/// <summary>
/// Finishes a previously started registration.
/// </summary>
/// <param name="startedRegistration">started registration response.</param>
/// <param name="tokenResponse">tokenResponse the response from the token/client.</param>
/// <param name="facets">A list of valid facets to verify against. (note: optional)</param>
/// <returns>a DeviceRegistration object, holding information about the registered device. Servers should persist this.</returns>
public static DeviceRegistration FinishRegistration(StartedRegistration startedRegistration,
RegisterResponse tokenResponse, HashSet <string> facets = null)
{
ClientData clientData = tokenResponse.GetClientData();
clientData.CheckContent(RegisterType, startedRegistration.Challenge, facets);
RawRegisterResponse rawRegisterResponse = RawRegisterResponse.FromBase64(tokenResponse.RegistrationData);
rawRegisterResponse.CheckSignature(startedRegistration.AppId, clientData.AsJson());
return(rawRegisterResponse.CreateDevice());
}
public void RawAuthenticateResponse_PackBytesToSign()
{
RawAuthenticateResponse rawAuthenticateResponse = RawAuthenticateResponse.FromBase64(_authenticateResponse.SignatureData);
byte[] signedBytes = RawAuthenticateResponse.PackBytesToSign(
U2F.Crypto.Hash("testid"),
rawAuthenticateResponse.UserPresence,
rawAuthenticateResponse.Counter,
U2F.Crypto.Hash(clientData.AsJson())
);
Assert.IsNotNull(signedBytes);
Assert.IsTrue(signedBytes.Length > 0);
}
/// <summary>
/// Finishes a previously started authentication.
/// </summary>
/// <param name="startedAuthentication">The authentication the device started</param>
/// <param name="response">response the response from the token/client.</param>
/// <param name="deviceRegistration"></param>
/// <param name="facets">A list of valid facets to verify against. (note: optional)</param>
/// <returns>the new value of the DeviceRegistration's counter</returns>
public static uint FinishAuthentication(StartedAuthentication startedAuthentication,
AuthenticateResponse response,
DeviceRegistration deviceRegistration,
HashSet <string> facets = null)
{
ClientData clientData = response.GetClientData();
clientData.CheckContent(AuthenticateTyp, startedAuthentication.Challenge, facets);
RawAuthenticateResponse authenticateResponse = RawAuthenticateResponse.FromBase64(response.SignatureData);
authenticateResponse.CheckSignature(startedAuthentication.AppId, clientData.AsJson(), deviceRegistration.PublicKey);
authenticateResponse.CheckUserPresence();
return(deviceRegistration.CheckAndUpdateCounter(authenticateResponse.Counter));
}