CNSA-276-FP/u2fClient.py
2024-04-26 20:45:27 -04:00

47 lines
1.6 KiB
Python

from fido2.hid import CtapHidDevice
from fido2.client import Fido2Client
from fido2.server import Fido2Server
from fido2.webauthn import PublicKeyCredentialRpEntity
while True:
# Discover FIDO2 devices connected via USB
devices = list(CtapHidDevice.list_devices())
if not devices:
#raise ValueError("No FIDO2 device found")
pass
else:
device = devices[0]
break
# Use the first available device
client = Fido2Client(device, "https://example.com")
rp = PublicKeyCredentialRpEntity("example.com", "Example RP")
server = Fido2Server(rp)
# Example: Registration
user = {"id": b"user_id", "name": "john_doe", "displayName": "John Doe"}
challenge = server.register_begin(user)
print(challenge)
# Prompt user to perform registration action on the device
attestation_object, client_data = client.make_credential(challenge)
# Finalize registration on the server
auth_data = server.register_complete(challenge['state'], client_data, attestation_object)
print("Registration complete. Credential ID:", auth_data.credential_data.credential_id)
# Example: Authentication
credentials = [auth_data.credential_data]
challenge = server.authenticate_begin(credentials)
# Prompt user to perform authentication action on the device
assertion, client_data = client.get_assertion(challenge['publicKey'])
assertion_response = assertion[0] # Assuming the first assertion (most common scenario)
# Finalize authentication on the server
server.authenticate_complete(challenge['state'], credentials, assertion_response, client_data)
print("Authentication successful!")