fido2.ctap

Exceptions

CtapError

Error returned from the Authenticator when a command fails.

Classes

`STATUS`	Status code for CTAP keep-alive message.
`CtapDevice`	CTAP-capable device.

Module Contents

class fido2.ctap.STATUS[source]

Bases: enum.IntEnum

Status code for CTAP keep-alive message.

PROCESSING = 1

UPNEEDED = 2

class fido2.ctap.CtapDevice[source]

Bases: abc.ABC

CTAP-capable device.

Subclasses of this should implement call(), as well as list_devices(), which should return a generator over discoverable devices.

property capabilities: int

Abstractmethod:
Return type:: int

Get device capabilities

abstract call(cmd, data=b'', event=None, on_keepalive=None)[source]

Sends a command to the authenticator, and reads the response.

Parameters:

cmd (int) – The integer value of the command.
data (bytes) – The payload of the command.
event (Optional[threading.Event]) – An optional threading.Event which can be used to cancel the invocation.
on_keepalive (Optional[Callable[[STATUS], None]]) – An optional callback to handle keep-alive messages from the authenticator. The function is only called once for consecutive keep-alive messages with the same status.

Returns:

The response from the authenticator.

Return type:

bytes

close()[source]

Close the device, releasing any held resources.

Return type:: None

__enter__()[source]

__exit__(typ, value, traceback)[source]

classmethod list_devices()[source]

Abstractmethod:
Return type:: Iterator[CtapDevice]

Generates instances of cls for discoverable devices.

exception fido2.ctap.CtapError(code)[source]

Bases: Exception

Error returned from the Authenticator when a command fails.

Parameters:: code (int)

class UNKNOWN_ERR[source]

Bases: int

CTAP error status code that is not recognized.

name = 'UNKNOWN_ERR'

property value: int

Return type:: int

__repr__()[source]: Return repr(self).

__str__()[source]: Return str(self).

class ERR[source]

Bases: enum.IntEnum

CTAP status codes.

https://fidoalliance.org/specs/fido-v2.1-rd-20201208/fido-client-to-authenticator-protocol-v2.1-rd-20201208.html#error-responses

SUCCESS = 0

INVALID_COMMAND = 1

INVALID_PARAMETER = 2

INVALID_LENGTH = 3

INVALID_SEQ = 4

TIMEOUT = 5

CHANNEL_BUSY = 6

LOCK_REQUIRED = 10

INVALID_CHANNEL = 11

CBOR_UNEXPECTED_TYPE = 17

INVALID_CBOR = 18

MISSING_PARAMETER = 20

LIMIT_EXCEEDED = 21

FP_DATABASE_FULL = 23

LARGE_BLOB_STORAGE_FULL = 24

CREDENTIAL_EXCLUDED = 25

PROCESSING = 33

INVALID_CREDENTIAL = 34

USER_ACTION_PENDING = 35

OPERATION_PENDING = 36

NO_OPERATIONS = 37

UNSUPPORTED_ALGORITHM = 38

OPERATION_DENIED = 39

KEY_STORE_FULL = 40

UNSUPPORTED_OPTION = 43

INVALID_OPTION = 44

KEEPALIVE_CANCEL = 45

NO_CREDENTIALS = 46

USER_ACTION_TIMEOUT = 47

NOT_ALLOWED = 48

PIN_INVALID = 49

PIN_BLOCKED = 50

PIN_AUTH_INVALID = 51

PIN_AUTH_BLOCKED = 52

PIN_NOT_SET = 53

PUAT_REQUIRED = 54

PIN_POLICY_VIOLATION = 55

PIN_TOKEN_EXPIRED = 56

REQUEST_TOO_LARGE = 57

ACTION_TIMEOUT = 58

UP_REQUIRED = 59

UV_BLOCKED = 60

INTEGRITY_FAILURE = 61

INVALID_SUBCOMMAND = 62

UV_INVALID = 63

UNAUTHORIZED_PERMISSION = 64

OTHER = 127

SPEC_LAST = 223

EXTENSION_FIRST = 224

EXTENSION_LAST = 239

VENDOR_FIRST = 240

VENDOR_LAST = 255

__str__()[source]: Return str(self).