public void FinishRegistration_UntrustedOrigin_Throws(string origin)
{
var fido = new FidoUniversalTwoFactor();
var startedRegistration = fido.StartRegistration(TestVectors.AppIdEnroll);
var registerResponse = GetValidRegisterResponse();
registerResponse.ClientData.Origin = origin;
Assert.Throws <InvalidOperationException>(() => fido.FinishRegistration(startedRegistration, registerResponse, TestVectors.TrustedDomains));
}
public void FinishRegistration_IncorrectType_Throws()
{
var fido = new FidoUniversalTwoFactor();
var startedRegistration = fido.StartRegistration(TestVectors.AppIdEnroll);
var registerResponse = GetValidRegisterResponse();
registerResponse.ClientData.Type = "incorrect type";
Assert.Throws <InvalidOperationException>(() => fido.FinishRegistration(startedRegistration, registerResponse, TestVectors.TrustedDomains));
}
public void FinishRegistration_IncorrectChallenge_Throws()
{
var fido = new FidoUniversalTwoFactor();
var startedRegistration = fido.StartRegistration(TestVectors.AppIdEnroll);
var registerResponse = GetValidRegisterResponse();
registerResponse.ClientData.Challenge =
WebSafeBase64Converter.ToBase64String(Encoding.Default.GetBytes("incorrect challenge"));
Assert.Throws <InvalidOperationException>(() => fido.FinishRegistration(startedRegistration, registerResponse, TestVectors.TrustedDomains));
}
public void FinishRegistration_RegisterResponse_Works()
{
var fido = new FidoUniversalTwoFactor();
var startedRegistration = fido.StartRegistration(TestVectors.AppIdEnroll);
startedRegistration.Challenge = TestVectors.ServerChallengeRegisterBase64;
var registerResponse = GetValidRegisterResponse();
var registrationData = registerResponse.RegistrationData;
var deviceRegistration = fido.FinishRegistration(startedRegistration, registerResponse, TestVectors.TrustedDomains);
Assert.IsNotNull(deviceRegistration);
Assert.AreEqual(deviceRegistration.Certificate.RawData, registrationData.AttestationCertificate.RawData);
Assert.AreEqual(deviceRegistration.KeyHandle, registrationData.KeyHandle);
}
public void StartRegistration()
{
var randomChallenge = Encoding.Default.GetBytes("random challenge");
var mockGenerateChallenge = new Mock <IGenerateFidoChallenge>();
mockGenerateChallenge.Setup(x => x.GenerateChallenge()).Returns(randomChallenge);
var fido = new FidoUniversalTwoFactor(mockGenerateChallenge.Object);
var startedRegistration = fido.StartRegistration(TestVectors.AppIdEnroll);
mockGenerateChallenge.Verify(x => x.GenerateChallenge(), Times.Once);
Assert.AreEqual(TestVectors.AppIdEnroll, startedRegistration.AppId.ToString());
Assert.AreEqual(randomChallenge, WebSafeBase64Converter.FromBase64String(startedRegistration.Challenge));
}
public ActionResult TESTREG()
{
var u2f = new FidoUniversalTwoFactor();
var appId = new FidoAppId(Request.Url);
var startedRegistration = u2f.StartRegistration(appId);
GetFidoRepository().StoreStartedRegistration(GetCurrentUser(), startedRegistration);
var model = new RegisterNewDeviceViewModel
{
AppId = startedRegistration.AppId.ToString(),
Challenge = startedRegistration.Challenge,
UserName = GetCurrentUser()
};
return(View(model));
}
public ActionResult Register(NewUserViewModel newUserModel)
{
var u2f = new FidoUniversalTwoFactor();
var appId = new FidoAppId(Request.Url);
var startedRegistration = u2f.StartRegistration(appId);
GetFidoRepository().StoreStartedRegistration(newUserModel.UserName, startedRegistration);
var model = new RegisterNewDeviceViewModel
{
AppId = startedRegistration.AppId.ToString(),
Challenge = startedRegistration.Challenge,
UserName = newUserModel.UserName,
Email = newUserModel.Email
};
return(View(model));
}
public RegisterDeviceModel GetRegistrationModel()
{
var u2F = new FidoUniversalTwoFactor();
var startedRegistration = u2F.StartRegistration(AppId);
var model = new RegisterDeviceModel
{
AppId = startedRegistration.AppId.ToString(),
Challenge = startedRegistration.Challenge
};
if (App.CurrentUser.Devices.Any())
{
model.RegisteredKeys.AddRange(App.CurrentUser.Devices.Select(x => x.Identifier).ToList());
}
App.AddRegistration(model.Challenge, startedRegistration);
return(model);
}
public void FinishRegistration_JsonRegisterResponse_Works()
{
var challenge = WebSafeBase64Converter.FromBase64String(TestVectors.ServerChallengeRegisterBase64);
var mockGenerateChallenge = new Mock <IGenerateFidoChallenge>();
mockGenerateChallenge.Setup(x => x.GenerateChallenge()).Returns(challenge);
var fido = new FidoUniversalTwoFactor();
var startedRegistration = fido.StartRegistration(TestVectors.AppIdEnroll);
startedRegistration.Challenge = TestVectors.ServerChallengeRegisterBase64;
var registerResponse = GetValidRegisterResponse();
var registrationData = registerResponse.RegistrationData;
var jsonValue = registerResponse.ToJson();
var deviceRegistration = fido.FinishRegistration(startedRegistration, jsonValue, TestVectors.TrustedDomains);
Assert.IsNotNull(deviceRegistration);
Assert.AreEqual(deviceRegistration.Certificate.RawData, registrationData.AttestationCertificate.RawData);
Assert.AreEqual(deviceRegistration.KeyHandle, registrationData.KeyHandle);
}
public void StartRegistration()
{
var randomChallenge = Encoding.Default.GetBytes("random challenge");
var mockGenerateChallenge = new Mock<IGenerateFidoChallenge>();
mockGenerateChallenge.Setup(x => x.GenerateChallenge()).Returns(randomChallenge);
var fido = new FidoUniversalTwoFactor(mockGenerateChallenge.Object);
var startedRegistration = fido.StartRegistration(TestVectors.AppIdEnroll);
mockGenerateChallenge.Verify(x => x.GenerateChallenge(), Times.Once);
Assert.AreEqual(TestVectors.AppIdEnroll, startedRegistration.AppId.ToString());
Assert.AreEqual(randomChallenge, WebSafeBase64Converter.FromBase64String(startedRegistration.Challenge));
}
public void FinishRegistration_UntrustedOrigin_Throws(string origin)
{
var fido = new FidoUniversalTwoFactor();
var startedRegistration = fido.StartRegistration(TestVectors.AppIdEnroll);
var registerResponse = GetValidRegisterResponse();
registerResponse.ClientData.Origin = origin;
Assert.Throws<InvalidOperationException>(() => fido.FinishRegistration(startedRegistration, registerResponse, TestVectors.TrustedDomains));
}
public void FinishRegistration_RegisterResponse_Works()
{
var fido = new FidoUniversalTwoFactor();
var startedRegistration = fido.StartRegistration(TestVectors.AppIdEnroll);
startedRegistration.Challenge = TestVectors.ServerChallengeRegisterBase64;
var registerResponse = GetValidRegisterResponse();
var registrationData = registerResponse.RegistrationData;
var deviceRegistration = fido.FinishRegistration(startedRegistration, registerResponse, TestVectors.TrustedDomains);
Assert.IsNotNull(deviceRegistration);
Assert.AreEqual(deviceRegistration.Certificate.RawData, registrationData.AttestationCertificate.RawData);
Assert.AreEqual(deviceRegistration.KeyHandle, registrationData.KeyHandle);
}
public void FinishRegistration_JsonRegisterResponse_Works()
{
var challenge = WebSafeBase64Converter.FromBase64String(TestVectors.ServerChallengeRegisterBase64);
var mockGenerateChallenge = new Mock<IGenerateFidoChallenge>();
mockGenerateChallenge.Setup(x => x.GenerateChallenge()).Returns(challenge);
var fido = new FidoUniversalTwoFactor();
var startedRegistration = fido.StartRegistration(TestVectors.AppIdEnroll);
startedRegistration.Challenge = TestVectors.ServerChallengeRegisterBase64;
var registerResponse = GetValidRegisterResponse();
var registrationData = registerResponse.RegistrationData;
var jsonValue = registerResponse.ToJson();
var deviceRegistration = fido.FinishRegistration(startedRegistration, jsonValue, TestVectors.TrustedDomains);
Assert.IsNotNull(deviceRegistration);
Assert.AreEqual(deviceRegistration.Certificate.RawData, registrationData.AttestationCertificate.RawData);
Assert.AreEqual(deviceRegistration.KeyHandle, registrationData.KeyHandle);
}
public void FinishRegistration_IncorrectType_Throws()
{
var fido = new FidoUniversalTwoFactor();
var startedRegistration = fido.StartRegistration(TestVectors.AppIdEnroll);
var registerResponse = GetValidRegisterResponse();
registerResponse.ClientData.Type = "incorrect type";
Assert.Throws<InvalidOperationException>(() => fido.FinishRegistration(startedRegistration, registerResponse, TestVectors.TrustedDomains));
}
public void FinishRegistration_IncorrectChallenge_Throws()
{
var fido = new FidoUniversalTwoFactor();
var startedRegistration = fido.StartRegistration(TestVectors.AppIdEnroll);
var registerResponse = GetValidRegisterResponse();
registerResponse.ClientData.Challenge =
WebSafeBase64Converter.ToBase64String(Encoding.Default.GetBytes("incorrect challenge"));
Assert.Throws<InvalidOperationException>(() => fido.FinishRegistration(startedRegistration, registerResponse, TestVectors.TrustedDomains));
}
public ActionResult Register()
{
var u2f = new FidoUniversalTwoFactor();
var appId = new FidoAppId(Request.Url);
var startedRegistration = u2f.StartRegistration(appId);
GetFidoRepository().StoreStartedRegistration(GetCurrentUser(), startedRegistration);
var model = new RegisterNewDeviceViewModel
{
AppId = startedRegistration.AppId.ToString(),
Challenge = startedRegistration.Challenge,
UserName = GetCurrentUser()
};
return View(model);
}
