Ejemplo n.º 1
0
        /// <summary>
        /// Creates EnrollmentRecord which is then supposed to be stored in  database for further authentication
        /// Also generates a key which then can be used to protect user's data.
        /// </summary>
        /// <returns>The account.</returns>
        /// <param name="pwdBytes">Password bytes.</param>
        /// <param name="pheRespData">Phe resp data.</param>
        public (byte[], byte[]) EnrollAccount(byte[] pwdBytes, byte[] pheRespData)
        {
            Validation.NotNullOrEmptyByteArray(pwdBytes);
            Validation.NotNullOrEmptyByteArray(pheRespData);

            var pheResp = Phe.EnrollmentResponse.Parser.ParseFrom(ByteString.CopyFrom(pheRespData));

            var isValid = this.Crypto.ValidateProofOfSuccess(
                pheResp.Proof,
                this.ServicePublicKey,
                pheResp.Ns.ToByteArray(),
                pheResp.C0.ToByteArray(),
                pheResp.C1.ToByteArray());

            if (!isValid)
            {
                throw new ProofOfSuccessNotValidException();
            }

            var nS = pheResp.Ns;
            var nC = this.Crypto.GenerateNonce();

            var(t0, t1, key) = this.Crypto.ComputeT(
                this.AppSecretKey,
                pwdBytes,
                nC,
                pheResp.C0.ToByteArray(),
                pheResp.C1.ToByteArray());

            var enrollmentRecord = new EnrollmentRecord
            {
                Nc = ByteString.CopyFrom(nC),
                Ns = nS,
                T0 = ByteString.CopyFrom(t0),
                T1 = ByteString.CopyFrom(t1),
            };

            return(enrollmentRecord.ToByteArray(), key);
        }
Ejemplo n.º 2
0
        /// <summary>
        /// Update the specified EnrollmentRecord record.
        /// </summary>
        /// <returns>The updated Encrypted EnrollmentRecord.</returns>
        public byte[] UpdateEnrollmentRecord(byte[] token, byte[] enrollmentRecordData)
        {
            Validation.NotNullOrEmptyByteArray(token);
            Validation.NotNullOrEmptyByteArray(enrollmentRecordData);

            var enrollmentRecord = EnrollmentRecord.Parser.ParseFrom(ByteString.CopyFrom(enrollmentRecordData));

            var(t0, t1) = this.Crypto.UpdateT(
                enrollmentRecord.Ns.ToByteArray(),
                enrollmentRecord.T0.ToByteArray(),
                enrollmentRecord.T1.ToByteArray(),
                token);

            var updatedEnrollmentRecord = new EnrollmentRecord
            {
                Nc = enrollmentRecord.Nc,
                Ns = enrollmentRecord.Ns,
                T0 = ByteString.CopyFrom(t0),
                T1 = ByteString.CopyFrom(t1),
            };

            return(updatedEnrollmentRecord.ToByteArray());
        }