/// <summary> /// Creates a Passport key on the machine using the _account id passed. /// </summary> /// <param name="accountId">The _account id associated with the _account that we are enrolling into Passport</param> /// <returns>Boolean representing if creating the Passport key succeeded</returns> public static async Task <bool> CreatePassportKeyAsync(string accountId) { KeyCredentialRetrievalResult keyCreationResult = await KeyCredentialManager.RequestCreateAsync(accountId, KeyCredentialCreationOption.ReplaceExisting); switch (keyCreationResult.Status) { case KeyCredentialStatus.Success: // In the real world authentication would take place on a server. // So every time a user migrates or creates a new Microsoft Passport account Passport details should be pushed to the server. // The details that would be pushed to the server include: // The public key, keyAttesation if available, // certificate chain for attestation endorsement key if available, // status code of key attestation result: keyAttestationIncluded or // keyAttestationCanBeRetrievedLater and keyAttestationRetryType // As this sample has no concept of a server it will be skipped for now // for information on how to do this refer to the second Passport sample //For this sample just return true return(true); case KeyCredentialStatus.UserCanceled: //Debug.WriteLine("User cancelled sign-in process."); break; case KeyCredentialStatus.NotFound: // User needs to setup Microsoft Passport //Debug.WriteLine("Microsoft Passport is not setup!\nPlease go to Windows Settings and set up a PIN to use it."); break; default: break; } return(false); }
/// <summary> /// 请求注册用户 /// </summary> /// <returns></returns> public static async Task <AuthenticatorState> RegisterUserAsync() { if (await CheckSupportAsync().ConfigureAwait(false)) { KeyCredentialRetrievalResult CredentiaResult = await KeyCredentialManager.RequestCreateAsync(CredentialName, KeyCredentialCreationOption.ReplaceExisting); switch (CredentiaResult.Status) { case KeyCredentialStatus.Success: { string PublicKey = CryptographicBuffer.EncodeToHexString(CredentiaResult.Credential.RetrievePublicKey()); ApplicationData.Current.LocalSettings.Values["WindowsHelloPublicKeyForUser"] = PublicKey; return(AuthenticatorState.RegisterSuccess); } case KeyCredentialStatus.UserCanceled: { return(AuthenticatorState.UserCanceled); } default: { return(AuthenticatorState.UnknownError); } } } else { return(AuthenticatorState.WindowsHelloUnsupport); } }
public static async Task <bool> Login() { var result = await KeyCredentialManager.IsSupportedAsync(); String message; if (result) { var authenticationResult = await KeyCredentialManager.RequestCreateAsync("login", KeyCredentialCreationOption.ReplaceExisting); if (authenticationResult.Status == KeyCredentialStatus.Success) { message = "User is logged in"; } else { message = "Login error: " + authenticationResult.Status; } } else { message = "Windows Hello is not enabled for this device."; } String imagePath = Windows.ApplicationModel.Package.Current.InstalledLocation.Path; String xml = "<toast><visual><binding template='ToastGeneric'><text hint-maxLines='1'>" + message + "</text></binding></visual></toast>"; Toast.CreateToast(xml); return(result); }
private async void tryToCloseWinHello() { KeyCredentialRetrievalResult keyCreationResult = await KeyCredentialManager.RequestCreateAsync("WinHello", KeyCredentialCreationOption.ReplaceExisting); var resourceLoader = Windows.ApplicationModel.Resources.ResourceLoader.GetForCurrentView(); if (keyCreationResult.Status == KeyCredentialStatus.Success) { Password.winHelloStatus = false; LockButton.IsEnabled = false; Password.WriteWinHelloData(); } else if (keyCreationResult.Status == KeyCredentialStatus.NotFound) { Password.winHelloStatus = true; WHToggle.IsOn = true; MessageDialog message = new MessageDialog(resourceLoader.GetString("WHError1")); await message.ShowAsync(); } else if (keyCreationResult.Status == KeyCredentialStatus.UnknownError) { Password.winHelloStatus = true; WHToggle.IsOn = true; MessageDialog message = new MessageDialog(resourceLoader.GetString("WHError2")); await message.ShowAsync(); } else { Password.winHelloStatus = true; WHToggle.IsOn = true; } }
/// <summary> /// Create a passport key /// </summary> /// <exception cref="UserCancelledException"></exception> /// <exception cref="MissingPinException"></exception> /// <exception cref="UserPrefersPasswordException"></exception> /// <exception cref="UnknownException"></exception> /// <exception cref="AggregateException"></exception> /// <param name="accountId">The account id</param> public static void CreatePassportKey(string accountId) { // Run KeyCredentialManager.RequestCreateAsync to create the account. // Overwrites any existing accounts Task <KeyCredentialRetrievalResult> task = Task.Run(async() => await KeyCredentialManager.RequestCreateAsync(accountId, KeyCredentialCreationOption.ReplaceExisting)); // Check the KeyCredentialRetrievalResult status switch (task.Result.Status) { case KeyCredentialStatus.Success: // The operation was successful return; case KeyCredentialStatus.UserCanceled: // User cancelled the Passport enrollment process throw new UserCancelledException(); case KeyCredentialStatus.NotFound: // User needs to create PIN throw new MissingPinException(); case KeyCredentialStatus.UserPrefersPassword: // The user prefers a password throw new UserPrefersPasswordException(); default: // An unknown error occurred throw new UnknownException(); } }
public const int ERR_CREAT_KEY_EXISTS = 170; // Avoid reserved exit codes of UNIX static async Task <(int err, string pubKey)> CreatePublicKey(string key_name) { int err; var createRes = await KeyCredentialManager.RequestCreateAsync(key_name, KeyCredentialCreationOption.FailIfExists); IBuffer pubKey; if (createRes.Status == KeyCredentialStatus.CredentialAlreadyExists) { var existing = await KeyCredentialManager.OpenAsync(key_name); if (existing.Status != KeyCredentialStatus.Success) { return(ERR_CREAT_FAIL, null); } err = ERR_CREAT_KEY_EXISTS; pubKey = existing.Credential.RetrievePublicKey(); } else if (createRes.Status != KeyCredentialStatus.Success) { return(ERR_CREAT_FAIL, null); } else { err = 0; pubKey = createRes.Credential.RetrievePublicKey(); } var pem = String.Format("-----BEGIN PUBLIC KEY-----\n{0}\n-----END PUBLIC KEY-----\n", CryptographicBuffer.EncodeToBase64String(pubKey)); return(err, pem); }
public static async Task <bool> CreatePassportKeyAsync(Guid userId, string username) { KeyCredentialRetrievalResult keyCreationResult = await KeyCredentialManager.RequestCreateAsync(username, KeyCredentialCreationOption.ReplaceExisting); switch (keyCreationResult.Status) { case KeyCredentialStatus.Success: Debug.WriteLine("Successfully made key"); await GetKeyAttestationAsync(userId, keyCreationResult); return(true); case KeyCredentialStatus.UserCanceled: Debug.WriteLine("User cancelled sign-in process."); break; case KeyCredentialStatus.NotFound: // User needs to setup Windows Hello Debug.WriteLine("Windows Hello is not setup!\nPlease go to Windows Settings and set up a PIN to use it."); break; default: break; } return(false); }
private async Task <IBuffer> CreatePassportKeyCredentialAsync() { // Create a new KeyCredential for the user on the device. KeyCredentialRetrievalResult keyCreationResult = await KeyCredentialManager.RequestCreateAsync(userId, KeyCredentialCreationOption.ReplaceExisting); if (keyCreationResult.Status == KeyCredentialStatus.Success) { // User has autheniticated with Windows Hello and the key credential is created. KeyCredential userKey = keyCreationResult.Credential; return(userKey.RetrievePublicKey()); } else if (keyCreationResult.Status == KeyCredentialStatus.NotFound) { MessageDialog message = new MessageDialog("To proceed, Windows Hello needs to be configured in Windows Settings (Accounts -> Sign-in options)"); await message.ShowAsync(); return(null); } else if (keyCreationResult.Status == KeyCredentialStatus.UnknownError) { MessageDialog message = new MessageDialog("The key credential could not be created. Please try again."); await message.ShowAsync(); return(null); } return(null); }
private async void Hello_Click(object sender, RoutedEventArgs e) { var keyCredentialAvailable = await KeyCredentialManager.IsSupportedAsync(); var result = await KeyCredentialManager.RequestCreateAsync(Viewmodel.Username, KeyCredentialCreationOption.ReplaceExisting); //return public key, Attestation and Username to ASB for backend storage. Visit: https://docs.microsoft.com/en-us/windows/uwp/security/microsoft-passport for more info Result.TrySetResult(true); }
/// <summary> /// Creates a Passport key on the machine using the _account id passed. /// </summary> /// <param name="accountId">The _account id associated with the _account that we are enrolling into Passport</param> /// <returns>Boolean representing if creating the Passport key succeeded</returns> public static async Task <bool> CreatePassportKeyAsync(Guid userId, string username) { Debug.WriteLine("Before calling KeyCredentialManager.RequestCreateAsync"); KeyCredentialRetrievalResult keyCreationResult = await KeyCredentialManager.RequestCreateAsync(username, KeyCredentialCreationOption.ReplaceExisting); Debug.WriteLine("After calling KeyCredentialManager.RequestCreateAsync"); switch (keyCreationResult.Status) { case KeyCredentialStatus.Success: Debug.WriteLine("Successfully made key"); // In the real world authentication would take place on a server. // So every time a user migrates or creates a new Microsoft Passport account Passport details should be pushed to the server. // The details that would be pushed to the server include: // The public key, keyAttesation if available, // certificate chain for attestation endorsement key if available, // status code of key attestation result: keyAttestationIncluded or // keyAttestationCanBeRetrievedLater and keyAttestationRetryType // As this sample has no concept of a server it will be skipped for now // for information on how to do this refer to the second Passport sample //For this sample just return true await GetKeyAttestationAsync(userId, keyCreationResult); return(true); case KeyCredentialStatus.UserCanceled: Debug.WriteLine("User cancelled sign-in process."); break; case KeyCredentialStatus.NotFound: // User needs to setup Microsoft Passport Debug.WriteLine("Microsoft Passport is not setup!\nPlease go to Windows Settings and set up a PIN to use it."); break; case KeyCredentialStatus.CredentialAlreadyExists: Debug.WriteLine("Credential already exists!"); break; case KeyCredentialStatus.UnknownError: Debug.WriteLine("Unknown error generating credentials key"); break; default: Debug.WriteLine("Some error making the credentials key!"); break; } return(false); }
public static async Task <bool> CreatePassportKeyAsync() { KeyCredentialRetrievalResult keyCreationResult = await KeyCredentialManager.RequestCreateAsync("temp", KeyCredentialCreationOption.ReplaceExisting); if (keyCreationResult.Status == KeyCredentialStatus.Success) { return(true); } else { return(false); } }
/// <summary> /// Creates a Passport key on the machine using the account id passed. /// Then returns a boolean based on whether we were able to create a Passport key or not. /// /// Will also attempt to create an attestation that this key is backed by hardware on the device, but is not a requirement /// for a working key in this scenario. It is possible to not accept a key that is software-based only. /// </summary> /// <param name="accountId">The account id associated with the account that we are enrolling into Passport</param> /// <returns>Boolean representing if creating the Passport key succeeded</returns> public async Task <bool> CreatePassportKey(string accountId) { KeyCredentialRetrievalResult keyCreationResult = await KeyCredentialManager.RequestCreateAsync(accountId, KeyCredentialCreationOption.ReplaceExisting); if (keyCreationResult.Status == KeyCredentialStatus.Success) { KeyCredential userKey = keyCreationResult.Credential; IBuffer publicKey = userKey.RetrievePublicKey(); KeyCredentialAttestationResult keyAttestationResult = await userKey.GetAttestationAsync(); if (keyAttestationResult.Status == KeyCredentialAttestationStatus.Success) { //keyAttestation Included. //TODO:read keyAttestationResult.AttestationBuffer and keyAttestationResult.CertificateChainBuffer } else if (keyAttestationResult.Status == KeyCredentialAttestationStatus.TemporaryFailure) { //keyAttestation CanBeRetrievedLater } else if (keyAttestationResult.Status == KeyCredentialAttestationStatus.NotSupported) { //keyAttestation is not supported } // Package public key, keyAttesation if available, // certificate chain for attestation endorsement key if available, // status code of key attestation result: keyAttestationIncluded or // keyAttestationCanBeRetrievedLater and keyAttestationRetryType // and send it to application server to register the user. bool serverAddedPassportToAccount = await AddPassportToAccountOnServer(); if (serverAddedPassportToAccount == true) { return(true); } } else if (keyCreationResult.Status == KeyCredentialStatus.UserCanceled) { // User cancelled the Passport enrollment process } else if (keyCreationResult.Status == KeyCredentialStatus.NotFound) { // User needs to create PIN return(false); } return(false); }
public async void Load() { try { if (await KeyCredentialManager.IsSupportedAsync()) { var result = await KeyCredentialManager.OpenAsync(Helper.AppName); if (result.Credential != null) { var signResult = await result.Credential.RequestSignAsync(CryptographicBuffer.ConvertStringToBinary(DeviceHelper.PackageName, BinaryStringEncoding.Utf8)); if (signResult.Status == KeyCredentialStatus.Success) { Unlock(); } else { BiometricsButton.Visibility = Visibility.Visible; } } else { var creationResult = await KeyCredentialManager.RequestCreateAsync(Helper.AppName, KeyCredentialCreationOption.ReplaceExisting); if (creationResult.Status == KeyCredentialStatus.Success) { Unlock(); } else { BiometricsButton.Visibility = Visibility.Visible; } } } else { PassText.Focus(FocusState.Keyboard); } } catch { } }
private async void BiometricsButtonClick(object sender, RoutedEventArgs e) { try { if (await KeyCredentialManager.IsSupportedAsync()) { var creationResult = await KeyCredentialManager.RequestCreateAsync(Helper.AppName, KeyCredentialCreationOption.ReplaceExisting); if (creationResult.Status == KeyCredentialStatus.Success) { Unlock(); } else { BiometricsButton.Visibility = Visibility.Visible; } } } catch { } }
private async void Button_Click(object sender, RoutedEventArgs e) { KeyCredentialRetrievalResult keyCreationResult = await KeyCredentialManager.RequestCreateAsync("WinHello", KeyCredentialCreationOption.ReplaceExisting); var resourceLoader = Windows.ApplicationModel.Resources.ResourceLoader.GetForCurrentView(); if (keyCreationResult.Status == KeyCredentialStatus.Success) { this.Frame.Navigate(typeof(MainPage)); } else if (keyCreationResult.Status == KeyCredentialStatus.NotFound) { MessageDialog message = new MessageDialog(resourceLoader.GetString("WHError1")); await message.ShowAsync(); } else if (keyCreationResult.Status == KeyCredentialStatus.UnknownError) { MessageDialog message = new MessageDialog(resourceLoader.GetString("WHError2")); await message.ShowAsync(); } }
private async Task <IBuffer> CreatePassportKeyCredentialAsync(string userName) { // Create a new KeyCredential for the user on the device var keyCreationResult = await KeyCredentialManager.RequestCreateAsync(userName, KeyCredentialCreationOption.ReplaceExisting); if (keyCreationResult.Status == KeyCredentialStatus.Success) { // User has autheniticated with Windows Hello and the key credential is created var credential = keyCreationResult.Credential; return(credential.RetrievePublicKey()); } else if (keyCreationResult.Status == KeyCredentialStatus.NotFound) { await DialogBox.ShowAsync("Windows Hello", "To proceed, Windows Hello needs to be configured in Windows Settings (Accounts -> Sign-in options)"); } else if (keyCreationResult.Status == KeyCredentialStatus.UnknownError) { await DialogBox.ShowAsync("Windows Hello Error", "The key credential could not be created. Please try again."); } return(null); }
private async void Biometrics_Click(object sender, RoutedEventArgs e) { try { var result = await KeyCredentialManager.OpenAsync(Strings.Resources.AppName); if (result.Credential != null) { var signResult = await result.Credential.RequestSignAsync(CryptographicBuffer.ConvertStringToBinary(Package.Current.Id.Name, BinaryStringEncoding.Utf8)); if (signResult.Status == KeyCredentialStatus.Success) { Unlock(); } else { Field.Focus(FocusState.Keyboard); } } else { var creationResult = await KeyCredentialManager.RequestCreateAsync(Strings.Resources.AppName, KeyCredentialCreationOption.ReplaceExisting); if (creationResult.Status == KeyCredentialStatus.Success) { Unlock(); } else { Field.Focus(FocusState.Keyboard); } } } catch { Field.Focus(FocusState.Keyboard); } }
public static async Task <bool> CreatePassportKeyAsync(string accountId) { KeyCredentialRetrievalResult keyCreationResult = await KeyCredentialManager.RequestCreateAsync(accountId, KeyCredentialCreationOption.ReplaceExisting); switch (keyCreationResult.Status) { case KeyCredentialStatus.Success: Debug.WriteLine("Successfully made key"); return(true); case KeyCredentialStatus.UserCanceled: Debug.WriteLine("User cancelled sign-in process."); break; case KeyCredentialStatus.NotFound: Debug.WriteLine("Microsoft Passport is not setup!\nPlease go to Windows Settings and set up a PIN to use it."); break; default: break; } return(false); }
public async Task <bool> AuthenticateAsync() { // Waits that the app's window gets the focus. This allows to avoid having the icon in the task bar // blinking orange when windows hello starts. It might distracts the user. await _windowFocusAwaiter.Task.ConfigureAwait(false); if (!await IsWindowsHelloEnabledAsync() .ConfigureAwait(true)) // run on the current context. { _logger.LogEvent(AuthenticateEvent, "Success == False; Windows Hello isn't enabled."); return(false); } // Get credentials for current user and app KeyCredentialRetrievalResult result = await KeyCredentialManager.OpenAsync(KeyCredentialManagerName); if (result.Credential != null) { // Prompt the user to authenticate. KeyCredentialOperationResult signResult = await result.Credential.RequestSignAsync(CryptographicBuffer.ConvertStringToBinary(KeyCredentialManagerName, BinaryStringEncoding.Utf8)); if (signResult.Status == KeyCredentialStatus.Success) { _logger.LogEvent(AuthenticateEvent, "Success == True"); return(true); } _logger.LogEvent(AuthenticateEvent, "Success == False"); return(false); } // No previous saved credentials found, let's create them (this will also prompt the user to authenticate). KeyCredentialRetrievalResult creationResult = await KeyCredentialManager.RequestCreateAsync(KeyCredentialManagerName, KeyCredentialCreationOption.ReplaceExisting); _logger.LogEvent(AuthenticateEvent, $"Success == {creationResult.Status == KeyCredentialStatus.Success}"); return(creationResult.Status == KeyCredentialStatus.Success); }
private static async Task <bool> AuthenticateUsingWindowsHello() { if (await KeyCredentialManager.IsSupportedAsync()) { // Get credentials for current user and app var result = await KeyCredentialManager.OpenAsync("GitIt-Hello"); if (result.Credential != null) { var signResult = await result.Credential.RequestSignAsync(CryptographicBuffer.ConvertStringToBinary("LoginAuth", BinaryStringEncoding.Utf8)); return(signResult.Status == KeyCredentialStatus.Success); } // If no credentials found create one var creationResult = await KeyCredentialManager.RequestCreateAsync("GitIt-Hello", KeyCredentialCreationOption.ReplaceExisting); return(creationResult.Status == KeyCredentialStatus.Success); } return(false); }
private async Task <PasswordInfoModel> GetPasswordInfoModelAsync() { PasswordInfoModel model = null; var pwInfoFile = await _storageService.GetCachedTextFileAsync(FileName); if (pwInfoFile != null) { model = JsonConvert.DeserializeObject <PasswordInfoModel>(pwInfoFile); } if (model == null) { if (!await KeyCredentialManager.IsSupportedAsync()) { return(null); } model = new PasswordInfoModel { KeyPhrase = "sign this keyphrase of this bookmarked application to get a secure string" }; var keyCreationResult = await KeyCredentialManager.RequestCreateAsync(AccountId, KeyCredentialCreationOption.ReplaceExisting); if (keyCreationResult.Status == KeyCredentialStatus.Success) { model.PreferPassword = false; } else if (keyCreationResult.Status == KeyCredentialStatus.UserPrefersPassword) { model.PreferPassword = true; } await _storageService.SetCachedTextFileAsync(FileName, JsonConvert.SerializeObject(model)); } return(model); }
private async void Path_Auth() { // check if KeyCredentialManager can be used if (await KeyCredentialManager.IsSupportedAsync() == false) { await(new MessageDialog("KeyCredentialManager not supported")).ShowAsync(); return; } // retrieve private key for sign KeyCredentialRetrievalResult res = await KeyCredentialManager.OpenAsync("key1"); if (res.Status == KeyCredentialStatus.Success) { // // If it is present, we request sign for some data // // convert string to binary buffer var inputbuf = CryptographicBuffer.ConvertStringToBinary( "Test Data 1", BinaryStringEncoding.Utf8); // sign using retrieved private key // (Windows Hello is diplayed here !) KeyCredentialOperationResult signRes = await res.Credential.RequestSignAsync(inputbuf); //KeyCredentialAttestationResult signRes = await res.Credential.GetAttestationAsync(); /* * // get the base64 encoded data to cryptographically sign * string base64encSignature = * CryptographicBuffer.EncodeToBase64String(signRes.Result); * await (new MessageDialog(base64encSignature)).ShowAsync(); */ if (signRes.Status == KeyCredentialStatus.Success) { // ナビゲーション フレームを使用して前のページに戻ります if (this.Frame != null && this.Frame.CanGoBack) { this.Frame.GoBack(); } else if (this.Frame != null) { //this.Frame.Navigate(typeof(Browser.MainBrowser)); this.Frame.Navigate(typeof(Browser.Browser1)); } } else { // get the base64 encoded data to cryptographically sign //string base64encSignature = CryptographicBuffer.EncodeToBase64String(signRes.Result); await(new MessageDialog("キャンセルしました")).ShowAsync(); //await (new MessageDialog(base64encSignature)).ShowAsync(); } } else if (res.Status == KeyCredentialStatus.NotFound) { // // If the credential is not found, we create it. // // Create the credential // (Windows Hello is diplayed here !) KeyCredentialRetrievalResult createRes = await KeyCredentialManager.RequestCreateAsync("key1", KeyCredentialCreationOption.ReplaceExisting); if (createRes.Status == KeyCredentialStatus.Success) { // ナビゲーション フレームを使用して前のページに戻ります if (this.Frame != null && this.Frame.CanGoBack) { this.Frame.GoBack(); } else if (this.Frame != null) { //this.Frame.Navigate(typeof(Browser.MainBrowser)); this.Frame.Navigate(typeof(Browser.Browser1)); } } else { // get the base64 encoded data to cryptographically sign //string base64encSignature = CryptographicBuffer.EncodeToBase64String(signRes.Result); await(new MessageDialog("キャンセルしました")).ShowAsync(); //await (new MessageDialog(base64encSignature)).ShowAsync(); } /* * // if the status is success, retrieve the public key. * if (createRes.Status == KeyCredentialStatus.Success) * { * var pubKey = createRes.Credential.RetrievePublicKey(); * AsymmetricKeyAlgorithmProvider alg = * AsymmetricKeyAlgorithmProvider.OpenAlgorithm( * AsymmetricAlgorithmNames.RsaPkcs1); * CryptographicKey ckey = alg.ImportPublicKey(pubKey); * // for ex, CryptographicEngine.VerifySignature() using this CryptographicKey * // (This time, just showing the keysize) * var dialog = new MessageDialog(string.Format("Key size is {0}", ckey.KeySize)); * await dialog.ShowAsync(); * } */ } else { await(new MessageDialog("Unknown error !")).ShowAsync(); } }
private async void btnTest_Click(object sender, RoutedEventArgs e) { var keyCredentialAvailable = await KeyCredentialManager.IsSupportedAsync(); if (!keyCredentialAvailable) { // User didn't set up PIN yet await ShowMsg("No key credentials available"); } await ShowMsg("KeyCredentials are available"); string returnMessage = null; try { // Request the logged on user's consent via fingerprint swipe. //var consentResult = await Windows.Security.Credentials.UI.UserConsentVerifier.RequestVerificationAsync("Require you to authenticate"); var authenticationResult = await KeyCredentialManager.RequestCreateAsync("login", KeyCredentialCreationOption.ReplaceExisting); var pubKeyBuffer = authenticationResult.Credential.RetrievePublicKey(); var pubKey = pubKeyBuffer.ToArray(); var pubKeyAsBase64 = Convert.ToBase64String(pubKey); PopulateTextFieldData(pubKeyAsBase64); if (authenticationResult.Status == KeyCredentialStatus.Success) { returnMessage = "User is logged in"; } else { returnMessage = "Login error: " + authenticationResult.Status; } //switch (consentResult) //{ // case Windows.Security.Credentials.UI.UserConsentVerificationResult.Verified: // returnMessage = "Fingerprint verified."; // break; // case Windows.Security.Credentials.UI.UserConsentVerificationResult.DeviceBusy: // returnMessage = "Biometric device is busy."; // break; // case Windows.Security.Credentials.UI.UserConsentVerificationResult.DeviceNotPresent: // returnMessage = "No biometric device found."; // break; // case Windows.Security.Credentials.UI.UserConsentVerificationResult.DisabledByPolicy: // returnMessage = "Biometric verification is disabled by policy."; // break; // case Windows.Security.Credentials.UI.UserConsentVerificationResult.NotConfiguredForUser: // returnMessage = "The user has no fingerprints registered. Please add a fingerprint to the " + // "fingerprint database and try again."; // break; // case Windows.Security.Credentials.UI.UserConsentVerificationResult.RetriesExhausted: // returnMessage = "There have been too many failed attempts. Fingerprint authentication canceled."; // break; // case Windows.Security.Credentials.UI.UserConsentVerificationResult.Canceled: // returnMessage = "Fingerprint authentication canceled."; // break; // default: // returnMessage = "Fingerprint authentication is currently unavailable."; // break; //} } catch (Exception ex) { returnMessage = "Fingerprint authentication failed: " + ex.ToString(); } await ShowMsg(returnMessage); }
private async Task <bool> CreatePassportKeyAsync() { KeyCredentialRetrievalResult keyCreationResult = await KeyCredentialManager.RequestCreateAsync(DefaultLogin, KeyCredentialCreationOption.ReplaceExisting); return(this.IsCredentialValid(keyCreationResult)); }
/// <summary> /// Request the creation of a Microsoft Key credential. /// </summary> /// <param name="credentialName">Name given to the credential to be created.</param> /// <param name="op">Available options to request the credential creation (Fail if exists or Replace existing.</param> /// <returns>KeyCredentialRetrievalResult object with all the information.</returns> internal static async Task <KeyCredentialRetrievalResult> CreateCredential(string credentialName, KeyCredentialCreationOption op) { return(await KeyCredentialManager.RequestCreateAsync(credentialName, op)); }
/// <summary> /// Retrieve the password to use to open the given database /// </summary> /// <param name="databaseName">name of the database</param> /// <returns>credentials to use to open this database</returns> public async static Task <PasswordParameter> GetDatabasePasswordAsync(string databaseName) { PasswordParameter credentials = null; // Try to use Windows Hello if (SettingsViewModel.Instance.WindowsHelloEnabled && await KeyCredentialManager.IsSupportedAsync() ) { // Try to open an already generated Windows Hello credentials var passportCredentials = await KeyCredentialManager.OpenAsync(WINDOWS_HELLO_SERVICE_NAME); if (passportCredentials.Status == KeyCredentialStatus.Success) { var signRes = await passportCredentials.Credential.RequestSignAsync( CryptographicBuffer.ConvertStringToBinary("LoginAuth", BinaryStringEncoding.Utf8)); if (signRes.Status == KeyCredentialStatus.Success) { // User confirmed its identity, retrieve the credentials from the system Password Vault try { credentials = await LoadDatabasePasswordAsync(databaseName); } catch (Exception) { // Prompt for credentials, then store them PasswordParameter password = await ShowPasswordDialogAsync(databaseName); StoreDatabasePassword(databaseName, password); credentials = password; } } else if (signRes.Status == KeyCredentialStatus.UserCanceled) { // User cancelled the credential throw new TaskCanceledException(); } } else { // No credentials available, need to create it var passportCredentialCreation = await KeyCredentialManager.RequestCreateAsync(WINDOWS_HELLO_SERVICE_NAME, KeyCredentialCreationOption.FailIfExists); if (passportCredentialCreation.Status == KeyCredentialStatus.Success || passportCredentialCreation.Status == KeyCredentialStatus.CredentialAlreadyExists) { // Prompt for credentials, then store them PasswordParameter password = await ShowPasswordDialogAsync(databaseName); StoreDatabasePassword(databaseName, password); credentials = password; } else if (passportCredentialCreation.Status == KeyCredentialStatus.UserCanceled) { // User cancelled the credential throw new TaskCanceledException(); } } } if (credentials == null) { // No Windows Hello, use standard password credentials = await ShowPasswordDialogAsync(databaseName); } return(credentials); }
private async Task <bool> CreatePassportKey(string accountId) { KeyCredentialRetrievalResult keyCreationResult = await KeyCredentialManager.RequestCreateAsync(accountId, KeyCredentialCreationOption.ReplaceExisting); if (keyCreationResult.Status == KeyCredentialStatus.Success) { KeyCredential userKey = keyCreationResult.Credential; IBuffer publicKey = userKey.RetrievePublicKey(); KeyCredentialAttestationResult keyAttestationResult = await userKey.GetAttestationAsync(); IBuffer keyAttestation = null; IBuffer certificateChain = null; bool keyAttestationIncluded = false; bool keyAttestationCanBeRetrievedLater = false; KeyCredentialAttestationStatus keyAttestationRetryType = 0; if (keyAttestationResult.Status == KeyCredentialAttestationStatus.Success) { keyAttestationIncluded = true; keyAttestation = keyAttestationResult.AttestationBuffer; certificateChain = keyAttestationResult.CertificateChainBuffer; } else if (keyAttestationResult.Status == KeyCredentialAttestationStatus.TemporaryFailure) { keyAttestationRetryType = KeyCredentialAttestationStatus.TemporaryFailure; keyAttestationCanBeRetrievedLater = true; } else if (keyAttestationResult.Status == KeyCredentialAttestationStatus.NotSupported) { keyAttestationRetryType = KeyCredentialAttestationStatus.NotSupported; keyAttestationCanBeRetrievedLater = false; } // Package public key, keyAttesation if available, // certificate chain for attestation endorsement key if available, // status code of key attestation result: keyAttestationIncluded or // keyAttestationCanBeRetrievedLater and keyAttestationRetryType // and send it to application server to register the user. bool serverAddedPassportToAccount = await AddPassportToAccountOnServer(); if (serverAddedPassportToAccount == true) { return(true); } } else if (keyCreationResult.Status == KeyCredentialStatus.UserCanceled) { // User cancelled the Passport enrollment process } else if (keyCreationResult.Status == KeyCredentialStatus.NotFound) { // User needs to create PIN //textblock_PassportStatusText.Text = "Microsoft Passport is almost ready!\nPlease go to Windows Settings and set up a PIN to use it."; //grid_PassportStatus.Background = new SolidColorBrush(Color.FromArgb(255, 50, 170, 207)); //button_PassportSignIn.IsEnabled = false; m_passportAvailable = false; } else { } return(false); }
public static async Task <bool> CreatePassportKeyAsync() { var keyCreationResult = await KeyCredentialManager.RequestCreateAsync("temp", KeyCredentialCreationOption.ReplaceExisting); return(keyCreationResult.Status == KeyCredentialStatus.Success); }