public virtual void TestProcessRegistrationResponse_NoTransports()
{
mockDataStore.Setup(x => x.GetEnrollSessionData(SESSION_ID))
.Returns(new EnrollSessionData(ACCOUNT_NAME, APP_ID_ENROLL, SERVER_CHALLENGE_ENROLL));
var u2FServer = new U2FServerReferenceImpl(mockChallengeGenerator.Object, mockDataStore.Object, crypto,
TRUSTED_DOMAINS);
var registrationResponse = new RegisterResponse(REGISTRATION_DATA_BASE64, BROWSER_DATA_ENROLL_BASE64,
SESSION_ID);
u2FServer.ProcessRegistrationResponse(registrationResponse, 0L);
var expectedKeyData = new SecurityKeyData(0L, KEY_HANDLE, USER_PUBLIC_KEY_ENROLL_HEX, VENDOR_CERTIFICATE, 0);
mockDataStore.Verify(x => x.AddSecurityKeyData(ACCOUNT_NAME, expectedKeyData));
}
public virtual void TestProcessRegistrationResponse_OneTransport()
{
mockDataStore.Setup(x => x.GetEnrollSessionData(SESSION_ID))
.Returns(new EnrollSessionData(ACCOUNT_NAME, APP_ID_ENROLL, SERVER_CHALLENGE_ENROLL));
var trustedCertificates = new List<X509Certificate>();
trustedCertificates.Add(TRUSTED_CERTIFICATE_ONE_TRANSPORT);
mockDataStore.Setup(x => x.GetTrustedCertificates()).Returns(trustedCertificates);
var u2FServer = new U2FServerReferenceImpl(mockChallengeGenerator.Object, mockDataStore.Object, crypto,
TRUSTED_DOMAINS);
var registrationResponse = new RegisterResponse(REGISTRATION_RESPONSE_DATA_ONE_TRANSPORT_BASE64,
BROWSER_DATA_ENROLL_BASE64, SESSION_ID);
u2FServer.ProcessRegistrationResponse(registrationResponse, 0L);
var transports = new List<SecurityKeyDataTransports>();
transports.Add(SecurityKeyDataTransports.BluetoothRadio);
var expectedKeyData = new SecurityKeyData(0L, transports, KEY_HANDLE, USER_PUBLIC_KEY_ENROLL_HEX,
TRUSTED_CERTIFICATE_ONE_TRANSPORT, 0);
mockDataStore.Verify(x => x.AddSecurityKeyData(ACCOUNT_NAME, expectedKeyData));
}
public virtual void TestProcessRegistrationResponse2()
{
mockDataStore.Setup(x => x.GetEnrollSessionData(SESSION_ID))
.Returns(new EnrollSessionData(ACCOUNT_NAME, APP_ID_ENROLL, SERVER_CHALLENGE_ENROLL));
var trustedCertificates = new List<X509Certificate>();
trustedCertificates.Add(VENDOR_CERTIFICATE);
trustedCertificates.Add(TRUSTED_CERTIFICATE_2);
mockDataStore.Setup(x => x.GetTrustedCertificates()).Returns(trustedCertificates);
var u2FServer = new U2FServerReferenceImpl(mockChallengeGenerator.Object, mockDataStore.Object, crypto,
TRUSTED_DOMAINS);
var registrationResponse = new RegisterResponse(REGISTRATION_DATA_2_BASE64, BROWSER_DATA_2_BASE64,
SESSION_ID);
u2FServer.ProcessRegistrationResponse(registrationResponse, 0L);
var expectedKeyData = new SecurityKeyData(0L, null, KEY_HANDLE_2, USER_PUBLIC_KEY_2, TRUSTED_CERTIFICATE_2,
0);
mockDataStore.Verify(x => x.AddSecurityKeyData(ACCOUNT_NAME, expectedKeyData));
}
protected bool Equals(SecurityKeyData other)
{
return EnrollmentTime == other.EnrollmentTime && ContainSameTransports(Transports, other.Transports) &&
KeyHandle.SequenceEqual(other.KeyHandle) && PublicKey.SequenceEqual(other.PublicKey) &&
Equals(AttestationCertificate, other.AttestationCertificate) && Counter == other.Counter;
}
protected bool Equals(SecurityKeyData other)
{
return(EnrollmentTime == other.EnrollmentTime && ContainSameTransports(Transports, other.Transports) &&
KeyHandle.SequenceEqual(other.KeyHandle) && PublicKey.SequenceEqual(other.PublicKey) &&
Equals(AttestationCertificate, other.AttestationCertificate) && Counter == other.Counter);
}
public void AddSecurityKeyData(string accountName, SecurityKeyData securityKeyData)
{
var tokens = GetSecurityKeyData(accountName);
tokens.Add(securityKeyData);
securityKeyDataBase[accountName] = tokens;
}
private void LoadFromJson(JObject json)
{
securityKeyDataBase.Clear();
var keys = json.GetValue("keys") as JObject ?? new JObject();
foreach (var pair in keys)
{
var accountName = pair.Key;
var keyDatas = pair.Value;
foreach (var keyData in keyDatas)
{
var enrollmentTime = (long) keyData["enrollmentTime"];
var keyHandle = WebSafeBase64Converter.FromBase64String((string) keyData["keyHandle"]);
var publicKey = WebSafeBase64Converter.FromBase64String((string) keyData["publicKey"]);
var attestationCertBytes =
WebSafeBase64Converter.FromBase64String((string) keyData["attestationCert"]);
var attestationCert = new X509CertificateParser().ReadCertificate(attestationCertBytes);
var counter = (int) keyData["counter"];
var transportToken = keyData["transports"];
List<SecurityKeyDataTransports> transports = null;
if (transportToken != null && transportToken.Type != JTokenType.Null)
{
var transportsArray = (JArray) transportToken;
transports = transportsArray
.Select(o => (string) o)
.Select(
s => (SecurityKeyDataTransports) Enum.Parse(typeof (SecurityKeyDataTransports), s, true))
.ToList();
}
var securityKeyData = new SecurityKeyData(enrollmentTime, transports, keyHandle, publicKey,
attestationCert, counter);
AddSecurityKeyData(accountName, securityKeyData);
}
}
}
