fido2.ctap2.blob

Classes

LargeBlobs

Implementation of the CTAP2.1 Large Blobs API.

Module Contents

class fido2.ctap2.blob.LargeBlobs(ctap, pin_uv_protocol=None, pin_uv_token=None)

Implementation of the CTAP2.1 Large Blobs API.

Getting a largeBlobKey for a credential is done via the LargeBlobKey extension.

Parameters:

• ctap (fido2.ctap2.base.Ctap2) – An instance of a CTAP2 object.

• pin_uv_protocol (Optional[fido2.ctap2.pin.PinProtocol]) – An instance of a PinUvAuthProtocol.

• pin_uv_token (Optional[bytes]) – A valid PIN/UV Auth Token for the current CTAP session.

static is_supported(info)

Parameters:

info (fido2.ctap2.base.Info)

Return type:

bool

ctap

max_fragment_length

pin_uv

read_blob_array()

Gets the entire contents of the Large Blobs array.

Returns:

The CBOR decoded list of Large Blobs.

Return type:

Sequence[Mapping[int, Any]]

write_blob_array(blob_array)

Writes the entire Large Blobs array.

Parameters:

blob_array (Sequence[Mapping[int, Any]]) – A list to write to the Authenticator.

Return type:

None

get_blob(large_blob_key)

Gets the Large Blob stored for a single credential.

Parameters:

large_blob_key (bytes) – The largeBlobKey for the credential, or None.

Returns:

The decrypted and deflated value stored for the credential.

Return type:

Optional[bytes]

put_blob(large_blob_key, data)

Stores a Large Blob for a single credential.

Any existing entries for the same credential will be replaced.

Parameters:

• large_blob_key (bytes) – The largeBlobKey for the credential.

• data (Optional[bytes]) – The data to compress, encrypt and store.

Return type:

None

delete_blob(large_blob_key)

Deletes any Large Blob(s) stored for a single credential.

Parameters:

large_blob_key (bytes) – The largeBlobKey for the credential.

Return type:

None