public FidoStartedRegistration StartRegistration(FidoAppId appId)
{
var challengeBytes = _generateFidoChallenge.GenerateChallenge();
var challenge = WebSafeBase64Converter.ToBase64String(challengeBytes);
return(new FidoStartedRegistration(appId, challenge));
}
private void VerifyResponseSignature(FidoAppId appId, FidoRegistrationData registrationData, FidoClientData clientData)
{
if (appId == null)
{
throw new ArgumentNullException("appId");
}
if (registrationData == null)
{
throw new ArgumentNullException("registrationData");
}
if (clientData == null)
{
throw new ArgumentNullException("clientData");
}
if (String.IsNullOrEmpty(clientData.RawJsonValue))
{
throw new InvalidOperationException("Client data has no JSON representation");
}
var signedBytes = PackBytes(
new byte[] { 0 },
Helpers.Sha256(appId.ToString()),
Helpers.Sha256(clientData.RawJsonValue),
registrationData.KeyHandle.ToByteArray(),
registrationData.UserPublicKey.ToByteArray());
VerifySignature(registrationData.AttestationCertificate, registrationData.Signature, signedBytes);
}
public FidoStartedRegistration(FidoAppId appId, string challenge)
{
if (appId == null)
{
throw new ArgumentNullException("appId");
}
if (challenge == null)
{
throw new ArgumentNullException("challenge");
}
AppId = appId;
Challenge = challenge;
}
public FidoStartedAuthentication StartAuthentication(FidoAppId appId, FidoDeviceRegistration deviceRegistration)
{
if (appId == null)
{
throw new ArgumentNullException("appId");
}
if (deviceRegistration == null)
{
throw new ArgumentNullException("deviceRegistration");
}
var challenge = _generateFidoChallenge.GenerateChallenge();
return(new FidoStartedAuthentication(appId,
WebSafeBase64Converter.ToBase64String(challenge),
deviceRegistration.KeyHandle));
}
private void VerifyAuthSignature(FidoAppId appId, FidoSignatureData signatureData, FidoClientData clientData,
FidoDeviceRegistration deviceRegistration)
{
if (appId == null)
{
throw new ArgumentNullException("appId");
}
if (signatureData == null)
{
throw new ArgumentNullException("signatureData");
}
if (clientData == null)
{
throw new ArgumentNullException("clientData");
}
if (deviceRegistration == null)
{
throw new ArgumentNullException("deviceRegistration");
}
if (String.IsNullOrEmpty(clientData.RawJsonValue))
{
throw new InvalidOperationException("Client data has no JSON representation");
}
var counterBytes = BitConverter.GetBytes(signatureData.Counter);
if (BitConverter.IsLittleEndian)
{
Array.Reverse(counterBytes);
}
var signedBytes = PackBytes(
Helpers.Sha256(appId.ToString()),
new [] { signatureData.UserPresence },
counterBytes,
Helpers.Sha256(clientData.RawJsonValue));
VerifySignature(deviceRegistration, signatureData.Signature, signedBytes);
if (signatureData.UserPresence != UserPresentFlag)
{
throw new InvalidOperationException("User presence invalid during authentication");
}
}
public FidoStartedAuthentication(FidoAppId appId, string challenge, FidoKeyHandle keyHandle)
{
if (appId == null)
{
throw new ArgumentNullException("appId");
}
if (challenge == null)
{
throw new ArgumentNullException("challenge");
}
if (keyHandle == null)
{
throw new ArgumentNullException("keyHandle");
}
AppId = appId;
Challenge = challenge;
KeyHandle = keyHandle;
}
