private static async Task TestNew2()
{
var hidFactory = Win32HidDeviceFactory.Instance;
var keyFactory = new U2FHidKeyFactory(hidFactory);
var dataStore = new InMemoryServerDataStore(new GuidSessionIdGenerator());
LoadDataStore(dataStore);
var server = new U2FServerReferenceImpl(
new ChallengeGenerator(),
dataStore,
new BouncyCastleServerCrypto(),
new[] { "http://example.com", "https://example.com" });
var myClient = new U2FClient(
new DummySender("http://example.com", new JObject()),
keyFactory);
Console.WriteLine("Register or Sign ? (r/s)");
var mode = Console.ReadLine();
if (mode == "s")
{
var signRequests = server.GetSignRequests("vbfox", "http://example.com");
Console.WriteLine("Sign requests obtained ({0})", signRequests.Count);
var cts = new CancellationTokenSource(TimeSpan.FromMinutes(10));
var x = await myClient.Sign(signRequests, cts.Token);
Console.WriteLine("Signature done {0}", x);
if (x != null)
{
var serverResp = server.ProcessSignResponse(x);
Console.WriteLine("Server ok: {0}", serverResp);
SaveDataStore(dataStore);
}
}
else if (mode == "r")
{
var signRequests = server.GetSignRequests("vbfox", "http://example.com");
var regRequest = server.GetRegistrationRequest("vbfox", "http://example.com");
var cts = new CancellationTokenSource(TimeSpan.FromMinutes(10));
var x = await myClient.Register(new[] { regRequest }, signRequests, cts.Token);
Console.WriteLine("Authentication done {0}", x);
if (x != null)
{
var serverResp = server.ProcessRegistrationResponse(x, ToUnixTimeMilliseconds(SystemClock.Instance.Now));
Console.WriteLine("Server ok: {0}", serverResp);
SaveDataStore(dataStore);
}
}
else
{
Console.WriteLine("???");
}
Console.ReadLine();
return;
}
public virtual void TestProcessSignResponse()
{
mockDataStore.Setup(x => x.GetSignSessionData(SESSION_ID))
.Returns(new SignSessionData(ACCOUNT_NAME, APP_ID_SIGN, SERVER_CHALLENGE_SIGN, USER_PUBLIC_KEY_SIGN_HEX));
var u2FServer = new U2FServerReferenceImpl(mockChallengeGenerator.Object, mockDataStore.Object, crypto,
TRUSTED_DOMAINS);
var signResponse = new SignResponse(BROWSER_DATA_SIGN_BASE64, SIGN_RESPONSE_DATA_BASE64,
SERVER_CHALLENGE_SIGN_BASE64, SESSION_ID, APP_ID_SIGN);
u2FServer.ProcessSignResponse(signResponse);
}
// (currently, this test uses an enrollment browserdata during a signature)
public virtual void TestProcessSignResponse2()
{
mockDataStore.Setup(x => x.GetSignSessionData(SESSION_ID))
.Returns(new SignSessionData(ACCOUNT_NAME, APP_ID_2, SERVER_CHALLENGE_SIGN, USER_PUBLIC_KEY_2));
mockDataStore.Setup(x => x.GetSecurityKeyData(ACCOUNT_NAME))
.Returns(new List <SecurityKeyData>
{
new SecurityKeyData(0L, KEY_HANDLE_2, USER_PUBLIC_KEY_2, VENDOR_CERTIFICATE, 0)
});
var u2FServer = new U2FServerReferenceImpl(mockChallengeGenerator.Object, mockDataStore.Object, crypto, TRUSTED_DOMAINS);
var signResponse = new SignResponse(BROWSER_DATA_2_BASE64, SIGN_DATA_2_BASE64, CHALLENGE_2_BASE64, SESSION_ID, APP_ID_2);
u2FServer.ProcessSignResponse(signResponse);
}
public virtual void TestProcessSignResponseBadOrigin()
{
mockDataStore.Setup(x => x.GetSignSessionData(SESSION_ID))
.Returns(new SignSessionData(ACCOUNT_NAME, APP_ID_SIGN, SERVER_CHALLENGE_SIGN, USER_PUBLIC_KEY_SIGN_HEX));
var u2FServer = new U2FServerReferenceImpl(mockChallengeGenerator.Object
, mockDataStore.Object, crypto, new List <string> {
"http://some-other-domain.com"
});
var signResponse = new SignResponse(BROWSER_DATA_SIGN_BASE64, SIGN_RESPONSE_DATA_BASE64, SERVER_CHALLENGE_SIGN_BASE64, SESSION_ID, APP_ID_SIGN);
try
{
u2FServer.ProcessSignResponse(signResponse);
Assert.Fail("expected exception, but didn't get it");
}
catch (U2FException e)
{
Assert.IsTrue(e.Message.Contains("is not a recognized home origin"));
}
}
// (currently, this test uses an enrollment browserdata during a signature)
public virtual void TestProcessSignResponse2()
{
mockDataStore.Setup(x => x.GetSignSessionData(SESSION_ID))
.Returns(new SignSessionData(ACCOUNT_NAME, APP_ID_2, SERVER_CHALLENGE_SIGN, USER_PUBLIC_KEY_2));
mockDataStore.Setup(x => x.GetSecurityKeyData(ACCOUNT_NAME))
.Returns(new List<SecurityKeyData>
{
new SecurityKeyData(0L, KEY_HANDLE_2, USER_PUBLIC_KEY_2, VENDOR_CERTIFICATE, 0)
});
var u2FServer = new U2FServerReferenceImpl(mockChallengeGenerator.Object, mockDataStore.Object, crypto, TRUSTED_DOMAINS);
var signResponse = new SignResponse(BROWSER_DATA_2_BASE64, SIGN_DATA_2_BASE64, CHALLENGE_2_BASE64, SESSION_ID, APP_ID_2);
u2FServer.ProcessSignResponse(signResponse);
}
public virtual void TestProcessSignResponseBadOrigin()
{
mockDataStore.Setup(x => x.GetSignSessionData(SESSION_ID))
.Returns(new SignSessionData(ACCOUNT_NAME, APP_ID_SIGN, SERVER_CHALLENGE_SIGN, USER_PUBLIC_KEY_SIGN_HEX));
var u2FServer = new U2FServerReferenceImpl(mockChallengeGenerator.Object
, mockDataStore.Object, crypto, new List<string> { "http://some-other-domain.com"});
var signResponse = new SignResponse(BROWSER_DATA_SIGN_BASE64, SIGN_RESPONSE_DATA_BASE64, SERVER_CHALLENGE_SIGN_BASE64, SESSION_ID, APP_ID_SIGN);
try
{
u2FServer.ProcessSignResponse(signResponse);
Assert.Fail("expected exception, but didn't get it");
}
catch (U2FException e)
{
Assert.IsTrue(e.Message.Contains("is not a recognized home origin"));
}
}
public virtual void TestProcessSignResponse()
{
mockDataStore.Setup(x => x.GetSignSessionData(SESSION_ID))
.Returns(new SignSessionData(ACCOUNT_NAME, APP_ID_SIGN, SERVER_CHALLENGE_SIGN, USER_PUBLIC_KEY_SIGN_HEX));
var u2FServer = new U2FServerReferenceImpl(mockChallengeGenerator.Object, mockDataStore.Object, crypto,
TRUSTED_DOMAINS);
var signResponse = new SignResponse(BROWSER_DATA_SIGN_BASE64, SIGN_RESPONSE_DATA_BASE64,
SERVER_CHALLENGE_SIGN_BASE64, SESSION_ID, APP_ID_SIGN);
u2FServer.ProcessSignResponse(signResponse);
}
private static async Task TestNew2()
{
var hidFactory = Win32HidDeviceFactory.Instance;
var keyFactory = new U2FHidKeyFactory(hidFactory);
var dataStore = new InMemoryServerDataStore(new GuidSessionIdGenerator());
LoadDataStore(dataStore);
var server = new U2FServerReferenceImpl(
new ChallengeGenerator(),
dataStore,
new BouncyCastleServerCrypto(),
new[] {"http://example.com", "https://example.com"});
var myClient = new U2FClient(
new DummySender("http://example.com", new JObject()),
keyFactory);
Console.WriteLine("Register or Sign ? (r/s)");
var mode = Console.ReadLine();
if (mode == "s")
{
var signRequests = server.GetSignRequests("vbfox", "http://example.com");
Console.WriteLine("Sign requests obtained ({0})", signRequests.Count);
var cts = new CancellationTokenSource(TimeSpan.FromMinutes(10));
var x = await myClient.Sign(signRequests, cts.Token);
Console.WriteLine("Signature done {0}", x);
if (x != null)
{
var serverResp = server.ProcessSignResponse(x);
Console.WriteLine("Server ok: {0}", serverResp);
SaveDataStore(dataStore);
}
}
else if (mode == "r")
{
var signRequests = server.GetSignRequests("vbfox", "http://example.com");
var regRequest = server.GetRegistrationRequest("vbfox", "http://example.com");
var cts = new CancellationTokenSource(TimeSpan.FromMinutes(10));
var x = await myClient.Register(new[] { regRequest }, signRequests, cts.Token);
Console.WriteLine("Authentication done {0}", x);
if (x != null)
{
var serverResp = server.ProcessRegistrationResponse(x, ToUnixTimeMilliseconds(SystemClock.Instance.Now));
Console.WriteLine("Server ok: {0}", serverResp);
SaveDataStore(dataStore);
}
}
else
{
Console.WriteLine("???");
}
Console.ReadLine();
return;
}
