public FidoU2f()
{
_aaguid = Guid.Empty;
_attestationObject.Add("fmt", "fido-u2f");
X509Certificate2 attestnCert;
using (var ecdsaAtt = ECDsa.Create(ECCurve.NamedCurves.nistP256))
{
var attRequest = new CertificateRequest("CN=U2FTesting, OU=Authenticator Attestation, O=FIDO2-NET-LIB, C=US", ecdsaAtt, HashAlgorithmName.SHA256);
attRequest.CertificateExtensions.Add(notCAExt);
using (attestnCert = attRequest.CreateSelfSigned(DateTimeOffset.UtcNow, DateTimeOffset.UtcNow.AddDays(2)))
{
var X5c = new CborArray {
attestnCert.RawData
};
var ecparams = ecdsaAtt.ExportParameters(true);
_credentialPublicKey = Fido2Tests.MakeCredentialPublicKey(COSE.KeyType.EC2, COSE.Algorithm.ES256, COSE.EllipticCurve.P256, ecparams.Q.X, ecparams.Q.Y);
var x = (byte[])_credentialPublicKey.GetCborObject()[COSE.KeyTypeParameter.X];
var y = (byte[])_credentialPublicKey.GetCborObject()[COSE.KeyTypeParameter.Y];
byte[] publicKeyU2F = DataHelper.Concat(new byte[1] {
0x4
}, x, y);
byte[] verificationData = DataHelper.Concat(
new byte[1] {
0x00
},
_rpIdHash,
_clientDataHash,
_credentialID,
publicKeyU2F
);
byte[] signature = Fido2Tests.SignData(COSE.KeyType.EC2, COSE.Algorithm.ES256, verificationData, ecdsaAtt, null, null);
_attestationObject.Add("attStmt", new CborMap {
{ "x5c", X5c },
{ "sig", signature }
});
}
}
}
public FidoU2f()
{
_aaguid = Guid.Empty;
_attestationObject.Add("fmt", "fido-u2f");
X509Certificate2 attestnCert;
using (var ecdsaAtt = ECDsa.Create(ECCurve.NamedCurves.nistP256))
{
var attRequest = new CertificateRequest("CN=U2FTesting, OU=Authenticator Attestation, O=FIDO2-NET-LIB, C=US", ecdsaAtt, HashAlgorithmName.SHA256);
attRequest.CertificateExtensions.Add(notCAExt);
using (attestnCert = attRequest.CreateSelfSigned(DateTimeOffset.UtcNow, DateTimeOffset.UtcNow.AddDays(2)))
{
var X5c = CBORObject.NewArray()
.Add(CBORObject.FromObject(attestnCert.RawData));
var ecparams = ecdsaAtt.ExportParameters(true);
_credentialPublicKey = Fido2Tests.MakeCredentialPublicKey(COSE.KeyType.EC2, COSE.Algorithm.ES256, COSE.EllipticCurve.P256, ecparams.Q.X, ecparams.Q.Y);
var x = _credentialPublicKey.GetCBORObject()[CBORObject.FromObject(COSE.KeyTypeParameter.X)].GetByteString();
var y = _credentialPublicKey.GetCBORObject()[CBORObject.FromObject(COSE.KeyTypeParameter.Y)].GetByteString();
var publicKeyU2F = new byte[1] {
0x4
}.Concat(x).Concat(y).ToArray();
var verificationData = new byte[1] {
0x00
};
verificationData = verificationData
.Concat(_rpIdHash)
.Concat(_clientDataHash)
.Concat(_credentialID)
.Concat(publicKeyU2F.ToArray())
.ToArray();
byte[] signature = Fido2Tests.SignData(COSE.KeyType.EC2, COSE.Algorithm.ES256, verificationData, ecdsaAtt, null, null);
_attestationObject.Add("attStmt", CBORObject.NewMap().Add("x5c", X5c).Add("sig", signature));
}
}
}