From c55afcc43e67709a2f4f02fdb6c2746b1d591a9e Mon Sep 17 00:00:00 2001
From: Dain Nilsson <dain@yubico.com>
Date: Wed, 24 Apr 2024 09:12:37 +0200
Subject: [PATCH] FIDO: Improve error messages for fido commands on older
 YubiKeys

---
 ykman/_cli/fido.py | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/ykman/_cli/fido.py b/ykman/_cli/fido.py
index 1c1b5e7b..5e37ec3b 100755
--- a/ykman/_cli/fido.py
+++ b/ykman/_cli/fido.py
@@ -500,8 +500,8 @@ def force_pin_change(ctx, pin):
     """
     Force the PIN to be changed to a new value before use.
     """
-    options = ctx.obj.get("ctap2").info.options
-    if not options.get("setMinPINLength"):
+    options = ctx.obj["ctap2"].info.options if "ctap2" in ctx.obj else None
+    if options is None or not options.get("setMinPINLength"):
         raise CliFail("Force change PIN is not supported on this YubiKey.")
     if not options.get("clientPin"):
         raise CliFail("No PIN is set.")
@@ -522,8 +522,8 @@ def set_min_pin_length(ctx, pin, rp_id, length):
     Optionally use the --rp option to specify which RPs are allowed to request this
     information.
     """
-    info = ctx.obj["ctap2"].info
-    if not info.options.get("setMinPINLength"):
+    info = ctx.obj["ctap2"].info if "ctap2" in ctx.obj else None
+    if info is None or not info.options.get("setMinPINLength"):
         raise CliFail("Set minimum PIN length is not supported on this YubiKey.")
     if info.options.get("alwaysUv") and not info.options.get("clientPin"):
         raise CliFail(
@@ -887,8 +887,8 @@ def toggle_always_uv(ctx, pin):
     """
     Toggles the state of Always Require User Verification.
     """
-    options = ctx.obj.get("ctap2").info.options
-    if "alwaysUv" not in options:
+    options = ctx.obj.get("ctap2").info.options if "ctap2" in ctx.obj else None
+    if not options or "alwaysUv" not in options:
         raise CliFail("Always Require UV is not supported on this YubiKey.")
 
     config = _init_config(ctx, pin)
@@ -902,8 +902,8 @@ def enable_ep_attestation(ctx, pin):
     """
     Enables Enterprise Attestation for Authenticators pre-configured to support it.
     """
-    options = ctx.obj.get("ctap2").info.options
-    if "ep" not in options:
+    options = ctx.obj.get("ctap2").info.options if "ctap2" in ctx.obj else None
+    if not options or "ep" not in options:
         raise CliFail("Enterprise Attestation is not supported on this YubiKey.")
     if options.get("alwaysUv") and not options.get("clientPin"):
         raise CliFail(