private static FidoDeviceRegistration CreateTestDeviceRegistration()
{
var cert = FidoAttestationCertificate.FromWebSafeBase64(TestVectors.AttestationCertificate);
var keyHandle = FidoKeyHandle.FromWebSafeBase64(TestVectors.KeyHandle);
var publicKey = FidoPublicKey.FromWebSafeBase64(TestVectors.PublicKeyBase64);
return(new FidoDeviceRegistration(keyHandle, publicKey, cert, 0));
}
private FidoRegistrationData(FidoPublicKey userPublicKey, FidoKeyHandle keyHandle,
FidoAttestationCertificate attestationCertificate,
FidoSignature signature)
{
UserPublicKey = userPublicKey;
KeyHandle = keyHandle;
AttestationCertificate = attestationCertificate;
Signature = signature;
}
private static FidoDeviceRegistration CreateTestDeviceRegistration()
{
var keyHandle = new FidoKeyHandle(Encoding.Default.GetBytes("keyhandle"));
var publicKey = new FidoPublicKey(Encoding.Default.GetBytes("publickey"));
var certificate = new FidoAttestationCertificate(Encoding.Default.GetBytes("certificate"));
var deviceRegistration = new FidoDeviceRegistration(keyHandle, publicKey, certificate, 12345);
return(deviceRegistration);
}
public void FromJson()
{
var deviceRegistration = FidoDeviceRegistration.FromJson("{\"Certificate\":\"Y2VydGlmaWNhdGU\",\"Counter\":12345,\"KeyHandle\":\"a2V5aGFuZGxl\",\"PublicKey\":\"cHVibGlja2V5\"}");
var keyHandle = new FidoKeyHandle(Encoding.Default.GetBytes("keyhandle"));
var publicKey = new FidoPublicKey(Encoding.Default.GetBytes("publickey"));
var certificate = new FidoAttestationCertificate(Encoding.Default.GetBytes("certificate"));
Assert.AreEqual(12345, deviceRegistration.Counter);
Assert.IsTrue(certificate.Equals(deviceRegistration.Certificate));
Assert.IsTrue(publicKey.Equals(deviceRegistration.PublicKey));
Assert.IsTrue(keyHandle.Equals(deviceRegistration.KeyHandle));
}
public void DeserializeObject()
{
var publicKey = new byte[256];
RandomNumberGenerator.Create().GetBytes(publicKey);
var value = new FidoAttestationCertificate(publicKey);
var serialized = JsonConvert.SerializeObject(value);
var deserialized = JsonConvert.DeserializeObject <FidoAttestationCertificate>(serialized);
Assert.AreEqual(value, deserialized);
}
public void SerializeObject()
{
var randomBytes = new byte[256];
RandomNumberGenerator.Create().GetBytes(randomBytes);
var value = new FidoAttestationCertificate(randomBytes);
var serialized = JsonConvert.SerializeObject(value);
var bytes = WebSafeBase64Converter.FromBase64String(serialized.Trim('"'));
Assert.IsTrue(randomBytes.SequenceEqual(bytes));
}
public void ToJson()
{
var keyHandle = new FidoKeyHandle(Encoding.Default.GetBytes("keyhandle"));
var publicKey = new FidoPublicKey(Encoding.Default.GetBytes("publickey"));
var certificate = new FidoAttestationCertificate(Encoding.Default.GetBytes("certificate"));
var deviceRegistration = new FidoDeviceRegistration(keyHandle, publicKey, certificate, 12345);
var serialized = deviceRegistration.ToJson();
var jsonObject = JObject.Parse(serialized);
var properties = jsonObject.Properties().ToLookup(x => x.Name.ToLowerInvariant(), x => x.Value.ToString());
Assert.AreEqual("Y2VydGlmaWNhdGU", properties["certificate"].Single());
Assert.AreEqual("12345", properties["counter"].Single());
Assert.AreEqual("a2V5aGFuZGxl", properties["keyhandle"].Single());
Assert.AreEqual("cHVibGlja2V5", properties["publickey"].Single());
}
private void VerifySignature(FidoAttestationCertificate certificate, FidoSignature signature,
byte[] signedBytes)
{
try
{
var certPublicKey = certificate.Certificate.GetPublicKey();
var signer = SignerUtilities.GetSigner("SHA-256withECDSA");
signer.Init(false, certPublicKey);
signer.BlockUpdate(signedBytes, 0, signedBytes.Length);
if (signer.VerifySignature(signature.ToByteArray()))
{
throw new InvalidOperationException("Invalid signature");
}
}
catch (Exception)
{
throw new InvalidOperationException("Invalid signature");
}
}
private static FidoRegistrationData FromStream(Stream stream)
{
if (stream == null) throw new ArgumentNullException("stream");
using (var binaryReader = new BinaryReader(stream))
{
var reservedByte = binaryReader.ReadByte();
if (reservedByte != RegistrationReservedByte)
{
throw new InvalidOperationException(String.Format(
"Incorrect value of reserved byte (expected: 0x{0:X2} but was: 0x{1:X1})",
RegistrationReservedByte, reservedByte));
}
try
{
var publicKeyBytes = binaryReader.ReadBytes(65);
var keyHandleLength = binaryReader.ReadByte();
var keyHandleBytes = binaryReader.ReadBytes(keyHandleLength);
var nextChunkSize = (int)(binaryReader.BaseStream.Length - binaryReader.BaseStream.Position);
var certificatePosition = binaryReader.BaseStream.Position;
var certBytes = binaryReader.ReadBytes(nextChunkSize);
var certificate = new FidoAttestationCertificate(certBytes);
var certSize = certificate.Certificate.GetEncoded().Length;
binaryReader.BaseStream.Position = certificatePosition + certSize;
nextChunkSize = (int)(binaryReader.BaseStream.Length - binaryReader.BaseStream.Position);
var signatureBytes = binaryReader.ReadBytes(nextChunkSize);
var registerResponse = new FidoRegistrationData(
new FidoPublicKey(publicKeyBytes),
new FidoKeyHandle(keyHandleBytes),
certificate,
new FidoSignature(signatureBytes));
return registerResponse;
}
catch (Exception ex)
{
var message = String.Format("Error parsing registration data ({0})", ex.Message);
throw new InvalidOperationException(message, ex);
}
}
}
private static FidoDeviceRegistration CreateTestDeviceRegistration()
{
var keyHandle = new FidoKeyHandle(Encoding.Default.GetBytes("keyhandle"));
var publicKey = new FidoPublicKey(Encoding.Default.GetBytes("publickey"));
var certificate = new FidoAttestationCertificate(Encoding.Default.GetBytes("certificate"));
var deviceRegistration = new FidoDeviceRegistration(keyHandle, publicKey, certificate, 12345);
return deviceRegistration;
}
public void ToJson()
{
var keyHandle = new FidoKeyHandle(Encoding.Default.GetBytes("keyhandle"));
var publicKey = new FidoPublicKey(Encoding.Default.GetBytes("publickey"));
var certificate = new FidoAttestationCertificate(Encoding.Default.GetBytes("certificate"));
var deviceRegistration = new FidoDeviceRegistration(keyHandle, publicKey, certificate, 12345);
var serialized = deviceRegistration.ToJson();
var jsonObject = JObject.Parse(serialized);
var properties = jsonObject.Properties().ToLookup(x => x.Name.ToLowerInvariant(), x => x.Value.ToString());
Assert.AreEqual("Y2VydGlmaWNhdGU", properties["certificate"].Single());
Assert.AreEqual("12345", properties["counter"].Single());
Assert.AreEqual("a2V5aGFuZGxl", properties["keyhandle"].Single());
Assert.AreEqual("cHVibGlja2V5", properties["publickey"].Single());
}
public void FromJson()
{
var deviceRegistration = FidoDeviceRegistration.FromJson("{\"Certificate\":\"Y2VydGlmaWNhdGU\",\"Counter\":12345,\"KeyHandle\":\"a2V5aGFuZGxl\",\"PublicKey\":\"cHVibGlja2V5\"}");
var keyHandle = new FidoKeyHandle(Encoding.Default.GetBytes("keyhandle"));
var publicKey = new FidoPublicKey(Encoding.Default.GetBytes("publickey"));
var certificate = new FidoAttestationCertificate(Encoding.Default.GetBytes("certificate"));
Assert.AreEqual(12345, deviceRegistration.Counter);
Assert.IsTrue(certificate.Equals(deviceRegistration.Certificate));
Assert.IsTrue(publicKey.Equals(deviceRegistration.PublicKey));
Assert.IsTrue(keyHandle.Equals(deviceRegistration.KeyHandle));
}
private void VerifySignature(FidoAttestationCertificate certificate, FidoSignature signature,
byte[] signedBytes)
{
try
{
var certPublicKey = certificate.Certificate.GetPublicKey();
var signer = SignerUtilities.GetSigner("SHA-256withECDSA");
signer.Init(false, certPublicKey);
signer.BlockUpdate(signedBytes, 0, signedBytes.Length);
if (signer.VerifySignature(signature.ToByteArray()))
throw new InvalidOperationException("Invalid signature");
}
catch (Exception)
{
throw new InvalidOperationException("Invalid signature");
}
}
public override object ReadJson(JsonReader reader, Type objectType, object existingValue, JsonSerializer serializer)
{
return(FidoAttestationCertificate.FromWebSafeBase64(reader.Value.ToString()));
}