public async Task <g.FIDO2.Attestation> Register(g.FIDO2.CTAP.AuthenticatorConnector con, string rpid, byte[] challenge, string pin)
{
return(await Task <g.FIDO2.Attestation> .Run(async() => {
var param = new g.FIDO2.CTAP.CTAPCommandMakeCredentialParam(rpid, challenge);
param.RpName = "";
param.UserName = "";
param.UserDisplayName = "";
param.Option_rk = false;
// pinが未設定であればUVはtrue
param.Option_uv = string.IsNullOrEmpty(pin);
g.FIDO2.Attestation att = null;
{
var res = await con.MakeCredentialAsync(param, pin);
if (res?.CTAPResponse?.Status == 0 && res?.CTAPResponse?.Attestation != null)
{
att = res.CTAPResponse.Attestation;
}
}
if (con is BLEAuthenticatorConnector)
{
(con as BLEAuthenticatorConnector).Disconnect();
}
return att;
}));
}
private async void ButtonRegistration_Click(object sender, RoutedEventArgs e)
{
// server
var rpid = "test.com";
var challenge = g.FIDO2.Util.AttestationVerifier.CreateChallenge();
// client
var userName = "******";
var att = new g.FIDO2.Attestation();
{
var fidoDevs = g.FIDO2.CTAP.HID.HIDAuthenticatorConnector.GetAllFIDODevicePaths();
if (fidoDevs.Count > 0)
{
var con = new g.FIDO2.CTAP.HID.HIDAuthenticatorConnector(fidoDevs[0]); //we assume that the first USB FIDO device found is the one we should use
var param = new g.FIDO2.CTAP.CTAPCommandMakeCredentialParam(rpid, challenge, new byte[1] {
0x01
});
param.RpName = rpid;
param.UserName = userName;
param.UserDisplayName = "testUserDisplayName";
param.Option_rk = false;
param.Option_uv = false;
string pin = "1234";
var res = await con.MakeCredentialAsync(param, pin);
if (res?.CTAPResponse?.Attestation != null)
{
att = res.CTAPResponse.Attestation;
}
}
}
// server
if (att != null)
{
var v = new g.FIDO2.Util.AttestationVerifier();
var verify = v.Verify(rpid, challenge, att);
if (verify.IsSuccess)
{
this.credentialID = verify.CredentialID.ToArray();
this.publicKey = verify.PublicKeyPem;
// 公開鍵をX.509証明書に変換
var cert = v.CreateSelfSignedCertificate(verify, rpid, userName, new TimeSpan(365, 0, 0, 0, 0));
// Windowsの証明書ストアに保存
/*
* // certmgr.msc
* var store = new X509Store(StoreName.My, StoreLocation.CurrentUser);
*
* store.Open(OpenFlags.ReadWrite);
* store.Add(cert);
* store.Close();
*/
// ファイルに保存
var bcert = cert.Export(X509ContentType.Cert);
var fileName = @"c:\work\test.cer";
using (var writer = new BinaryWriter(new FileStream(fileName, FileMode.Create))) {
//書き込む処理
writer.Write(bcert);
}
}
}
}
