static void Main(string[] args)
{
using (var devlist = new FidoDeviceInfoList(64)) {
foreach (var di in devlist)
{
Console.WriteLine(di);
}
}
}
static void Main(string[] args)
{
//Outputs debug messages to the console
//Fido2Settings.Flags = FidoFlags.Debug;
var lastDevicePath = "";
var hasUserPresence = false;
var hasPin = false;
var hasBiometric = false;
//1. Get all devices
using (var devlist = new FidoDeviceInfoList(64))
{
foreach (var di in devlist)
{
Console.WriteLine(di);
lastDevicePath = di.Path;
Console.WriteLine($"GOT PATH:{di.Path}");
}
}
//2. Get the device info for any fido2 compliant device, check if it has a PIN set.
if (string.IsNullOrEmpty(lastDevicePath))
{
Console.WriteLine("No devices found. Check process is administrator, and that key is inserted correctly.");
Console.ReadKey();
return;
}
else
{
using (var dev = new FidoDevice())
{
dev.Open(lastDevicePath);
using (var ci = dev.GetCborInfo())
{
Console.WriteLine(dev);
Console.WriteLine(ci);
foreach (var option in ci.Options)
{
Console.WriteLine($"Option {option.Key}: {option.Value}");
}
//Check the clientPin paramater (true/false if set, not foudn if not capable)
try
{
hasPin = ci.Options["clientPin"];
Console.WriteLine($"Security Key has pin set: {hasPin}");
}
catch
{
Console.WriteLine($"Error detecting pin.");
}
//Check the user presence paramater (true/false if set, not found if not capable)
try
{
hasUserPresence = ci.Options["up"];
Console.WriteLine($"User presence set: {hasUserPresence}");
}
catch
{
Console.WriteLine($"Error detecting user presence parameter.");
}
//Check the user verification paramater (true/false if set, not found if not capable)
try
{
hasBiometric = ci.Options["uv"];
Console.WriteLine($"Biometric set: {hasBiometric}");
}
catch
{
Console.WriteLine($"Error detecting biometric (user verification) parameter.");
}
if (hasPin)
{
Console.WriteLine($"Pin retry count set to: {dev.RetryCount}");
Console.WriteLine();
}
}
dev.Close();
}
}
//Optional. Reset the device
//The actual user-flow to perform a reset is outside the scope of the FIDO2 specification, and may therefore vary depending on the authenticator.
//Yubico authenticators do not allow resets after 5 seconds from power-up, and expect a reset to be confirmed by the user through touch within 30 seconds.
//using (var dev = new FidoDevice())
//{
// Console.WriteLine("To reset the device, remove and re-insert the device, then press any key within 5 seconds.");
// Console.ReadLine();
// dev.Open(lastDevicePath);
// dev.Reset();
// Console.WriteLine("Touch the device to confirm within 30 seconds.");
// dev.Close();
//}
//Optional. Set the pin to 1234
if (!hasPin)
{
using (var dev = new FidoDevice())
{
Console.WriteLine("Press any key to set the pin.");
Console.ReadLine();
dev.Open(lastDevicePath);
{
dev.SetPin(null, "1234");
hasPin = true;
dev.Close();
}
}
}
Console.WriteLine("Press any key to make a credential");
Console.ReadLine();
Console.WriteLine("Touch the device if requested ...");
//3. Make a credential on the device.
//Pin may be null if not required
//https://groups.google.com/a/fidoalliance.org/forum/#!topic/fido-dev/L2K5fBm8Sh0
var useHmacExtension = true;
var credential = MakeDeviceCredential(lastDevicePath, useHmacExtension, FidoCose.ES256, null, (hasPin) ? "1234" : null, hasBiometric);
Console.WriteLine($"Created credential id: {credential.CredentialId}");
Console.WriteLine("Press any key to make another credential");
Console.ReadLine();
Console.WriteLine("Touch the device if requested ...");
//Test making another credential to test multiple credential scenarios
var credential2 = MakeDeviceCredential(lastDevicePath, useHmacExtension, FidoCose.ES256, null, (hasPin) ? "1234" : null, hasBiometric);
Console.WriteLine($"Created credential id: {credential2.CredentialId}");
//4. Try a sample assertion
Console.WriteLine("Press any key to assert this credential");
Console.ReadLine();
Console.WriteLine("Touch the device if requested (to assert)...");
var assertionResult = DoAssertion(lastDevicePath, useHmacExtension, "relyingparty", FidoCose.ES256, (hasPin) ? "1234" : null, credential, credential2, Salt, Salt2, hasUserPresence, hasBiometric);
//5. Try a sample assertion
Console.WriteLine("Press to do another assertion");
Console.ReadLine();
Console.WriteLine("Touch the device if requested (to assert again) ...");
var assertionResult2 = DoAssertion(lastDevicePath, useHmacExtension, "relyingparty", FidoCose.ES256, (hasPin) ? "1234" : null, credential2, credential, Salt2, Salt, hasUserPresence, hasBiometric);
if (useHmacExtension)
{
Console.WriteLine($"Hmac Secrets Match: {assertionResult.HmacSecret.SequenceEqual(assertionResult2.HmacSecret)}");
}
Console.WriteLine("Press any key to close.");
Console.ReadLine();
}
