コード例 #1
0
 public static async Task <GetCommandStatus> Get(DevParam devParam, string publickeyJson, string pin = "")
 {
     try {
         var publickey = JsonConvert.DeserializeObject <PublicKeyforGet>(publickeyJson);
         publickey.pin = pin;
         return(await Get(devParam, publickey));
     } catch (Exception ex) {
         var status = new GetCommandStatus();
         status.msg = ex.Message.ToString();
         return(status);
     }
 }
コード例 #2
0
        public static bool Verify(GetCommandStatus status, byte[] publickey, int assertion_index = 0)
        {
            if (status.assertions.Count <= 0 || status.assertions.Count < assertion_index + 1)
            {
                return(false);
            }

            var pubkeypem = ConvertCOSEtoPEM(publickey);

            foreach (var command in status.commands)
            {
                if (command.cmd.GetType() == typeof(CTAPauthenticatorGetAssertion))
                {
                    var get = ((CTAPauthenticatorGetAssertion)(command.cmd));

                    // verify assertion
                    return(Verify(get.RpId, get.ClientDataHash, pubkeypem, status.assertions[assertion_index]));
                }
            }
            return(false);
        }
コード例 #3
0
        public static async Task <GetCommandStatus> Get(DevParam devParam, PublicKeyforGet publickey)
        {
            var status = new GetCommandStatus();

            try {
                string rpid = publickey.rpId;

                var ctap = new CTAPauthenticatorGetAssertion();
                ctap.RpId           = rpid;
                ctap.ClientDataHash = CTAPauthenticator.CreateClientDataHash(publickey.challenge);
                ctap.Timeout        = publickey.timeout;

                // credential-id
                if (publickey.allowCredentials != null &&
                    publickey.allowCredentials.Count > 0 &&
                    publickey.allowCredentials[0] != null &&
                    publickey.allowCredentials[0].id != null &&
                    publickey.allowCredentials[0].id.Length > 0)
                {
                    ctap.AllowList_CredentialId = publickey.allowCredentials[0].id;
                }

                ctap.Option_up = publickey.requireUserPresence;

                if (publickey.userVerification == UserVerificationRequirement.discouraged)
                {
                    ctap.Option_uv = false;
                }
                else
                {
                    ctap.Option_uv = true;
                }

                // pin
                if (publickey.pin.Length > 0)
                {
                    string pin = publickey.pin;

                    var ctap2 = new CTAPauthenticatorClientPIN();

                    var st1 = await ctap2.GetKeyAgreement(devParam);

                    status.commands.Add(new CommandStatus.CommandInfo(ctap2, st1));
                    if (st1.Status != 0)
                    {
                        throw (new Exception("GetKeyAgreement"));
                    }

                    var sharedSecret = ctap2.createSharedSecret(ctap2.Authenticator_KeyAgreement);

                    var pinHashEnc = ctap2.createPinHashEnc(pin, sharedSecret);

                    var token = await ctap2.GetPINToken(devParam, pinHashEnc);

                    status.commands.Add(new CommandStatus.CommandInfo(ctap2, token));
                    if (token.Status != 0)
                    {
                        throw (new Exception("GetPINToken"));
                    }

                    ctap.PinAuth = ctap2.createPinAuth(sharedSecret, ctap.ClientDataHash, token.PinTokenEnc);
                }

                var ret = await ctap.SendAndResponse(devParam);

                status.commands.Add(new CommandStatus.CommandInfo(ctap, ret));
                if (ret.Status != 0)
                {
                    throw (new Exception("GetAssertion"));
                }
                status.assertions.Add(ret);

                if (ret.NumberOfCredentials > 0)
                {
                    for (int intIc = 0; intIc < ret.NumberOfCredentials - 1; intIc++)
                    {
                        var next    = new CTAPauthenticatorGetNextAssertion();
                        var nextret = await next.SendAndResponse(devParam);

                        status.commands.Add(new CommandStatus.CommandInfo(next, nextret));
                        if (ret.Status != 0)
                        {
                            throw (new Exception("GetNextAssertion"));
                        }
                        status.assertions.Add(nextret);
                    }
                }

                // uv=trueでリクエストしてuvされていなければエラー
                if (ctap.Option_uv)
                {
                    if (ret.Flags_UserVerifiedResult == false)
                    {
                        throw (new Exception("UserVerifiedResult False"));
                    }
                }
                status.isSuccess = true;
            } catch (Exception ex) {
                status.setErrorMsg(ex);
            }
            return(status);
        }