Ejemplo n.º 1
0
        public virtual void TestEncodeRegisterRequest()
        {
            var registerRequest = new KeyRegisterRequest(APP_ID_ENROLL_SHA256, BROWSER_DATA_ENROLL_SHA256);
            var encodedBytes    = RawMessageCodec.EncodeKeyRegisterRequest(registerRequest);

            CollectionAssert.AreEqual(REGISTRATION_REQUEST_DATA, encodedBytes);
        }
Ejemplo n.º 2
0
        async Task <RegisterOperationResult?> TryOneRequest(IKey key, KeyRegisterRequest request,
                                                            CancellationToken cancellationToken)
        {
            try
            {
                var result = await key.RegisterAsync(request, cancellationToken);

                log.Info(result.Status.ToString());
                switch (result.Status)
                {
                case KeyResponseStatus.Success:
                    return(RegisterOperationResult.Success(request, result.Data));
                }
            }
            catch (KeyGoneException)
            {
                // No sense in continuing with this signer, the key isn't physically present anymore
                log.DebugFormat("Key '{0}' is gone", keyId);
                throw;
            }
            catch (TaskCanceledException)
            {
                // Let cancellation bubble up
                throw;
            }
            catch (KeyBusyException)
            {
                // Maybe it won't be busy later
            }
            catch (Exception exception)
            {
                log.Error("Authenticate request failed", exception);
            }
            return(null);
        }
Ejemplo n.º 3
0
        public KeyRegisterResponse Register(KeyRegisterRequest keyRegisterRequest)
        {
            while (true)
            {
                var result = key.RegisterAsync(keyRegisterRequest).Result;

                switch (result.Status)
                {
                case KeyResponseStatus.Success:
                    Debug.Assert(result.Data != null, "no data for success");
                    return(result.Data);

                case KeyResponseStatus.TestOfuserPresenceRequired:
                    Console.WriteLine("User presence required");
                    Thread.Sleep(100);
                    continue;

                case KeyResponseStatus.Failure:
                    throw new U2FException("Failure");

                default:
                    throw new ArgumentOutOfRangeException();
                }
            }
        }
Ejemplo n.º 4
0
        public virtual void TestDecodeRegisterRequest()
        {
            KeyRegisterRequest keyRegisterRequest = RawMessageCodec
                                                    .DecodeKeyRegisterRequest(REGISTRATION_REQUEST_DATA);

            Assert.AreEqual(new KeyRegisterRequest(APP_ID_ENROLL_SHA256
                                                   , BROWSER_DATA_ENROLL_SHA256), keyRegisterRequest);
        }
Ejemplo n.º 5
0
        public async Task <KeyResponse <KeyRegisterResponse> > RegisterAsync(KeyRegisterRequest request,
                                                                             CancellationToken cancellationToken = new CancellationToken(),
                                                                             bool invididualAttestation          = false)
        {
            var flags = invididualAttestation
                ? EnforceUserPresenceAndSign | InteractionFlags.AttestWithDeviceKey
                : EnforceUserPresenceAndSign;

            var message  = ApduMessageCodec.EncodeRegisterRequest(new KeyRequest <KeyRegisterRequest>(request, flags));
            var response = await QueryApduAsync(message, cancellationToken);

            return(ApduMessageCodec.DecodeRegisterReponse(response));
        }
Ejemplo n.º 6
0
        public Task <KeyResponse <KeyRegisterResponse> > RegisterAsync(KeyRegisterRequest request, CancellationToken cancellationToken = new CancellationToken(),
                                                                       bool invididualAttestation = false)
        {
            if (request == null)
            {
                throw new ArgumentNullException(nameof(request));
            }

            log.Info(">> register");

            var applicationSha256 = request.ApplicationSha256;
            var challengeSha256   = request.ChallengeSha256;

            log.Info(" -- Inputs --");
            log.Info("  applicationSha256: " + applicationSha256.ToHexString());
            log.Info("  challengeSha256: " + challengeSha256.ToHexString());

            var userPresent = userPresenceVerifier.VerifyUserPresence();

            if ((userPresent & UserPresenceVerifierConstants.UserPresentFlag) == 0)
            {
                return(TestOfUserPresenceRequired <KeyRegisterResponse>());
            }

            var keyPair   = keyPairGenerator.GenerateKeyPair(applicationSha256, challengeSha256);
            var keyHandle = keyHandleGenerator.GenerateKeyHandle(applicationSha256, keyPair);

            dataStore.StoreKeyPair(keyHandle, keyPair);

            var userPublicKey = keyPairGenerator.EncodePublicKey(keyPair.PublicKey);
            var signedData    = RawMessageCodec.EncodeKeyRegisterSignedBytes(applicationSha256, challengeSha256, keyHandle,
                                                                             userPublicKey);

            log.Info("Signing bytes " + signedData.ToHexString());
            var signature = crypto.Sign(signedData, certificatePrivateKey);

            log.Info(" -- Outputs --");
            log.Info("  userPublicKey: " + userPublicKey.ToHexString());
            log.Info("  keyHandle: " + keyHandle.ToHexString());
            log.Info("  vendorCertificate: " + vendorCertificate);
            log.Info("  signature: " + signature.ToHexString());
            log.Info("<< register");

            var response     = new KeyRegisterResponse(userPublicKey, keyHandle, vendorCertificate, signature);
            var responseData = RawMessageCodec.EncodeKeyRegisterResponse(response).Segment();
            var apdu         = new ApduResponse(ApduResponseStatus.NoError, responseData);
            var keyResponse  = new KeyResponse <KeyRegisterResponse>(apdu, response, KeyResponseStatus.Success);

            return(TaskEx.FromResult(keyResponse));
        }
        public virtual void TestRegister()
        {
            var registerRequest  = new KeyRegisterRequest(APP_ID_ENROLL_SHA256, BROWSER_DATA_ENROLL_SHA256);
            var registerResponse = u2FKey.Register(registerRequest);

            mockDataStore.Verify(x => x.StoreKeyPair(KEY_HANDLE, USER_KEY_PAIR_ENROLL));
            CollectionAssert.AreEqual(USER_PUBLIC_KEY_ENROLL_HEX, registerResponse.UserPublicKey);
            Assert.AreEqual(VENDOR_CERTIFICATE, registerResponse.AttestationCertificate);
            CollectionAssert.AreEqual(KEY_HANDLE, registerResponse.KeyHandle);
            var ecdsaSignature = SignerUtilities.GetSigner("SHA-256withECDSA");

            ecdsaSignature.Init(false, VENDOR_CERTIFICATE.GetPublicKey());
            ecdsaSignature.BlockUpdate(EXPECTED_REGISTER_SIGNED_BYTES, 0, EXPECTED_REGISTER_SIGNED_BYTES.Length);
            Assert.IsTrue(ecdsaSignature.VerifySignature(registerResponse.Signature));
        }
Ejemplo n.º 8
0
        public static byte[] EncodeKeyRegisterRequest([NotNull] KeyRegisterRequest keyRegisterRequest)
        {
            if (keyRegisterRequest == null)
            {
                throw new ArgumentNullException(nameof(keyRegisterRequest));
            }

            var appIdSha256     = keyRegisterRequest.ApplicationSha256;
            var challengeSha256 = keyRegisterRequest.ChallengeSha256;
            var result          = new byte[appIdSha256.Length + challengeSha256.Length];

            using (var writer = new EndianWriter(new MemoryStream(result), Endianness.BigEndian))
            {
                writer.Write(challengeSha256);
                writer.Write(appIdSha256);
            }
            return(result);
        }
Ejemplo n.º 9
0
        /// <exception cref="U2FException" />
        public KeyRegisterResponse Register(KeyRegisterRequest keyRegisterRequest)
        {
            if (keyRegisterRequest == null)
            {
                throw new ArgumentNullException(nameof(keyRegisterRequest));
            }

            log.Info(">> register");

            var applicationSha256 = keyRegisterRequest.ApplicationSha256;
            var challengeSha256   = keyRegisterRequest.ChallengeSha256;

            log.Info(" -- Inputs --");
            log.Info("  applicationSha256: " + applicationSha256.ToHexString());
            log.Info("  challengeSha256: " + challengeSha256.ToHexString());

            var userPresent = userPresenceVerifier.VerifyUserPresence();

            if ((userPresent & UserPresenceVerifierConstants.UserPresentFlag) == 0)
            {
                throw new U2FException("Cannot verify user presence");
            }

            var keyPair   = keyPairGenerator.GenerateKeyPair(applicationSha256, challengeSha256);
            var keyHandle = keyHandleGenerator.GenerateKeyHandle(applicationSha256, keyPair);

            dataStore.StoreKeyPair(keyHandle, keyPair);

            var userPublicKey = keyPairGenerator.EncodePublicKey(keyPair.PublicKey);
            var signedData    = RawMessageCodec.EncodeKeyRegisterSignedBytes(applicationSha256, challengeSha256, keyHandle,
                                                                             userPublicKey);

            log.Info("Signing bytes " + signedData.ToHexString());
            var signature = crypto.Sign(signedData, certificatePrivateKey);

            log.Info(" -- Outputs --");
            log.Info("  userPublicKey: " + userPublicKey.ToHexString());
            log.Info("  keyHandle: " + keyHandle.ToHexString());
            log.Info("  vendorCertificate: " + vendorCertificate);
            log.Info("  signature: " + signature.ToHexString());
            log.Info("<< register");

            return(new KeyRegisterResponse(userPublicKey, keyHandle, vendorCertificate, signature));
        }
Ejemplo n.º 10
0
 /// <exception cref="System.IO.IOException"/>
 /// <exception cref="U2FException"/>
 public static void SendRegisterRequest(Stream outputStream, KeyRegisterRequest keyRegisterRequest)
 {
     SendRequest(outputStream, CommandRegister, RawMessageCodec.
                 EncodeKeyRegisterRequest(keyRegisterRequest));
 }
Ejemplo n.º 11
0
 public RegisterInfo(RegisterRequest registerRequest, string clientDataBase64, KeyRegisterRequest keyRegisterRequest)
 {
     RegisterRequest    = registerRequest;
     ClientDataBase64   = clientDataBase64;
     KeyRegisterRequest = keyRegisterRequest;
 }
Ejemplo n.º 12
0
 public static RegisterOperationResult Success(KeyRegisterRequest request, KeyRegisterResponse response)
 {
     return(new RegisterOperationResult(KeyResponseStatus.Success, request, response));
 }
Ejemplo n.º 13
0
 private RegisterOperationResult(KeyResponseStatus status, KeyRegisterRequest request, KeyRegisterResponse response)
 {
     Status   = status;
     Request  = request;
     Response = response;
 }