public virtual void TestAuthenticate()
{
var authenticateRequest = new KeySignRequest(U2FVersion.V2,
BROWSER_DATA_SIGN_SHA256, APP_ID_SIGN_SHA256, KEY_HANDLE);
var authenticateResponse = u2FKey.Authenticate(authenticateRequest);
Assert.AreEqual(UserPresenceVerifierConstants.UserPresentFlag, authenticateResponse.UserPresence);
Assert.AreEqual(COUNTER_VALUE, authenticateResponse.Counter);
var ecdsaSignature = SignerUtilities.GetSigner("SHA-256withECDSA");
ecdsaSignature.Init(false, USER_PUBLIC_KEY_SIGN);
ecdsaSignature.BlockUpdate(EXPECTED_AUTHENTICATE_SIGNED_BYTES, 0, EXPECTED_AUTHENTICATE_SIGNED_BYTES.Length);
Assert.IsTrue(ecdsaSignature.VerifySignature(authenticateResponse.Signature));
}
public void Authenticate(string origin, string accountName)
{
// the key can be used to sign any of the requests - we're gonna sign the first one.
var signRequest = server.GetSignRequests(accountName, origin)[0];
if (!signRequest.Version.Equals(U2FConsts.U2Fv2))
{
throw new U2FException($"Unsupported protocol version: {signRequest.Version}");
}
appIdVerifier.ValidateOrigin(signRequest.AppId, origin);
var channelIdJson = channelIdProvider.GetJsonChannelId();
string clientData;
var authenticateRequest = SignRequestToAuthenticateRequest(origin, signRequest, channelIdJson, out clientData, crypto);
var authenticateResponse = key.Authenticate(authenticateRequest);
var rawAuthenticateResponse = RawMessageCodec.EncodeKeySignResponse(authenticateResponse);
var rawAuthenticateResponse64 = WebSafeBase64Converter.ToBase64String(rawAuthenticateResponse);
var clientDataBase64 = WebSafeBase64Converter.ToBase64String(Encoding.UTF8.GetBytes(clientData));
server.ProcessSignResponse(new SignResponse(clientDataBase64, rawAuthenticateResponse64,
signRequest.Challenge, signRequest.SessionId, signRequest.AppId));
}