private void logResponse(CTAPauthenticator ctap, CTAPResponse res) { string msg = "<Command>\r\n" + ctap.payloadJson + "\r\n\r\n"; msg = msg + "<Response>\r\n"; msg = msg + string.Format($"Status=0x{res.Status:X2}\r\nMsg={res.StatusMsg}\r\n<ResponseData>\r\n"); msg = msg + res.ResponseDataJson + "\r\n"; log(msg); if (res.GetType() == typeof(CTAPResponseAssertion)) { var ret = (CTAPResponseAssertion)res; log(string.Format($"User_Id={Encoding.ASCII.GetString(ret.User_Id)}")); log(string.Format($"User_Name={ret.User_Name}")); log(string.Format($"User_DisplayName={ret.User_DisplayName}")); log(string.Format($"Flags_AttestedCredentialDataIncluded={ret.Flags_AttestedCredentialDataIncluded}")); log(string.Format($"Flags_ExtensionDataIncluded={ret.Flags_ExtensionDataIncluded}")); log(string.Format($"Flags_UserPresentResult={ret.Flags_UserPresentResult}")); log(string.Format($"Flags_UserVerifiedResult={ret.Flags_UserVerifiedResult}")); log(string.Format($"NumberOfCredentials={ret.NumberOfCredentials}")); } }
public static async Task <CreateCommandStatus> Create(DevParam devParam, PublicKeyforCreate publickey) { var status = new CreateCommandStatus(); try { if (publickey.rp == null || publickey.user == null || publickey.challenge == null) { throw (new Exception("Param Error")); } var ctap = new CTAPauthenticatorMakeCredential(); ctap.RpId = publickey.rp.id; ctap.RpName = publickey.rp.name; ctap.UserId = publickey.user.id; ctap.UserId_bytearray = publickey.user.id_bytearray; ctap.UserName = publickey.user.name; ctap.UserDisplayName = publickey.user.displayName; ctap.ClientDataHash = CTAPauthenticator.CreateClientDataHash(publickey.challenge); ctap.TimeoutMs = publickey.timeout; ctap.Option_rk = publickey.authenticatorSelection.requireResidentKey; if (publickey.authenticatorSelection.userVerification == UserVerificationRequirement.discouraged) { ctap.Option_uv = false; } else { ctap.Option_uv = true; } if (publickey.pin.Length > 0) { string pin = publickey.pin; var ctap2 = new CTAPauthenticatorClientPIN(); var st1 = await ctap2.GetKeyAgreement(devParam); status.commands.Add(new CommandStatus.CommandInfo(ctap2, st1)); if (st1.Status != 0) { throw (new Exception("GetKeyAgreement")); } var sharedSecret = ctap2.createSharedSecret(ctap2.Authenticator_KeyAgreement); var pinHashEnc = ctap2.createPinHashEnc(pin, sharedSecret); var token = await ctap2.GetPINToken(devParam, pinHashEnc); status.commands.Add(new CommandStatus.CommandInfo(ctap2, token)); if (token.Status != 0) { throw (new Exception("GetPINToken")); } ctap.PinAuth = ctap2.createPinAuth(sharedSecret, ctap.ClientDataHash, token.PinTokenEnc); } var att = await ctap.SendAndResponse(devParam); status.commands.Add(new CommandStatus.CommandInfo(ctap, att)); if (att.Status != 0) { throw (new Exception("MakeCredential")); } status.attestation = att; status.isSuccess = true; } catch (Exception ex) { status.setErrorMsg(ex); } return(status); }
public CommandInfo(CTAPauthenticator cmd, CTAPResponse res) { this.cmd = cmd; this.res = res; }
public static async Task <GetCommandStatus> Get(DevParam devParam, PublicKeyforGet publickey) { var status = new GetCommandStatus(); try { string rpid = publickey.rpId; var ctap = new CTAPauthenticatorGetAssertion(); ctap.RpId = rpid; ctap.ClientDataHash = CTAPauthenticator.CreateClientDataHash(publickey.challenge); ctap.Timeout = publickey.timeout; // credential-id if (publickey.allowCredentials != null && publickey.allowCredentials.Count > 0 && publickey.allowCredentials[0] != null && publickey.allowCredentials[0].id != null && publickey.allowCredentials[0].id.Length > 0) { ctap.AllowList_CredentialId = publickey.allowCredentials[0].id; } ctap.Option_up = publickey.requireUserPresence; if (publickey.userVerification == UserVerificationRequirement.discouraged) { ctap.Option_uv = false; } else { ctap.Option_uv = true; } // pin if (publickey.pin.Length > 0) { string pin = publickey.pin; var ctap2 = new CTAPauthenticatorClientPIN(); var st1 = await ctap2.GetKeyAgreement(devParam); status.commands.Add(new CommandStatus.CommandInfo(ctap2, st1)); if (st1.Status != 0) { throw (new Exception("GetKeyAgreement")); } var sharedSecret = ctap2.createSharedSecret(ctap2.Authenticator_KeyAgreement); var pinHashEnc = ctap2.createPinHashEnc(pin, sharedSecret); var token = await ctap2.GetPINToken(devParam, pinHashEnc); status.commands.Add(new CommandStatus.CommandInfo(ctap2, token)); if (token.Status != 0) { throw (new Exception("GetPINToken")); } ctap.PinAuth = ctap2.createPinAuth(sharedSecret, ctap.ClientDataHash, token.PinTokenEnc); } var ret = await ctap.SendAndResponse(devParam); status.commands.Add(new CommandStatus.CommandInfo(ctap, ret)); if (ret.Status != 0) { throw (new Exception("GetAssertion")); } status.assertions.Add(ret); if (ret.NumberOfCredentials > 0) { for (int intIc = 0; intIc < ret.NumberOfCredentials - 1; intIc++) { var next = new CTAPauthenticatorGetNextAssertion(); var nextret = await next.SendAndResponse(devParam); status.commands.Add(new CommandStatus.CommandInfo(next, nextret)); if (ret.Status != 0) { throw (new Exception("GetNextAssertion")); } status.assertions.Add(nextret); } } // uv=trueでリクエストしてuvされていなければエラー if (ctap.Option_uv) { if (ret.Flags_UserVerifiedResult == false) { throw (new Exception("UserVerifiedResult False")); } } status.isSuccess = true; } catch (Exception ex) { status.setErrorMsg(ex); } return(status); }