public virtual void TestProcessSignResponseBadOrigin()
{
mockDataStore.Setup(x => x.GetSignSessionData(SESSION_ID))
.Returns(new SignSessionData(ACCOUNT_NAME, APP_ID_SIGN, SERVER_CHALLENGE_SIGN, USER_PUBLIC_KEY_SIGN_HEX));
var u2FServer = new U2FServerReferenceImpl(mockChallengeGenerator.Object
, mockDataStore.Object, crypto, new List<string> { "http://some-other-domain.com"});
var signResponse = new SignResponse(BROWSER_DATA_SIGN_BASE64, SIGN_RESPONSE_DATA_BASE64, SERVER_CHALLENGE_SIGN_BASE64, SESSION_ID, APP_ID_SIGN);
try
{
u2FServer.ProcessSignResponse(signResponse);
Assert.Fail("expected exception, but didn't get it");
}
catch (U2FException e)
{
Assert.IsTrue(e.Message.Contains("is not a recognized home origin"));
}
}
// (currently, this test uses an enrollment browserdata during a signature)
public virtual void TestProcessSignResponse2()
{
mockDataStore.Setup(x => x.GetSignSessionData(SESSION_ID))
.Returns(new SignSessionData(ACCOUNT_NAME, APP_ID_2, SERVER_CHALLENGE_SIGN, USER_PUBLIC_KEY_2));
mockDataStore.Setup(x => x.GetSecurityKeyData(ACCOUNT_NAME))
.Returns(new List<SecurityKeyData>
{
new SecurityKeyData(0L, KEY_HANDLE_2, USER_PUBLIC_KEY_2, VENDOR_CERTIFICATE, 0)
});
var u2FServer = new U2FServerReferenceImpl(mockChallengeGenerator.Object, mockDataStore.Object, crypto, TRUSTED_DOMAINS);
var signResponse = new SignResponse(BROWSER_DATA_2_BASE64, SIGN_DATA_2_BASE64, CHALLENGE_2_BASE64, SESSION_ID, APP_ID_2);
u2FServer.ProcessSignResponse(signResponse);
}
public virtual void TestProcessSignResponse()
{
mockDataStore.Setup(x => x.GetSignSessionData(SESSION_ID))
.Returns(new SignSessionData(ACCOUNT_NAME, APP_ID_SIGN, SERVER_CHALLENGE_SIGN, USER_PUBLIC_KEY_SIGN_HEX));
var u2FServer = new U2FServerReferenceImpl(mockChallengeGenerator.Object, mockDataStore.Object, crypto,
TRUSTED_DOMAINS);
var signResponse = new SignResponse(BROWSER_DATA_SIGN_BASE64, SIGN_RESPONSE_DATA_BASE64,
SERVER_CHALLENGE_SIGN_BASE64, SESSION_ID, APP_ID_SIGN);
u2FServer.ProcessSignResponse(signResponse);
}