public GangUserCredential( string id, GangPublicKey publicKey, IEnumerable <string> transports, DateTimeOffset created, DateTimeOffset?validated = null ) { Id = id; PublicKey = publicKey; Transports = transports?.ToImmutableList(); Created = created; Validated = validated ?? created; }
bool IGangCryptoService.VerifySignature( GangPublicKey publicKey, ReadOnlySpan <byte> data, ReadOnlySpan <byte> signature) { var verifierKey = Tuple.Create(publicKey.KeyType, publicKey.Algorithm); if (!_verifiers.ContainsKey(verifierKey)) { throw new NotSupportedException($"KeyType {publicKey.KeyType} / algorithm {publicKey.Algorithm} combination is not supported"); } var verifier = _verifiers[verifierKey]; var parameters = new GangCryptoParameters(this, publicKey.Parameters); return(verifier.Verify(parameters, data, signature)); }
bool ValidateCredential( GangPublicKey publicKey, string clientData, string authenticatorData, string signatureData ) { var authenticatorBytes = GangSerialization .Base64UrlToBytes(authenticatorData); // RP ID Hash //var rpIdHash = authenticatorBytes[..32]; // Flags //var flags = new BitArray(authenticatorBytes[32..33].ToArray()); //var userPresent = flags[0]; //var userVerified = flags[2]; //var attestedCredentialData = flags[6]; //var extensionDataIncluded = flags[7]; // Signature counter //var counterBuf = authenticatorBytes[33..37].ToArray(); //var counter = BitConverter.ToUInt32(counterBuf); var signature = GangSerialization.Base64UrlToBytes(signatureData); using var hasher = new SHA256Managed(); var hash = hasher.ComputeHash( GangSerialization.Base64UrlToBytes(clientData).ToArray() ); var data = new byte[authenticatorBytes.Length + hash.Length]; authenticatorBytes.CopyTo(data); hash.CopyTo(data, authenticatorBytes.Length); return(_crypto.VerifySignature( publicKey, data, signature )); }