        while True:
-            print("Waiting for NFC tag...")
-            clf.connect(rdwr={'on-connect': connected})
-            time.sleep(1)
-    except Exception as e:
-        print("Error reading NFC tag:", e)
-    finally:
-        clf.close()
+chal = sha256(b"AAA")
+appid = sha256(b"BBB")
 
-read_nfc()
+ctap1 = Ctap1(dev)
+
+print("version:", ctap1.get_version())
+
+# True - make extended APDU and send it to key
+# ISO 7816-3:2006. page 33, 12.1.3 Decoding conventions for command APDUs
+# ISO 7816-3:2006. page 34, 12.2 Command-response pair transmission by T=0
+# False - make group of short (less than 255 bytes length) APDU
+# and send them to key. ISO 7816-3:2005, page 9, 5.1.1.1 Command chaining
+dev.use_ext_apdu = False
+
+reg = ctap1.register(chal, appid)
+print("register:", reg)
+
+
+reg.verify(appid, chal)
+print("Register message verify OK")
+
+
+auth = ctap1.authenticate(chal, appid, reg.key_handle)
+print("authenticate result: ", auth)
+
+res = auth.verify(appid, chal, reg.public_key)
+print("Authenticate message verify OK")