public void TestNone()
{
Fido2Tests._validCOSEParameters.ForEach(async delegate(object[] param)
{
_attestationObject.Add("attStmt", CBORObject.NewMap());
_credentialPublicKey = Fido2Tests.MakeCredentialPublicKey(param);
Fido2.CredentialMakeResult res = null;
res = await MakeAttestationResponse();
Assert.Equal(string.Empty, res.ErrorMessage);
Assert.Equal("ok", res.Status);
Assert.Equal(_aaguid, res.Result.Aaguid);
Assert.Equal(_signCount, res.Result.Counter);
Assert.Equal("none", res.Result.CredType);
Assert.Equal(_credentialID, res.Result.CredentialId);
Assert.Null(res.Result.ErrorMessage);
Assert.Equal(_credentialPublicKey.GetBytes(), res.Result.PublicKey);
Assert.Null(res.Result.Status);
Assert.Equal("Test User", res.Result.User.DisplayName);
Assert.Equal(System.Text.Encoding.UTF8.GetBytes("testuser"), res.Result.User.Id);
Assert.Equal("testuser", res.Result.User.Name);
_attestationObject = CBORObject.NewMap().Add("fmt", "none");
});
}
public void TestNone()
{
Fido2Tests._validCOSEParameters.ForEach(async((COSE.KeyType, COSE.Algorithm, COSE.EllipticCurve)param) =>
{
_attestationObject.Add("attStmt", new CborMap());
_credentialPublicKey = Fido2Tests.MakeCredentialPublicKey(param);
Fido2.CredentialMakeResult res = null;
res = await MakeAttestationResponse();
Assert.Equal(string.Empty, res.ErrorMessage);
Assert.Equal("ok", res.Status);
Assert.Equal(_aaguid, res.Result.Aaguid);
Assert.Equal(_signCount, res.Result.Counter);
Assert.Equal("none", res.Result.CredType);
Assert.Equal(_credentialID, res.Result.CredentialId);
Assert.Null(res.Result.ErrorMessage);
Assert.Equal(_credentialPublicKey.GetBytes(), res.Result.PublicKey);
Assert.Null(res.Result.Status);
Assert.Equal("Test User", res.Result.User.DisplayName);
Assert.Equal(System.Text.Encoding.UTF8.GetBytes("testuser"), res.Result.User.Id);
Assert.Equal("testuser", res.Result.User.Name);
_attestationObject = new CborMap {
{ "fmt", "none" }
};
});
public void TestNoneWithAttStmt()
{
_attestationObject.Add("attStmt", CBORObject.NewMap().Add("foo", "bar"));
_credentialPublicKey = Fido2Tests.MakeCredentialPublicKey(Fido2Tests._validCOSEParameters[0]);
var ex = Assert.ThrowsAsync <Fido2VerificationException>(() => MakeAttestationResponse());
Assert.Equal("Attestation format none should have no attestation statement", ex.Result.Message);
}
public FidoU2f()
{
_aaguid = Guid.Empty;
_attestationObject.Add("fmt", "fido-u2f");
X509Certificate2 attestnCert;
using (var ecdsaAtt = ECDsa.Create(ECCurve.NamedCurves.nistP256))
{
var attRequest = new CertificateRequest("CN=U2FTesting, OU=Authenticator Attestation, O=FIDO2-NET-LIB, C=US", ecdsaAtt, HashAlgorithmName.SHA256);
attRequest.CertificateExtensions.Add(notCAExt);
using (attestnCert = attRequest.CreateSelfSigned(DateTimeOffset.UtcNow, DateTimeOffset.UtcNow.AddDays(2)))
{
var X5c = new CborArray {
attestnCert.RawData
};
var ecparams = ecdsaAtt.ExportParameters(true);
_credentialPublicKey = Fido2Tests.MakeCredentialPublicKey(COSE.KeyType.EC2, COSE.Algorithm.ES256, COSE.EllipticCurve.P256, ecparams.Q.X, ecparams.Q.Y);
var x = (byte[])_credentialPublicKey.GetCborObject()[COSE.KeyTypeParameter.X];
var y = (byte[])_credentialPublicKey.GetCborObject()[COSE.KeyTypeParameter.Y];
byte[] publicKeyU2F = DataHelper.Concat(new byte[1] {
0x4
}, x, y);
byte[] verificationData = DataHelper.Concat(
new byte[1] {
0x00
},
_rpIdHash,
_clientDataHash,
_credentialID,
publicKeyU2F
);
byte[] signature = Fido2Tests.SignData(COSE.KeyType.EC2, COSE.Algorithm.ES256, verificationData, ecdsaAtt, null, null);
_attestationObject.Add("attStmt", new CborMap {
{ "x5c", X5c },
{ "sig", signature }
});
}
}
}
public FidoU2f()
{
_aaguid = Guid.Empty;
_attestationObject.Add("fmt", "fido-u2f");
X509Certificate2 attestnCert;
using (var ecdsaAtt = ECDsa.Create(ECCurve.NamedCurves.nistP256))
{
var attRequest = new CertificateRequest("CN=U2FTesting, OU=Authenticator Attestation, O=FIDO2-NET-LIB, C=US", ecdsaAtt, HashAlgorithmName.SHA256);
attRequest.CertificateExtensions.Add(notCAExt);
using (attestnCert = attRequest.CreateSelfSigned(DateTimeOffset.UtcNow, DateTimeOffset.UtcNow.AddDays(2)))
{
var X5c = CBORObject.NewArray()
.Add(CBORObject.FromObject(attestnCert.RawData));
var ecparams = ecdsaAtt.ExportParameters(true);
_credentialPublicKey = Fido2Tests.MakeCredentialPublicKey(COSE.KeyType.EC2, COSE.Algorithm.ES256, COSE.EllipticCurve.P256, ecparams.Q.X, ecparams.Q.Y);
var x = _credentialPublicKey.GetCBORObject()[CBORObject.FromObject(COSE.KeyTypeParameter.X)].GetByteString();
var y = _credentialPublicKey.GetCBORObject()[CBORObject.FromObject(COSE.KeyTypeParameter.Y)].GetByteString();
var publicKeyU2F = new byte[1] {
0x4
}.Concat(x).Concat(y).ToArray();
var verificationData = new byte[1] {
0x00
};
verificationData = verificationData
.Concat(_rpIdHash)
.Concat(_clientDataHash)
.Concat(_credentialID)
.Concat(publicKeyU2F.ToArray())
.ToArray();
byte[] signature = Fido2Tests.SignData(COSE.KeyType.EC2, COSE.Algorithm.ES256, verificationData, ecdsaAtt, null, null);
_attestationObject.Add("attStmt", CBORObject.NewMap().Add("x5c", X5c).Add("sig", signature));
}
}
}