public void FinishRegistration_IncorrectType_Throws()
{
var fido = new FidoUniversalTwoFactor();
var startedRegistration = fido.StartRegistration(TestVectors.AppIdEnroll);
var registerResponse = GetValidRegisterResponse();
registerResponse.ClientData.Type = "incorrect type";
Assert.Throws <InvalidOperationException>(() => fido.FinishRegistration(startedRegistration, registerResponse, TestVectors.TrustedDomains));
}
public void FinishRegistration_UntrustedOrigin_Throws(string origin)
{
var fido = new FidoUniversalTwoFactor();
var startedRegistration = fido.StartRegistration(TestVectors.AppIdEnroll);
var registerResponse = GetValidRegisterResponse();
registerResponse.ClientData.Origin = origin;
Assert.Throws <InvalidOperationException>(() => fido.FinishRegistration(startedRegistration, registerResponse, TestVectors.TrustedDomains));
}
public void FinishRegistration_IncorrectChallenge_Throws()
{
var fido = new FidoUniversalTwoFactor();
var startedRegistration = fido.StartRegistration(TestVectors.AppIdEnroll);
var registerResponse = GetValidRegisterResponse();
registerResponse.ClientData.Challenge =
WebSafeBase64Converter.ToBase64String(Encoding.Default.GetBytes("incorrect challenge"));
Assert.Throws <InvalidOperationException>(() => fido.FinishRegistration(startedRegistration, registerResponse, TestVectors.TrustedDomains));
}
public void FinishRegistration_RegisterResponse_Works()
{
var fido = new FidoUniversalTwoFactor();
var startedRegistration = fido.StartRegistration(TestVectors.AppIdEnroll);
startedRegistration.Challenge = TestVectors.ServerChallengeRegisterBase64;
var registerResponse = GetValidRegisterResponse();
var registrationData = registerResponse.RegistrationData;
var deviceRegistration = fido.FinishRegistration(startedRegistration, registerResponse, TestVectors.TrustedDomains);
Assert.IsNotNull(deviceRegistration);
Assert.AreEqual(deviceRegistration.Certificate.RawData, registrationData.AttestationCertificate.RawData);
Assert.AreEqual(deviceRegistration.KeyHandle, registrationData.KeyHandle);
}
public ActionResult TESTSUBMIT(RegisterNewDeviceViewModel model)
{
model = model ?? new RegisterNewDeviceViewModel();
if (!String.IsNullOrEmpty(model.RawRegisterResponse))
{
var u2f = new FidoUniversalTwoFactor();
var challenge = model.Challenge;
var startedRegistration = GetFidoRepository().GetStartedRegistration(GetCurrentUser(), challenge);
var deviceRegistration = u2f.FinishRegistration(startedRegistration, model.RawRegisterResponse, GetTrustedDomains());
GetFidoRepository().StoreDeviceRegistration(GetCurrentUser(), deviceRegistration);
GetFidoRepository().RemoveStartedRegistration(GetCurrentUser(), model.Challenge);
}
return(RedirectToAction("Registred"));
}
public IActionResult RegisterDevice(RegisterDeviceModel model)
{
if (model == null || string.IsNullOrEmpty(model.AppId) || string.IsNullOrEmpty(model.Challenge) || string.IsNullOrEmpty(model.RawRegisterResponse))
{
return(BadRequest(new { error = "Invalid Data", code = 400 }));
}
try
{
var device = App.CurrentUser.Devices.FirstOrDefault(x => x.Name.Equals(model.DeviceName));
if (device != null)
{
return(BadRequest(new { error = "This name already used on another device.", code = 400 }));
}
var u2F = new FidoUniversalTwoFactor();
App.Registrations.TryGetValue(model.Challenge, out var startedRegistration);
if (startedRegistration == null)
{
return(BadRequest(new { error = "Invalid Started Registration.", code = 400 }));
}
var facetIds = new List <FidoFacetId> {
new FidoFacetId(startedRegistration.AppId.ToString())
};
var deviceRegistration = u2F.FinishRegistration(startedRegistration, model.RawRegisterResponse, facetIds);
if (deviceRegistration == null)
{
return(BadRequest(new { error = "Invalid Device Registration.", code = 400 }));
}
App.AddDeviceRegistration(model.DeviceName, deviceRegistration);
App.Registrations.Remove(model.Challenge);
return(Ok(new { message = "Device has been registered.", code = 200, redirect = Url.Action("CurrentUser") }));
}
catch (Exception exception)
{
Console.WriteLine(exception);
return(BadRequest(new { error = exception.Message, code = 500 }));
}
}
public void FinishRegistration_JsonRegisterResponse_Works()
{
var challenge = WebSafeBase64Converter.FromBase64String(TestVectors.ServerChallengeRegisterBase64);
var mockGenerateChallenge = new Mock <IGenerateFidoChallenge>();
mockGenerateChallenge.Setup(x => x.GenerateChallenge()).Returns(challenge);
var fido = new FidoUniversalTwoFactor();
var startedRegistration = fido.StartRegistration(TestVectors.AppIdEnroll);
startedRegistration.Challenge = TestVectors.ServerChallengeRegisterBase64;
var registerResponse = GetValidRegisterResponse();
var registrationData = registerResponse.RegistrationData;
var jsonValue = registerResponse.ToJson();
var deviceRegistration = fido.FinishRegistration(startedRegistration, jsonValue, TestVectors.TrustedDomains);
Assert.IsNotNull(deviceRegistration);
Assert.AreEqual(deviceRegistration.Certificate.RawData, registrationData.AttestationCertificate.RawData);
Assert.AreEqual(deviceRegistration.KeyHandle, registrationData.KeyHandle);
}
public void FinishRegistration_UntrustedOrigin_Throws(string origin)
{
var fido = new FidoUniversalTwoFactor();
var startedRegistration = fido.StartRegistration(TestVectors.AppIdEnroll);
var registerResponse = GetValidRegisterResponse();
registerResponse.ClientData.Origin = origin;
Assert.Throws<InvalidOperationException>(() => fido.FinishRegistration(startedRegistration, registerResponse, TestVectors.TrustedDomains));
}
public void FinishRegistration_RegisterResponse_Works()
{
var fido = new FidoUniversalTwoFactor();
var startedRegistration = fido.StartRegistration(TestVectors.AppIdEnroll);
startedRegistration.Challenge = TestVectors.ServerChallengeRegisterBase64;
var registerResponse = GetValidRegisterResponse();
var registrationData = registerResponse.RegistrationData;
var deviceRegistration = fido.FinishRegistration(startedRegistration, registerResponse, TestVectors.TrustedDomains);
Assert.IsNotNull(deviceRegistration);
Assert.AreEqual(deviceRegistration.Certificate.RawData, registrationData.AttestationCertificate.RawData);
Assert.AreEqual(deviceRegistration.KeyHandle, registrationData.KeyHandle);
}
public void FinishRegistration_JsonRegisterResponse_Works()
{
var challenge = WebSafeBase64Converter.FromBase64String(TestVectors.ServerChallengeRegisterBase64);
var mockGenerateChallenge = new Mock<IGenerateFidoChallenge>();
mockGenerateChallenge.Setup(x => x.GenerateChallenge()).Returns(challenge);
var fido = new FidoUniversalTwoFactor();
var startedRegistration = fido.StartRegistration(TestVectors.AppIdEnroll);
startedRegistration.Challenge = TestVectors.ServerChallengeRegisterBase64;
var registerResponse = GetValidRegisterResponse();
var registrationData = registerResponse.RegistrationData;
var jsonValue = registerResponse.ToJson();
var deviceRegistration = fido.FinishRegistration(startedRegistration, jsonValue, TestVectors.TrustedDomains);
Assert.IsNotNull(deviceRegistration);
Assert.AreEqual(deviceRegistration.Certificate.RawData, registrationData.AttestationCertificate.RawData);
Assert.AreEqual(deviceRegistration.KeyHandle, registrationData.KeyHandle);
}
public void FinishRegistration_IncorrectType_Throws()
{
var fido = new FidoUniversalTwoFactor();
var startedRegistration = fido.StartRegistration(TestVectors.AppIdEnroll);
var registerResponse = GetValidRegisterResponse();
registerResponse.ClientData.Type = "incorrect type";
Assert.Throws<InvalidOperationException>(() => fido.FinishRegistration(startedRegistration, registerResponse, TestVectors.TrustedDomains));
}
public void FinishRegistration_IncorrectChallenge_Throws()
{
var fido = new FidoUniversalTwoFactor();
var startedRegistration = fido.StartRegistration(TestVectors.AppIdEnroll);
var registerResponse = GetValidRegisterResponse();
registerResponse.ClientData.Challenge =
WebSafeBase64Converter.ToBase64String(Encoding.Default.GetBytes("incorrect challenge"));
Assert.Throws<InvalidOperationException>(() => fido.FinishRegistration(startedRegistration, registerResponse, TestVectors.TrustedDomains));
}
public ActionResult Register(RegisterNewDeviceViewModel model)
{
model = model ?? new RegisterNewDeviceViewModel();
if (!String.IsNullOrEmpty(model.RawRegisterResponse))
{
var u2f = new FidoUniversalTwoFactor();
var challenge = model.Challenge;
var startedRegistration = GetFidoRepository().GetStartedRegistration(GetCurrentUser(), challenge);
var deviceRegistration = u2f.FinishRegistration(startedRegistration, model.RawRegisterResponse, GetTrustedDomains());
GetFidoRepository().StoreDeviceRegistration(GetCurrentUser(), deviceRegistration);
GetFidoRepository().RemoveStartedRegistration(GetCurrentUser(), model.Challenge);
return RedirectToAction("Index");
}
return View(model);
}
