public CTAPCommandClientPIN_changePIN(COSE_Key keyAgreement, byte[] pinAuth, byte[] newPinEnc, byte[] pinHashEnc) : base(ClientPINSubCommand.changePIN) { this.keyAgreement = keyAgreement; this.pinAuth = pinAuth?.ToArray(); this.newPinEnc = newPinEnc?.ToArray(); this.pinHashEnc = pinHashEnc?.ToArray(); }
public static byte[] CreateSharedSecret(COSE_Key keyAgreement, out COSE_Key myKeyAgreement) { // sharedSecretを生成する(32byte) byte[] bG_x, bG_y; var sharedSecret = ECDH.CreateSharedSecret(keyAgreement.X, keyAgreement.Y, out bG_x, out bG_y); myKeyAgreement = new COSE_Key(2, -7, 1, bG_x, bG_y); return(sharedSecret); }
public override void Parse(byte[] byteresponse) { var cbor = this.decodeFromBytes(byteresponse); if (cbor == null) { return; } var obj = getObj(cbor, 0x01); this.KeyAgreement = new COSE_Key(obj); }
/// <summary> /// CTAP-Command GetAssertion use PIN string /// </summary> public async Task <ResponseGetAssertion> GetAssertionAsync(CTAPCommandGetAssertionParam param, string pin) { byte[] pinAuth = null; byte[] sharedSecret = null; COSE_Key myKeyAgreement = null; if (!string.IsNullOrEmpty(pin)) { var token = await ClientPINgetPINTokenAsync(pin); if (token.DeviceStatus != DeviceStatus.Ok || token.CTAPResponse == null || token.CTAPResponse.Status != 0) { return(new ResponseGetAssertion(token.DeviceStatus, token.CTAPResponse)); } //The platform gets sharedSecret from the authenticator. sharedSecret = CTAPCommandClientPIN.CreateSharedSecret(token.KeyAgreementPublicKey, out myKeyAgreement); pinAuth = CTAPCommandClientPIN.CreatePinAuth(param.ClientDataHash, token.CTAPResponse.PinToken); if (pinAuth == null) { return(new ResponseGetAssertion(token.DeviceStatus, token.CTAPResponse)); } } var ctapResponseGetAssertion = new CTAPResponseGetAssertion(); var ret = await sendCommandandResponseAsync(new CTAPCommandGetAssertion(param, pinAuth, myKeyAgreement, sharedSecret), ctapResponseGetAssertion); //Resolve the hmac-secret extension if (param.UseHmacExtension && ctapResponseGetAssertion.Assertion.ExtensionData?.Length > 0) { var data = ctapResponseGetAssertion.Assertion.ExtensionData; var decoded = AES256CBC.Decrypt(sharedSecret, data.ToArray()); Logger.Log($"GOT SYMMETRIC KEY: {decoded.ToHexString()}"); } return(new ResponseGetAssertion(ret.devSt, ret.ctapRes)); }
public CTAPCommandGetAssertion(CTAPCommandGetAssertionParam param, byte[] pinAuth, COSE_Key keyAgreement, byte[] sharedSecret) { this.param = param; this.pinAuth = pinAuth?.ToArray(); this.keyAgreement = keyAgreement; this.sharedSecret = sharedSecret; }
/// <summary> /// CTAP-Command ClientPIN - getPINToken /// </summary> public async Task <ResponseClientPIN_getPINToken> ClientPINgetPINTokenAsync(COSE_Key keyAgreement, byte[] pinHashEnc, byte[] sharedSecret) { var ret = await sendCommandandResponseAsync(new CTAPCommandClientPIN_getPINToken(keyAgreement, pinHashEnc), new CTAPResponseClientPIN_getPINToken(sharedSecret)); return(new ResponseClientPIN_getPINToken(ret.devSt, ret.ctapRes)); }
public CTAPCommandClientPIN_getPINToken(COSE_Key keyAgreement, byte[] pinHashEnc) : base(ClientPINSubCommand.getPINToken) { this.keyAgreement = keyAgreement; this.pinHashEnc = pinHashEnc.ToArray(); }
public ResponseClientPIN_getPINToken(DeviceStatus devst, CTAPResponse ctapres, COSE_Key key) : base(devst, ctapres) { this.KeyAgreementPublicKey = key; this.CTAPResponse = ctapres as CTAPResponseClientPIN_getPINToken; }