/// <summary> /// Verifies the response from the browser/authr after creating new credentials /// </summary> /// <param name="attestationResponse"></param> /// <param name="origChallenge"></param> /// <returns></returns> public RegisterCredentialResult SetRegisterCredentialResult(AuthenticatorAttestationRawResponse attestationResponse, RegisterCredentialOptions origChallenge, IsCredentialIdUniqueToUserDelegate isCredentialIdUniqueToUser, byte[] requestTokenBindingId = null) { var parsedResponse = AuthenticatorAttestationResponse.Parse(attestationResponse); var success = parsedResponse.VerifyCredentialCreateOptions(origChallenge, _config, isCredentialIdUniqueToUser, _metadataService, requestTokenBindingId); // todo: Set Errormessage etc. return(new RegisterCredentialResult { Status = "ok", ErrorMessage = string.Empty, Result = success }); }
public static AuthenticatorAttestationResponse Parse(AuthenticatorAttestationRawResponse rawResponse) { if (null == rawResponse || null == rawResponse.Response) { throw new VerificationException("Expected rawResponse, got null"); } if (null == rawResponse.Response.AttestationObject || 0 == rawResponse.Response.AttestationObject.Length) { throw new VerificationException("Missing AttestationObject"); } // 8. Perform CBOR decoding on the attestationObject field of the AuthenticatorAttestationResponse structure to obtain the attestation statement format fmt, the authenticator data authData, and the attestation statement attStmt. CBORObject cborAttestation; try { cborAttestation = CBORObject.DecodeFromBytes(rawResponse.Response.AttestationObject); } catch (CBORException ex) { throw new VerificationException("AttestationObject invalid CBOR", ex); } if (null == cborAttestation["fmt"] || CBORType.TextString != cborAttestation["fmt"].Type || null == cborAttestation["attStmt"] || CBORType.Map != cborAttestation["attStmt"].Type || null == cborAttestation["authData"] || CBORType.ByteString != cborAttestation["authData"].Type) { throw new VerificationException("Malformed AttestationObject"); } var response = new AuthenticatorAttestationResponse(rawResponse.Response.ClientDataJson) { Raw = rawResponse, AttestationObject = new ParsedAttestationObject() { Fmt = cborAttestation["fmt"].AsString(), AttStmt = cborAttestation["attStmt"], // convert to dictionary? AuthData = cborAttestation["authData"].GetByteString() } }; return(response); }
public static AuthenticatorAttestationResponse Parse(AuthenticatorAttestationRawResponse rawResponse) { if (null == rawResponse || null == rawResponse.Response) { throw new VerificationException("Expected rawResponse, got null"); } if (null == rawResponse.Response.AttestationObject || 0 == rawResponse.Response.AttestationObject.Length) { throw new VerificationException("Missing AttestationObject"); } CBORObject cborAttestation; try { cborAttestation = CBORObject.DecodeFromBytes(rawResponse.Response.AttestationObject); } catch (CBORException ex) { throw new VerificationException("Malformed AttestationObject", ex); } if (null == cborAttestation["fmt"] || CBORType.TextString != cborAttestation["fmt"].Type || null == cborAttestation["attStmt"] || CBORType.Map != cborAttestation["attStmt"].Type || null == cborAttestation["authData"] || CBORType.ByteString != cborAttestation["authData"].Type) { throw new VerificationException("Malformed AttestationObject"); } var response = new AuthenticatorAttestationResponse(rawResponse.Response.ClientDataJson) { Raw = rawResponse, AttestationObject = new ParsedAttestationObject() { Fmt = cborAttestation["fmt"].AsString(), AttStmt = cborAttestation["attStmt"], // convert to dictionary? AuthData = cborAttestation["authData"].GetByteString() } }; return(response); }
/// <summary> /// Verifies the response from the browser/authr after creating new credentials (MakeNewCredentialAsync) /// </summary> /// <param name="attestationResponse"></param> /// <param name="origChallenge"></param> /// <returns></returns> public async Task <CredentialMakeResult> SetRegisterCredentialResult(AuthenticatorAttestationRawResponse attestationResponse, CredentialCreateOptions origChallenge, IsCredentialIdUniqueToUserAsyncDelegate isCredentialIdUniqueToUser, byte[] requestTokenBindingId = null) { var parsedResponse = AuthenticatorAttestationResponse.Parse(attestationResponse); var success = await parsedResponse.VerifyAsync(origChallenge, _config, isCredentialIdUniqueToUser, _metadataService, requestTokenBindingId); try { return(new CredentialMakeResult { Status = "ok", ErrorMessage = string.Empty, Result = success }); } catch (Exception e) { return(new CredentialMakeResult { Status = "error", ErrorMessage = e.Message, Result = success }); } }