public static async Task <bool> Polling(int timeoutms = 10000) { var result = await Task <bool> .Run(async() => { for (int counter = 0; counter < timeoutms;) { int waitms = 500; DevParam devParam = DevParam.GetDefaultParams(); var st = await gebo.CTAP2.WebAuthnModokiDesktop.Credentials.Info(devParam); if (st.isSuccess) { string log = ""; if (st.Dev == InfoCommandStatus.DevType.HID) { log = st.HidInfo; } else { log = st.NfcInfo; } Console.WriteLine(log); log = string.Format($"PIN Retry Count = {st.PinRetryCount}"); Console.WriteLine(log); return(true); } await Task.Delay(waitms); counter = counter + waitms; } return(false); }); return(result); }
public static async Task <CreateCommandStatus> Create(DevParam devParam, string publickeyJson, string pin = "") { try { var publickey = JsonConvert.DeserializeObject <PublicKeyforCreate>(publickeyJson); publickey.pin = pin; return(await Create(devParam, publickey)); } catch (Exception ex) { var status = new CreateCommandStatus(); status.msg = ex.Message.ToString(); return(status); } }
internal static async Task <string> WriteRec(string rpid, string pin, DataRecord rec) { string result = ""; try { result = await Task <string> .Run(async() => { byte[] challenge = System.Text.Encoding.ASCII.GetBytes("this is challenge"); byte[] userid = new byte[] { rec.recno, rec.filler }; userid = userid.ToList().Concat(rec.data1).ToArray(); string username = (rec.data2 == null) ? "" : gebo.CTAP2.Common.BytesToHexString(rec.data2); string userdisplayname = (rec.data3 == null) ? "" : gebo.CTAP2.Common.BytesToHexString(rec.data3); DevParam devParam = DevParam.GetDefaultParams(); var publickey = new PublicKeyforCreate(); { publickey.pin = pin; publickey.rp = new PublicKeyforCreate.Rp(); publickey.rp.id = rpid; publickey.rp.name = rpid; publickey.user = new PublicKeyforCreate.User(); publickey.user.id_bytearray = (byte[])userid.Clone(); publickey.user.name = username; publickey.user.displayName = userdisplayname; // rk publickey.authenticatorSelection.requireResidentKey = true; // uv publickey.authenticatorSelection.userVerification = UserVerificationRequirement.discouraged; // challenge publickey.challenge = (byte[])challenge.Clone(); } var ret = await gebo.CTAP2.WebAuthnModokiDesktop.Credentials.Create(devParam, publickey); if (ret.isSuccess == false) { return(ret.msg); } return("Success"); }); } catch (Exception ex) { result = ex.Message; } finally { } return(result); }
public static async Task <CommandStatus> ChangePin(DevParam devParam, string newpin, string currentpin) { var status = new CommandStatus(); try { var ctap = new CTAPauthenticatorClientPIN(); var st = await ctap.GetKeyAgreement(devParam); status.commands.Add(new CommandStatus.CommandInfo(ctap, st)); if (st.Status != 0) { throw (new Exception("GetKeyAgreement")); } var sharedSecret = ctap.createSharedSecret(ctap.Authenticator_KeyAgreement); // pinAuth: // LEFT(HMAC-SHA-256(sharedSecret, newPinEnc || pinHashEnc), 16). var pinAuth = ctap.createPinAuthforChangePin(sharedSecret, newpin, currentpin); // newPinEnc: AES256-CBC(sharedSecret, IV = 0, newPin) byte[] newPinEnc = ctap.createNewPinEnc(sharedSecret, newpin); // pinHashEnc: // Encrypted first 16 bytes of SHA - 256 hash of curPin using sharedSecret: // AES256-CBC(sharedSecret, IV = 0, LEFT(SHA-256(curPin), 16)). var pinHashEnc = ctap.createPinHashEnc(currentpin, sharedSecret); var st2 = await ctap.ChangePIN(devParam, pinAuth, newPinEnc, pinHashEnc); status.commands.Add(new CommandStatus.CommandInfo(ctap, st2)); if (st2.Status != 0) { throw (new Exception("ChangePIN")); } status.isSuccess = true; } catch (Exception ex) { status.setErrorMsg(ex); } return(status); }
public static async Task <CommandStatus> SetPin(DevParam devParam, string newpin) { var status = new CommandStatus(); try { var ctap = new CTAPauthenticatorClientPIN(); var st = await ctap.GetKeyAgreement(devParam); status.commands.Add(new CommandStatus.CommandInfo(ctap, st)); if (st.Status != 0) { throw (new Exception("GetKeyAgreement")); } var sharedSecret = ctap.createSharedSecret(ctap.Authenticator_KeyAgreement); // pinAuth = LEFT(HMAC-SHA-256(sharedSecret, newPinEnc), 16) var pinAuth = ctap.createPinAuthforSetPin(sharedSecret, newpin); // newPinEnc: AES256-CBC(sharedSecret, IV = 0, newPin) byte[] newPinEnc = ctap.createNewPinEnc(sharedSecret, newpin); var st2 = await ctap.SetPIN(devParam, pinAuth, newPinEnc); status.commands.Add(new CommandStatus.CommandInfo(ctap, st2)); if (st2.Status != 0) { throw (new Exception("SetPIN")); } status.isSuccess = true; } catch (Exception ex) { status.setErrorMsg(ex); } return(status); }
public static async Task <InfoCommandStatus> Info(DevParam devParam) { var status = new InfoCommandStatus(); try { // hid if (devParam.hidparams != null) { var ret = Credentials.HidCheck(devParam.hidparams); status.HidInfo = ret.msg; } // nfc if (devParam.nfcparams != null) { var ret = Credentials.NfcCheck(devParam.nfcparams); status.NfcInfo = ret.msg; } // getinfo { var ctap = new CTAPauthenticatorGetInfo(); var ret = await ctap.SendAndResponse(devParam); status.commands.Add(new CommandStatus.CommandInfo(ctap, ret)); if (ret.Status != 0) { throw (new Exception("GetInfo")); } status.AuthenticatorInfo = ret; if (ret.DevType == 1) { status.Dev = InfoCommandStatus.DevType.HID; } else if (ret.DevType == 2) { status.Dev = InfoCommandStatus.DevType.NFC; } else { status.Dev = InfoCommandStatus.DevType.Unknown; } } // retry if (status.AuthenticatorInfo.Option_clientPin == CTAPResponseInfo.OptionFlag.present_and_set_to_true) { var ctap = new CTAPauthenticatorClientPIN(); var ret = await ctap.GetRetries(devParam); status.commands.Add(new CommandStatus.CommandInfo(ctap, ret)); if (ret.Status != 0) { throw (new Exception("GetRetries")); } status.PinRetryCount = ctap.RetryCount; } status.isSuccess = true; } catch (Exception ex) { status.setErrorMsg(ex); } return(status); }
internal static async Task <ReadData> ReadRecs(string rpid, string pin) { ReadData result; try { result = await Task <ReadData> .Run(async() => { var readData = new ReadData(); byte[] challenge = System.Text.Encoding.ASCII.GetBytes("this is challenge"); DevParam devParam = DevParam.GetDefaultParams(); var publickey = new PublicKeyforGet(); { publickey.pin = pin; publickey.rpId = rpid; publickey.challenge = (byte[])challenge.Clone(); publickey.requireUserPresence = false; if (string.IsNullOrEmpty(pin)) { publickey.userVerification = UserVerificationRequirement.required; } else { publickey.userVerification = UserVerificationRequirement.discouraged; } } var ret = await gebo.CTAP2.WebAuthnModokiDesktop.Credentials.Get(devParam, publickey); if (ret.isSuccess == false) { readData.isSuccess = false; readData.msg = ret.msg; return(readData); } // dataList var dataList = new List <CmdExecuter.DataRecord>(); foreach (var assertion in ret.assertions) { dataList.Add(new CmdExecuter.DataRecord(assertion.User_Id, assertion.User_Name, assertion.User_DisplayName)); } dataList = dataList.OrderBy(x => x.recno).ToList(); // data readData.data = new byte[0]; foreach (var data in dataList) { var tmp = data.data2.ToList().Concat(data.data3).ToList(); readData.data = readData.data.ToList().Concat(tmp).ToArray(); } // to string try { var tmp = System.Text.Encoding.ASCII.GetString(readData.data).ToString(); readData.strdata = tmp.TrimEnd('\0'); } catch { } readData.isSuccess = true; readData.msg = "Success"; return(readData); }); } finally { } return(result); }
public static async Task <CreateCommandStatus> Create(DevParam devParam, PublicKeyforCreate publickey) { var status = new CreateCommandStatus(); try { if (publickey.rp == null || publickey.user == null || publickey.challenge == null) { throw (new Exception("Param Error")); } var ctap = new CTAPauthenticatorMakeCredential(); ctap.RpId = publickey.rp.id; ctap.RpName = publickey.rp.name; ctap.UserId = publickey.user.id; ctap.UserId_bytearray = publickey.user.id_bytearray; ctap.UserName = publickey.user.name; ctap.UserDisplayName = publickey.user.displayName; ctap.ClientDataHash = CTAPauthenticator.CreateClientDataHash(publickey.challenge); ctap.TimeoutMs = publickey.timeout; ctap.Option_rk = publickey.authenticatorSelection.requireResidentKey; if (publickey.authenticatorSelection.userVerification == UserVerificationRequirement.discouraged) { ctap.Option_uv = false; } else { ctap.Option_uv = true; } if (publickey.pin.Length > 0) { string pin = publickey.pin; var ctap2 = new CTAPauthenticatorClientPIN(); var st1 = await ctap2.GetKeyAgreement(devParam); status.commands.Add(new CommandStatus.CommandInfo(ctap2, st1)); if (st1.Status != 0) { throw (new Exception("GetKeyAgreement")); } var sharedSecret = ctap2.createSharedSecret(ctap2.Authenticator_KeyAgreement); var pinHashEnc = ctap2.createPinHashEnc(pin, sharedSecret); var token = await ctap2.GetPINToken(devParam, pinHashEnc); status.commands.Add(new CommandStatus.CommandInfo(ctap2, token)); if (token.Status != 0) { throw (new Exception("GetPINToken")); } ctap.PinAuth = ctap2.createPinAuth(sharedSecret, ctap.ClientDataHash, token.PinTokenEnc); } var att = await ctap.SendAndResponse(devParam); status.commands.Add(new CommandStatus.CommandInfo(ctap, att)); if (att.Status != 0) { throw (new Exception("MakeCredential")); } status.attestation = att; status.isSuccess = true; } catch (Exception ex) { status.setErrorMsg(ex); } return(status); }
public MainWindow() { InitializeComponent(); devParam = DevParam.GetDefaultParams(); }
public static async Task <GetCommandStatus> Get(DevParam devParam, PublicKeyforGet publickey) { var status = new GetCommandStatus(); try { string rpid = publickey.rpId; var ctap = new CTAPauthenticatorGetAssertion(); ctap.RpId = rpid; ctap.ClientDataHash = CTAPauthenticator.CreateClientDataHash(publickey.challenge); ctap.Timeout = publickey.timeout; // credential-id if (publickey.allowCredentials != null && publickey.allowCredentials.Count > 0 && publickey.allowCredentials[0] != null && publickey.allowCredentials[0].id != null && publickey.allowCredentials[0].id.Length > 0) { ctap.AllowList_CredentialId = publickey.allowCredentials[0].id; } ctap.Option_up = publickey.requireUserPresence; if (publickey.userVerification == UserVerificationRequirement.discouraged) { ctap.Option_uv = false; } else { ctap.Option_uv = true; } // pin if (publickey.pin.Length > 0) { string pin = publickey.pin; var ctap2 = new CTAPauthenticatorClientPIN(); var st1 = await ctap2.GetKeyAgreement(devParam); status.commands.Add(new CommandStatus.CommandInfo(ctap2, st1)); if (st1.Status != 0) { throw (new Exception("GetKeyAgreement")); } var sharedSecret = ctap2.createSharedSecret(ctap2.Authenticator_KeyAgreement); var pinHashEnc = ctap2.createPinHashEnc(pin, sharedSecret); var token = await ctap2.GetPINToken(devParam, pinHashEnc); status.commands.Add(new CommandStatus.CommandInfo(ctap2, token)); if (token.Status != 0) { throw (new Exception("GetPINToken")); } ctap.PinAuth = ctap2.createPinAuth(sharedSecret, ctap.ClientDataHash, token.PinTokenEnc); } var ret = await ctap.SendAndResponse(devParam); status.commands.Add(new CommandStatus.CommandInfo(ctap, ret)); if (ret.Status != 0) { throw (new Exception("GetAssertion")); } status.assertions.Add(ret); if (ret.NumberOfCredentials > 0) { for (int intIc = 0; intIc < ret.NumberOfCredentials - 1; intIc++) { var next = new CTAPauthenticatorGetNextAssertion(); var nextret = await next.SendAndResponse(devParam); status.commands.Add(new CommandStatus.CommandInfo(next, nextret)); if (ret.Status != 0) { throw (new Exception("GetNextAssertion")); } status.assertions.Add(nextret); } } // uv=trueでリクエストしてuvされていなければエラー if (ctap.Option_uv) { if (ret.Flags_UserVerifiedResult == false) { throw (new Exception("UserVerifiedResult False")); } } status.isSuccess = true; } catch (Exception ex) { status.setErrorMsg(ex); } return(status); }