File: generate_challenge.py

package info (click to toggle)
odoo 18.0.0%2Bdfsg-2
  • links: PTS, VCS
  • area: main
  • in suites: sid
  • size: 878,716 kB
  • sloc: javascript: 927,937; python: 685,670; xml: 388,524; sh: 1,033; sql: 415; makefile: 26
file content (12 lines) | stat: -rw-r--r-- 477 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
 
import secrets


def generate_challenge() -> bytes:
    """
    Create a random value for the authenticator to sign, going above and beyond the recommended
    number of random bytes as per https://www.w3.org/TR/webauthn-2/#sctn-cryptographic-challenges:

    "In order to prevent replay attacks, the challenges MUST contain enough entropy to make
    guessing them infeasible. Challenges SHOULD therefore be at least 16 bytes long."
    """
    return secrets.token_bytes(64)