private ServerAuthenticatorSelectionCriteria GetAuthenticatorSelectionCriteria(string userVerificationLevel, string attachmentMode, bool residentKey) { ServerAuthenticatorSelectionCriteria selectionCriteria = new ServerAuthenticatorSelectionCriteria(); if (!TextUtils.IsEmpty(userVerificationLevel)) { selectionCriteria.UserVerification = userVerificationLevel; } else { selectionCriteria.UserVerification = null; } if (!TextUtils.IsEmpty(attachmentMode)) { selectionCriteria.AuthenticatorAttachment = attachmentMode; } else { selectionCriteria.AuthenticatorAttachment = null; } selectionCriteria.IsRequireResidentKey = residentKey; return(selectionCriteria); }
ServerPublicKeyCredentialCreationOptionsResponse IFidoServer.GetAttestationOptions(ServerPublicKeyCredentialCreationOptionsRequest request) { ServerPublicKeyCredentialCreationOptionsResponse response = new ServerPublicKeyCredentialCreationOptionsResponse(); response.Attestation = request.Attestation; ServerAuthenticatorSelectionCriteria selectionCriteria = request.AuthenticatorSelection; if (selectionCriteria != null) { response.AuthenticatorSelection = selectionCriteria; } response.Challenge = ByteUtils.ByteToBase64(GetChallege()); List <ServerPublicKeyCredentialDescriptor> excludeCredentialList = new List <ServerPublicKeyCredentialDescriptor>(); foreach (ServerRegInfo info in regInfos) { ServerPublicKeyCredentialDescriptor desc = new ServerPublicKeyCredentialDescriptor(); desc.Id = info.CredentialId; desc.Type = "public-key"; excludeCredentialList.Add(desc); } response.ExcludeCredentials = excludeCredentialList.ToArray(); List <ServerPublicKeyCredentialParameters> pubKeyCredParamList = new List <ServerPublicKeyCredentialParameters>(); ServerPublicKeyCredentialParameters cp = new ServerPublicKeyCredentialParameters(); cp.Alg = -7; cp.Type = "public-key"; pubKeyCredParamList.Add(cp); cp = new ServerPublicKeyCredentialParameters(); cp.Alg = -257; cp.Type = "public-key"; pubKeyCredParamList.Add(cp); response.PubKeyCredParams = pubKeyCredParamList.ToArray(); ServerPublicKeyCredentialRpEntity rpEntity = new ServerPublicKeyCredentialRpEntity(); rpEntity.Name = "www.huawei.fidodemo"; response.Rp = rpEntity; response.RpId = "www.huawei.fidodemo"; response.Timeout = 60L; ServerPublicKeyCredentialUserEntity user = new ServerPublicKeyCredentialUserEntity(); user.Id = request.Username; user.DisplayName = request.DisplayName; response.User = user; return(response); }
private ServerPublicKeyCredentialCreationOptionsRequest GetRegServerPublicKeyCredentialCreationOptionsRequest() { ServerPublicKeyCredentialCreationOptionsRequest request = new ServerPublicKeyCredentialCreationOptionsRequest(); string userName = UserName; if (userName == null) { return(null); } request.Username = userName; request.DisplayName = userName; string userVeriLevel = GetSpinnerSelect(userVerificationSp.SelectedItem); string attachmentMode = GetSpinnerSelect(attachmentSp.SelectedItem); bool residentKey = false; if (residentKeySp.SelectedItem != null) { string residentKeyString = GetSpinnerSelect(residentKeySp.SelectedItem); if (TextUtils.IsEmpty(residentKeyString)) { residentKey = false; } else if ("false".Equals(residentKeyString)) { residentKey = false; } else if ("true".Equals(residentKeyString)) { residentKey = true; } } string attestConveyancePreference = GetSpinnerSelect(attestationSp.SelectedItem); ServerAuthenticatorSelectionCriteria selection = GetAuthenticatorSelectionCriteria(userVeriLevel, attachmentMode, residentKey); request.AuthenticatorSelection = selection; request.Attestation = attestConveyancePreference; return(request); }
public static PublicKeyCredentialCreationOptions ConvertToPublicKeyCredentialCreationOptions(IFido2Client fido2Client, ServerPublicKeyCredentialCreationOptionsResponse response) { PublicKeyCredentialCreationOptions.Builder builder = new PublicKeyCredentialCreationOptions.Builder(); string name = response.Rp.Name; PublicKeyCredentialRpEntity entity = new PublicKeyCredentialRpEntity(name, name, null); builder.SetRp(entity); string id = response.User.Id; try { builder.SetUser(new PublicKeyCredentialUserEntity(id, System.Text.Encoding.UTF8.GetBytes(id))); } catch (UnsupportedEncodingException e) { Log.Error(Tag, e.Message, e); } builder.SetChallenge(ByteUtils.Base64ToByte(response.Challenge)); if (response.PubKeyCredParams != null) { List <PublicKeyCredentialParameters> parameters = new List <PublicKeyCredentialParameters>(); ServerPublicKeyCredentialParameters[] serverPublicKeyCredentialParameters = response.PubKeyCredParams; foreach (ServerPublicKeyCredentialParameters param in serverPublicKeyCredentialParameters) { try { PublicKeyCredentialParameters parameter = new PublicKeyCredentialParameters( PublicKeyCredentialType.PublicKey, Algorithm.FromCode(param.Alg)); parameters.Add(parameter); } catch (System.Exception e) { Log.Error(Tag, e.Message, e); } } builder.SetPubKeyCredParams(parameters); } if (response.ExcludeCredentials != null) { List <PublicKeyCredentialDescriptor> descriptors = new List <PublicKeyCredentialDescriptor>(); ServerPublicKeyCredentialDescriptor[] serverDescriptors = response.ExcludeCredentials; foreach (ServerPublicKeyCredentialDescriptor desc in serverDescriptors) { List <AuthenticatorTransport> transports = new List <AuthenticatorTransport>(); if (desc.Transports != null) { try { transports.Add(AuthenticatorTransport.FromValue(desc.Transports)); } catch (System.Exception e) { Log.Error(Tag, e.Message, e); } } PublicKeyCredentialDescriptor descriptor = new PublicKeyCredentialDescriptor( PublicKeyCredentialType.PublicKey, ByteUtils.Base64ToByte(desc.Id), transports); descriptors.Add(descriptor); } builder.SetExcludeList(descriptors); } Attachment attachment = null; if (response.AuthenticatorSelection != null) { ServerAuthenticatorSelectionCriteria selectionCriteria = response.AuthenticatorSelection; if (selectionCriteria.AuthenticatorAttachment != null) { try { attachment = Attachment.FromValue(selectionCriteria.AuthenticatorAttachment); } catch (System.Exception e) { Log.Error(Tag, e.Message, e); } } bool residentKey = selectionCriteria.IsRequireResidentKey; UserVerificationRequirement requirement = null; if (selectionCriteria.UserVerification != null) { try { requirement = UserVerificationRequirement.FromValue(selectionCriteria.UserVerification); } catch (System.Exception e) { Log.Error(Tag, e.Message, e); } } AuthenticatorSelectionCriteria fido2Selection = new AuthenticatorSelectionCriteria(attachment, (Java.Lang.Boolean)residentKey, requirement); builder.SetAuthenticatorSelection(fido2Selection); } // attestation if (response.Attestation != null) { try { AttestationConveyancePreference preference = AttestationConveyancePreference.FromValue(response.Attestation); builder.SetAttestation(preference); } catch (System.Exception e) { Log.Error(Tag, e.Message, e); } } Dictionary <string, Java.Lang.Object> extensions = new Dictionary <string, Java.Lang.Object>(); if (response.Extensions != null) { extensions.AddRangeOverride(response.Extensions); } // Specify a platform authenticator and related extension items. You can specify a platform // authenticator or not as needed. if (Attachment.Platform.Equals(attachment)) { UseSelectedPlatformAuthenticator(fido2Client, extensions); } builder.SetExtensions(extensions); builder.SetTimeoutSeconds((Java.Lang.Long)response.Timeout); return(builder.Build()); }