o sh$@sddlmZddlmZddlmZddlmZmZm Z ddl m Z m Z ddl mZmZdd lmZmZdd lmZmZmZdd lZdd lZeeZGd d d Zd S)) annotations)cbor) CtapError)PublicKeyCredentialDescriptorPublicKeyCredentialUserEntity_as_cbor)Ctap2Info) PinProtocol_PinUv)IntEnumunique)MappingSequenceAnyNc@seZdZdZeGdddeZeGdddeZeGdddeZe d6d d Z e d6ddZ d7ddZ d8ddZ d9ddZd9dd Zd9d!d"Zd:d$d%Zd;d'd(Zd9d)d*Zd:d+d,ZdCredentialManagementaaImplementation of a draft specification of the Credential Management API. WARNING: This specification is not final and this class is likely to change. :param ctap: An instance of a CTAP2 object. :param pin_uv_protocol: An instance of a PinUvAuthProtocol. :param pin_uv_token: A valid PIN/UV Auth Token for the current CTAP session. c@s(eZdZdZdZdZdZdZdZdZ dS) zCredentialManagement.CMDr rN) __name__ __module__ __qualname__GET_CREDS_METADATAENUMERATE_RPS_BEGINENUMERATE_RPS_NEXTENUMERATE_CREDS_BEGINENUMERATE_CREDS_NEXTDELETE_CREDENTIALUPDATE_USER_INFOr#r#N/var/www/html/env_mimamsha/lib/python3.10/site-packages/fido2/ctap2/credman.pyCMD:sr%c@seZdZdZdZdZdS)zCredentialManagement.PARAMr rrN)rrr RP_ID_HASH CREDENTIAL_IDUSERr#r#r#r$PARAMDsr)c@s8eZdZdZdZdZdZdZdZdZ dZ d Z d Z d Z d S) zCredentialManagement.RESULTr rrrrrr N)rrrEXISTING_CRED_COUNTMAX_REMAINING_COUNTRPr& TOTAL_RPSr(r' PUBLIC_KEYTOTAL_CREDENTIALS CRED_PROTECTLARGE_BLOB_KEYr#r#r#r$RESULTJsr6infor returnboolcCs,|jdrdSd|jvrd|jvrdSdS)NcredMgmtT FIDO_2_1_PREcredentialMgmtPreviewF)optionsgetversionsr7r#r#r$ is_supportedXs z!CredentialManagement.is_supportedcCst|jdS)Nr:)r9r=r>r@r#r#r$is_update_supportedasz(CredentialManagement.is_update_supportedctapr pin_uv_protocolr pin_uv_tokenbytescCs*||js td||_t|||_dS)Nz4Authenticator does not support Credential Management)rAr7 ValueErrorrCr pin_uv)selfrCrDrEr#r#r$__init__fs zCredentialManagement.__init__NTcCsh||d}|r+td|}|dur|t|7}|jjj|d<|jj|jj||d<|j j di|S)N)sub_cmdsub_cmd_paramsz>BrD pin_uv_paramr#) structpackrencoderHprotocolVERSION authenticatetokenrCcredential_mgmt)rIrKparamsauthkwargsmsgr#r#r$_callrs  zCredentialManagement._callMapping[int, Any]cC|tjjS)aSGet credentials metadata. This returns the existing resident credentials count, and the max possible number of remaining resident credentials (the actual number of remaining credentials may depend on algorithm choice, etc). :return: A dict containing EXISTING_CRED_COUNT, and MAX_REMAINING_COUNT. )rZrr%rrIr#r#r$ get_metadata~s z!CredentialManagement.get_metadatacCr\)a Start enumeration of RP entities of resident credentials. This will begin enumeration of stored RP entities, returning the first entity, as well as a count of the total number of entities stored. :return: A dict containing RP, RP_ID_HASH, and TOTAL_RPS. )rZrr%rr]r#r#r$enumerate_rps_beginsz(CredentialManagement.enumerate_rps_begincC|jtjjddS)zGet the next RP entity stored. This continues enumeration of stored RP entities, returning the next entity. :return: A dict containing RP, and RP_ID_HASH. FrW)rZrr%rr]r#r#r$enumerate_rps_nextz'CredentialManagement.enumerate_rps_nextSequence[Mapping[int, Any]]c sz}Wnty"}z|jtjjkrgWYd}~Sd}~ww|tjj}|dkr/gSfddtd|D}|g|S)zvConvenience method to enumerate all RPs. See enumerate_rps_begin and enumerate_rps_next for details. Nrcg|]}qSr#)rb.0_r]r#r$ sz6CredentialManagement.enumerate_rps..r ) r_rcodeERRNO_CREDENTIALSrr6r1range)rIfirsten_rpsrestr#r]r$ enumerate_rpss   z"CredentialManagement.enumerate_rps rp_id_hashcCs|tjjtjj|iS)aStart enumeration of resident credentials. This will begin enumeration of resident credentials for a given RP, returning the first credential, as well as a count of the total number of resident credentials stored for the given RP. :param rp_id_hash: SHA256 hash of the RP ID. :return: A dict containing USER, CREDENTIAL_ID, PUBLIC_KEY, and TOTAL_CREDENTIALS. )rZrr%rr)r&)rIrsr#r#r$enumerate_creds_begins  z*CredentialManagement.enumerate_creds_begincCr`)zGet the next resident credential stored. This continues enumeration of resident credentials, returning the next credential. :return: A dict containing USER, CREDENTIAL_ID, and PUBLIC_KEY. Fra)rZrr%r r]r#r#r$enumerate_creds_nextrcz)CredentialManagement.enumerate_creds_nextc s|z j|i|}Wnty&}z|jtjjkr!gWYd}~Sd}~wwfddtd|tjj dD}|g|S)zConvenience method to enumerate all resident credentials for an RP. See enumerate_creds_begin and enumerate_creds_next for details. Ncrer#)rurfr]r#r$risz8CredentialManagement.enumerate_creds..r ) rtrrjrkrlrmr>rr6r3)rIargsrXrnrorqr#r]r$enumerate_credss  z$CredentialManagement.enumerate_credscred_idrNonecCsDt|}td||tjjtjj t |it ddS)z~Delete a resident credential. :param cred_id: The PublicKeyCredentialDescriptor of the credential to delete. zDeleting credential with ID: zCredential deletedN) r from_dictloggerdebugrZrr%r!r)r'rr7)rIrxr#r#r$ delete_creds z CredentialManagement.delete_cred user_inforcCsvt|jjs tdt|}t|}t d|d|| tj j tj jt|tj jt|itddS)zUpdate the user entity of a resident key. :param cred_id: The PublicKeyCredentialDescriptor of the credential to update. :param user_info: The user info update. z/Authenticator does not support update_user_infozUpdating credential: z with user info: zCredential user info updatedN)rrBrCr7rGrrzrr{r|rZr%r"r)r'rr()rIrxr~r#r#r$update_user_infos     z%CredentialManagement.update_user_info)r7r r8r9)rCr rDr rErF)NT)r8r[)r8rd)rsrFr8r[)rxrr8ry)rxrr~rr8ry)rrr__doc__rrr%r)r6 staticmethodrArBrJrZr^r_rbrrrtrurwr}rr#r#r#r$r1s.        r) __future__rrrCrwebauthnrrrbaser r pinr r enumrrtypingrrrrNlogging getLoggerrr{rr#r#r#r$s