Yubico/yubioath-flutter
1
1
Fork 0
mirror of https://github.com/Yubico/yubioath-flutter.git synced 2024-11-25 23:14:18 +03:00
Code Issues Packages Projects Releases Wiki Activity

Check if device is fips capable before creating an SCP session

Browse Source
This commit is contained in:
Dennis Fokin 2024-08-20 13:47:18 +02:00
parent a3f9ace174
commit 7c4b9ff9cb
No known key found for this signature in database
GPG Key ID: 870B88256690D8BC
1 changed files with 10 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
helper/helper/device.py
View File

@ -521,16 +521,17 @@ class ScpConnectionNode(ConnectionNode):
self.fips_capable = info.fips_capable self.fips_capable = info.fips_capable
self.scp_params = None self.scp_params = None
try: try:
scp = SecurityDomainSession(connection) if self.fips_capable != 0:
scp = SecurityDomainSession(connection)
for ref in scp.get_key_information().keys(): for ref in scp.get_key_information().keys():
if ref.kid == 0x13: if ref.kid == 0x13:
chain = scp.get_certificate_bundle(ref) chain = scp.get_certificate_bundle(ref)
if chain: if chain:
pub_key = chain[-1].public_key() pub_key = chain[-1].public_key()
assert isinstance(pub_key, EllipticCurvePublicKey) # nosec assert isinstance(pub_key, EllipticCurvePublicKey) # nosec
self.scp_params = Scp11KeyParams(ref, pub_key) self.scp_params = Scp11KeyParams(ref, pub_key)
break break
except NotSupportedError: except NotSupportedError:
pass pass