public static byte[] CreatePinAuthforChangePin(byte[] sharedSecret, string newpin, string currentpin)
{
// new pin
byte[] newPinEnc = null;
{
var newpin64 = PaddingPin64(newpin);
newPinEnc = AES256CBC.Encrypt(sharedSecret, newpin64);
}
// current pin
var currentPinHashEnc = CreatePinHashEnc(currentpin, sharedSecret);
// source data
var data = new List <byte>();
data.AddRange(newPinEnc.ToArray());
data.AddRange(currentPinHashEnc.ToArray());
// HMAC-SHA-256(sharedSecret, newPinEnc)
byte[] pinAuth;
using (var hmacsha256 = new HMACSHA256(sharedSecret)) {
var dgst = hmacsha256.ComputeHash(data.ToArray());
pinAuth = dgst.ToList().Take(16).ToArray();
}
return(pinAuth);
}
public static byte[] CreatePinAuthforSetPin(byte[] sharedSecret, string newpin)
{
var newpin64 = PaddingPin64(newpin);
var newPinEnc = AES256CBC.Encrypt(sharedSecret, newpin64);
// HMAC-SHA-256(sharedSecret, newPinEnc)
byte[] pinAuth;
using (var hmacsha256 = new HMACSHA256(sharedSecret)) {
var dgst = hmacsha256.ComputeHash(newPinEnc);
pinAuth = dgst.ToList().Take(16).ToArray();
}
return(pinAuth);
}
/// <summary>
/// CTAP-Command GetAssertion use PIN string
/// </summary>
public async Task <ResponseGetAssertion> GetAssertionAsync(CTAPCommandGetAssertionParam param, string pin)
{
byte[] pinAuth = null;
byte[] sharedSecret = null;
COSE_Key myKeyAgreement = null;
if (!string.IsNullOrEmpty(pin))
{
var token = await ClientPINgetPINTokenAsync(pin);
if (token.DeviceStatus != DeviceStatus.Ok || token.CTAPResponse == null || token.CTAPResponse.Status != 0)
{
return(new ResponseGetAssertion(token.DeviceStatus, token.CTAPResponse));
}
//The platform gets sharedSecret from the authenticator.
sharedSecret = CTAPCommandClientPIN.CreateSharedSecret(token.KeyAgreementPublicKey, out myKeyAgreement);
pinAuth = CTAPCommandClientPIN.CreatePinAuth(param.ClientDataHash, token.CTAPResponse.PinToken);
if (pinAuth == null)
{
return(new ResponseGetAssertion(token.DeviceStatus, token.CTAPResponse));
}
}
var ctapResponseGetAssertion = new CTAPResponseGetAssertion();
var ret = await sendCommandandResponseAsync(new CTAPCommandGetAssertion(param, pinAuth, myKeyAgreement, sharedSecret), ctapResponseGetAssertion);
//Resolve the hmac-secret extension
if (param.UseHmacExtension && ctapResponseGetAssertion.Assertion.ExtensionData?.Length > 0)
{
var data = ctapResponseGetAssertion.Assertion.ExtensionData;
var decoded = AES256CBC.Decrypt(sharedSecret, data.ToArray());
Logger.Log($"GOT SYMMETRIC KEY: {decoded.ToHexString()}");
}
return(new ResponseGetAssertion(ret.devSt, ret.ctapRes));
}
public static byte[] CreatePinHashEnc(string pin, byte[] sharedSecret)
{
// AES256-CBC(sharedSecret, IV=0, LEFT(SHA-256(PIN), 16))
// pinsha = SHA-256(PIN) ->32byte
byte[] pinbyte = Encoding.ASCII.GetBytes(pin);
byte[] pinsha = null;
using (var sha = new SHA256CryptoServiceProvider())
{
pinsha = sha.ComputeHash(pinbyte);
}
// pinsha16 = LEFT 16(pinsha)
byte[] pinsha16 = pinsha.ToList().Skip(0).Take(16).ToArray();
// pinHashEnc = AES256-CBC(sharedSecret, IV=0, pinsha16)
//string key = Common.BytesToHexString(sharedSecret);
//string data = Common.BytesToHexString(pinsha16);
var pinHashEnc = AES256CBC.Encrypt(sharedSecret, pinsha16);
return(pinHashEnc);
}
public override byte[] CreatePayload()
{
var cbor = CBORObject.NewMap();
// 0x01 : rpid
cbor.Add(0x01, param.RpId);
// 0x02 : clientDataHash
cbor.Add(0x02, param.ClientDataHash);
// 0x03 : allowList
if (param.AllowList_CredentialId != null)
{
var pubKeyCredParams = CBORObject.NewMap();
pubKeyCredParams.Add("id", param.AllowList_CredentialId);
pubKeyCredParams.Add("type", "public-key");
cbor.Add(0x03, CBORObject.NewArray().Add(pubKeyCredParams));
}
// 0x04 : extensions
if (param.UseHmacExtension && this.keyAgreement != null)
{
var extensions = CBORObject.NewMap();
var hmac = CBORObject.NewMap();
//keyAgreement(0x01): public key of platformKeyAgreementKey, "bG".
hmac.Add(0x01, keyAgreement.ToCbor());
//saltEnc(0x02): Encrypt one or two salts(Called salt1(32 bytes) and salt2(32 bytes))
var saltEnc = AES256CBC.Encrypt(sharedSecret, salt);
hmac.Add(0x02, saltEnc);
//saltAuth(0x03): LEFT(HMAC-SHA-256(sharedSecret, saltEnc), 16).
using (var hmacsha256 = new HMACSHA256(sharedSecret))
{
var dgst = hmacsha256.ComputeHash(saltEnc);
hmac.Add(0x03, dgst.ToList().Take(16).ToArray());
}
extensions.Add("hmac-secret", hmac);
cbor.Add(0x04, extensions);
}
// 0x05 : options
if (param.Option_up || param.Option_uv)
{
var opt = CBORObject.NewMap();
if (param.Option_up)
{
opt.Add("up", param.Option_up);
}
if (param.Option_uv)
{
opt.Add("uv", param.Option_uv);
}
cbor.Add(0x05, opt);
}
if (pinAuth != null)
{
// pinAuth(0x06)
cbor.Add(0x06, pinAuth);
// 0x07:pinProtocol
cbor.Add(0x07, 1);
}
return(create(CTAPCommandType.authenticatorGetAssertion, cbor));
}
private void computePinToken()
{
PinToken = AES256CBC.Decrypt(sharedSecret, pinTokenEnc);
}
private static byte[] createNewPinEnc(byte[] sharedSecret, byte[] newpin64)
{
byte[] newPinEnc = AES256CBC.Encrypt(sharedSecret, newpin64);
return(newPinEnc);
}
