Beispiel #1
0
        public FidoDeviceRegistration FinishRegistration(FidoStartedRegistration startedRegistration,
                                                         string jsonDeviceResponse, IEnumerable <FidoFacetId> trustedFacetIds)
        {
            if (jsonDeviceResponse == null)
            {
                throw new ArgumentNullException("jsonDeviceResponse");
            }

            var registerResponse = FidoRegisterResponse.FromJson(jsonDeviceResponse);

            return(FinishRegistration(startedRegistration, registerResponse, trustedFacetIds));
        }
Beispiel #2
0
        public FidoDeviceRegistration FinishRegistration(FidoStartedRegistration startedRegistration,
                                                         FidoRegisterResponse registerResponse, IEnumerable <FidoFacetId> trustedFacetIds)
        {
            if (startedRegistration == null)
            {
                throw new ArgumentNullException("startedRegistration");
            }
            if (registerResponse == null)
            {
                throw new ArgumentNullException("registerResponse");
            }
            if (trustedFacetIds == null)
            {
                throw new ArgumentNullException("trustedFacetIds");
            }

            registerResponse.Validate();

            var clientData = registerResponse.ClientData;

            ExpectClientDataType(clientData, RegisterType);

            if (clientData.Challenge != startedRegistration.Challenge)
            {
                throw new InvalidOperationException("Incorrect challenge signed in client data");
            }

            ValidateOrigin(trustedFacetIds, new FidoFacetId(clientData.Origin));

            var registrationData = registerResponse.RegistrationData;

            VerifyResponseSignature(startedRegistration.AppId, registrationData, clientData);

            return(new FidoDeviceRegistration(registrationData.KeyHandle, registrationData.UserPublicKey,
                                              registrationData.AttestationCertificate, 0));
        }