static void Main(string[] args) { if (args.Length != 1) { throw new InvalidOperationException("Incorrect number of arguments! Usage: Info <device>"); } using (var dev = new FidoDevice()) { dev.Open(args[0]); if (!dev.IsFido2) { return; } using (var ci = dev.GetCborInfo()) { Console.WriteLine(dev); Console.WriteLine(ci); } } }
static void Main(string[] args) { //Outputs debug messages to the console //Fido2Settings.Flags = FidoFlags.Debug; var lastDevicePath = ""; var hasUserPresence = false; var hasPin = false; var hasBiometric = false; //1. Get all devices using (var devlist = new FidoDeviceInfoList(64)) { foreach (var di in devlist) { Console.WriteLine(di); lastDevicePath = di.Path; Console.WriteLine($"GOT PATH:{di.Path}"); } } //2. Get the device info for any fido2 compliant device, check if it has a PIN set. if (string.IsNullOrEmpty(lastDevicePath)) { Console.WriteLine("No devices found. Check process is administrator, and that key is inserted correctly."); Console.ReadKey(); return; } else { using (var dev = new FidoDevice()) { dev.Open(lastDevicePath); using (var ci = dev.GetCborInfo()) { Console.WriteLine(dev); Console.WriteLine(ci); foreach (var option in ci.Options) { Console.WriteLine($"Option {option.Key}: {option.Value}"); } //Check the clientPin paramater (true/false if set, not foudn if not capable) try { hasPin = ci.Options["clientPin"]; Console.WriteLine($"Security Key has pin set: {hasPin}"); } catch { Console.WriteLine($"Error detecting pin."); } //Check the user presence paramater (true/false if set, not found if not capable) try { hasUserPresence = ci.Options["up"]; Console.WriteLine($"User presence set: {hasUserPresence}"); } catch { Console.WriteLine($"Error detecting user presence parameter."); } //Check the user verification paramater (true/false if set, not found if not capable) try { hasBiometric = ci.Options["uv"]; Console.WriteLine($"Biometric set: {hasBiometric}"); } catch { Console.WriteLine($"Error detecting biometric (user verification) parameter."); } if (hasPin) { Console.WriteLine($"Pin retry count set to: {dev.RetryCount}"); Console.WriteLine(); } } dev.Close(); } } //Optional. Reset the device //The actual user-flow to perform a reset is outside the scope of the FIDO2 specification, and may therefore vary depending on the authenticator. //Yubico authenticators do not allow resets after 5 seconds from power-up, and expect a reset to be confirmed by the user through touch within 30 seconds. //using (var dev = new FidoDevice()) //{ // Console.WriteLine("To reset the device, remove and re-insert the device, then press any key within 5 seconds."); // Console.ReadLine(); // dev.Open(lastDevicePath); // dev.Reset(); // Console.WriteLine("Touch the device to confirm within 30 seconds."); // dev.Close(); //} //Optional. Set the pin to 1234 if (!hasPin) { using (var dev = new FidoDevice()) { Console.WriteLine("Press any key to set the pin."); Console.ReadLine(); dev.Open(lastDevicePath); { dev.SetPin(null, "1234"); hasPin = true; dev.Close(); } } } Console.WriteLine("Press any key to make a credential"); Console.ReadLine(); Console.WriteLine("Touch the device if requested ..."); //3. Make a credential on the device. //Pin may be null if not required //https://groups.google.com/a/fidoalliance.org/forum/#!topic/fido-dev/L2K5fBm8Sh0 var useHmacExtension = true; var credential = MakeDeviceCredential(lastDevicePath, useHmacExtension, FidoCose.ES256, null, (hasPin) ? "1234" : null, hasBiometric); Console.WriteLine($"Created credential id: {credential.CredentialId}"); Console.WriteLine("Press any key to make another credential"); Console.ReadLine(); Console.WriteLine("Touch the device if requested ..."); //Test making another credential to test multiple credential scenarios var credential2 = MakeDeviceCredential(lastDevicePath, useHmacExtension, FidoCose.ES256, null, (hasPin) ? "1234" : null, hasBiometric); Console.WriteLine($"Created credential id: {credential2.CredentialId}"); //4. Try a sample assertion Console.WriteLine("Press any key to assert this credential"); Console.ReadLine(); Console.WriteLine("Touch the device if requested (to assert)..."); var assertionResult = DoAssertion(lastDevicePath, useHmacExtension, "relyingparty", FidoCose.ES256, (hasPin) ? "1234" : null, credential, credential2, Salt, Salt2, hasUserPresence, hasBiometric); //5. Try a sample assertion Console.WriteLine("Press to do another assertion"); Console.ReadLine(); Console.WriteLine("Touch the device if requested (to assert again) ..."); var assertionResult2 = DoAssertion(lastDevicePath, useHmacExtension, "relyingparty", FidoCose.ES256, (hasPin) ? "1234" : null, credential2, credential, Salt2, Salt, hasUserPresence, hasBiometric); if (useHmacExtension) { Console.WriteLine($"Hmac Secrets Match: {assertionResult.HmacSecret.SequenceEqual(assertionResult2.HmacSecret)}"); } Console.WriteLine("Press any key to close."); Console.ReadLine(); }