Beispiel #1
0
        /// <summary>
        /// Verifies the response from the browser/authr after creating new credentials
        /// </summary>
        /// <param name="attestationResponse"></param>
        /// <param name="origChallenge"></param>
        /// <returns></returns>
        public RegisterCredentialResult SetRegisterCredentialResult(AuthenticatorAttestationRawResponse attestationResponse, RegisterCredentialOptions origChallenge, IsCredentialIdUniqueToUserDelegate isCredentialIdUniqueToUser, byte[] requestTokenBindingId = null)
        {
            var parsedResponse = AuthenticatorAttestationResponse.Parse(attestationResponse);
            var success        = parsedResponse.VerifyCredentialCreateOptions(origChallenge, _config, isCredentialIdUniqueToUser, _metadataService, requestTokenBindingId);

            // todo: Set Errormessage etc.
            return(new RegisterCredentialResult
            {
                Status = "ok",
                ErrorMessage = string.Empty,
                Result = success
            });
        }
        public static AuthenticatorAttestationResponse Parse(AuthenticatorAttestationRawResponse rawResponse)
        {
            if (null == rawResponse || null == rawResponse.Response)
            {
                throw new VerificationException("Expected rawResponse, got null");
            }

            if (null == rawResponse.Response.AttestationObject || 0 == rawResponse.Response.AttestationObject.Length)
            {
                throw new VerificationException("Missing AttestationObject");
            }

            // 8. Perform CBOR decoding on the attestationObject field of the AuthenticatorAttestationResponse structure to obtain the attestation statement format fmt, the authenticator data authData, and the attestation statement attStmt.
            CBORObject cborAttestation;

            try
            {
                cborAttestation = CBORObject.DecodeFromBytes(rawResponse.Response.AttestationObject);
            }
            catch (CBORException ex)
            {
                throw new VerificationException("AttestationObject invalid CBOR", ex);
            }

            if (null == cborAttestation["fmt"] ||
                CBORType.TextString != cborAttestation["fmt"].Type ||
                null == cborAttestation["attStmt"] ||
                CBORType.Map != cborAttestation["attStmt"].Type ||
                null == cborAttestation["authData"] ||
                CBORType.ByteString != cborAttestation["authData"].Type)
            {
                throw new VerificationException("Malformed AttestationObject");
            }

            var response = new AuthenticatorAttestationResponse(rawResponse.Response.ClientDataJson)
            {
                Raw = rawResponse,
                AttestationObject = new ParsedAttestationObject()
                {
                    Fmt      = cborAttestation["fmt"].AsString(),
                    AttStmt  = cborAttestation["attStmt"], // convert to dictionary?
                    AuthData = cborAttestation["authData"].GetByteString()
                }
            };

            return(response);
        }
        public static AuthenticatorAttestationResponse Parse(AuthenticatorAttestationRawResponse rawResponse)
        {
            if (null == rawResponse || null == rawResponse.Response)
            {
                throw new VerificationException("Expected rawResponse, got null");
            }

            if (null == rawResponse.Response.AttestationObject || 0 == rawResponse.Response.AttestationObject.Length)
            {
                throw new VerificationException("Missing AttestationObject");
            }

            CBORObject cborAttestation;

            try
            {
                cborAttestation = CBORObject.DecodeFromBytes(rawResponse.Response.AttestationObject);
            }
            catch (CBORException ex)
            {
                throw new VerificationException("Malformed AttestationObject", ex);
            }

            if (null == cborAttestation["fmt"] ||
                CBORType.TextString != cborAttestation["fmt"].Type ||
                null == cborAttestation["attStmt"] ||
                CBORType.Map != cborAttestation["attStmt"].Type ||
                null == cborAttestation["authData"] ||
                CBORType.ByteString != cborAttestation["authData"].Type)
            {
                throw new VerificationException("Malformed AttestationObject");
            }

            var response = new AuthenticatorAttestationResponse(rawResponse.Response.ClientDataJson)
            {
                Raw = rawResponse,
                AttestationObject = new ParsedAttestationObject()
                {
                    Fmt      = cborAttestation["fmt"].AsString(),
                    AttStmt  = cborAttestation["attStmt"], // convert to dictionary?
                    AuthData = cborAttestation["authData"].GetByteString()
                }
            };

            return(response);
        }
        /// <summary>
        /// Verifies the response from the browser/authr after creating new credentials (MakeNewCredentialAsync)
        /// </summary>
        /// <param name="attestationResponse"></param>
        /// <param name="origChallenge"></param>
        /// <returns></returns>
        public async Task <CredentialMakeResult> SetRegisterCredentialResult(AuthenticatorAttestationRawResponse attestationResponse, CredentialCreateOptions origChallenge, IsCredentialIdUniqueToUserAsyncDelegate isCredentialIdUniqueToUser, byte[] requestTokenBindingId = null)
        {
            var parsedResponse = AuthenticatorAttestationResponse.Parse(attestationResponse);
            var success        = await parsedResponse.VerifyAsync(origChallenge, _config, isCredentialIdUniqueToUser, _metadataService, requestTokenBindingId);

            try
            {
                return(new CredentialMakeResult
                {
                    Status = "ok",
                    ErrorMessage = string.Empty,
                    Result = success
                });
            }
            catch (Exception e)
            {
                return(new CredentialMakeResult
                {
                    Status = "error",
                    ErrorMessage = e.Message,
                    Result = success
                });
            }
        }