Exemplo n.º 1
0
        public void TestNone()
        {
            Fido2Tests._validCOSEParameters.ForEach(async delegate(object[] param)
            {
                _attestationObject.Add("attStmt", CBORObject.NewMap());
                _credentialPublicKey           = Fido2Tests.MakeCredentialPublicKey(param);
                Fido2.CredentialMakeResult res = null;

                res = await MakeAttestationResponse();

                Assert.Equal(string.Empty, res.ErrorMessage);
                Assert.Equal("ok", res.Status);
                Assert.Equal(_aaguid, res.Result.Aaguid);
                Assert.Equal(_signCount, res.Result.Counter);
                Assert.Equal("none", res.Result.CredType);
                Assert.Equal(_credentialID, res.Result.CredentialId);
                Assert.Null(res.Result.ErrorMessage);
                Assert.Equal(_credentialPublicKey.GetBytes(), res.Result.PublicKey);
                Assert.Null(res.Result.Status);
                Assert.Equal("Test User", res.Result.User.DisplayName);
                Assert.Equal(System.Text.Encoding.UTF8.GetBytes("testuser"), res.Result.User.Id);
                Assert.Equal("testuser", res.Result.User.Name);
                _attestationObject = CBORObject.NewMap().Add("fmt", "none");
            });
        }
Exemplo n.º 2
0
        public void TestNone()
        {
            Fido2Tests._validCOSEParameters.ForEach(async((COSE.KeyType, COSE.Algorithm, COSE.EllipticCurve)param) =>
            {
                _attestationObject.Add("attStmt", new CborMap());
                _credentialPublicKey           = Fido2Tests.MakeCredentialPublicKey(param);
                Fido2.CredentialMakeResult res = null;

                res = await MakeAttestationResponse();

                Assert.Equal(string.Empty, res.ErrorMessage);
                Assert.Equal("ok", res.Status);
                Assert.Equal(_aaguid, res.Result.Aaguid);
                Assert.Equal(_signCount, res.Result.Counter);
                Assert.Equal("none", res.Result.CredType);
                Assert.Equal(_credentialID, res.Result.CredentialId);
                Assert.Null(res.Result.ErrorMessage);
                Assert.Equal(_credentialPublicKey.GetBytes(), res.Result.PublicKey);
                Assert.Null(res.Result.Status);
                Assert.Equal("Test User", res.Result.User.DisplayName);
                Assert.Equal(System.Text.Encoding.UTF8.GetBytes("testuser"), res.Result.User.Id);
                Assert.Equal("testuser", res.Result.User.Name);
                _attestationObject = new CborMap {
                    { "fmt", "none" }
                };
            });
Exemplo n.º 3
0
        public void TestNoneWithAttStmt()
        {
            _attestationObject.Add("attStmt", CBORObject.NewMap().Add("foo", "bar"));
            _credentialPublicKey = Fido2Tests.MakeCredentialPublicKey(Fido2Tests._validCOSEParameters[0]);
            var ex = Assert.ThrowsAsync <Fido2VerificationException>(() => MakeAttestationResponse());

            Assert.Equal("Attestation format none should have no attestation statement", ex.Result.Message);
        }
Exemplo n.º 4
0
        public FidoU2f()
        {
            _aaguid = Guid.Empty;
            _attestationObject.Add("fmt", "fido-u2f");
            X509Certificate2 attestnCert;

            using (var ecdsaAtt = ECDsa.Create(ECCurve.NamedCurves.nistP256))
            {
                var attRequest = new CertificateRequest("CN=U2FTesting, OU=Authenticator Attestation, O=FIDO2-NET-LIB, C=US", ecdsaAtt, HashAlgorithmName.SHA256);

                attRequest.CertificateExtensions.Add(notCAExt);

                using (attestnCert = attRequest.CreateSelfSigned(DateTimeOffset.UtcNow, DateTimeOffset.UtcNow.AddDays(2)))
                {
                    var X5c = new CborArray {
                        attestnCert.RawData
                    };

                    var ecparams = ecdsaAtt.ExportParameters(true);

                    _credentialPublicKey = Fido2Tests.MakeCredentialPublicKey(COSE.KeyType.EC2, COSE.Algorithm.ES256, COSE.EllipticCurve.P256, ecparams.Q.X, ecparams.Q.Y);

                    var x = (byte[])_credentialPublicKey.GetCborObject()[COSE.KeyTypeParameter.X];
                    var y = (byte[])_credentialPublicKey.GetCborObject()[COSE.KeyTypeParameter.Y];

                    byte[] publicKeyU2F = DataHelper.Concat(new byte[1] {
                        0x4
                    }, x, y);

                    byte[] verificationData = DataHelper.Concat(
                        new byte[1] {
                        0x00
                    },
                        _rpIdHash,
                        _clientDataHash,
                        _credentialID,
                        publicKeyU2F
                        );

                    byte[] signature = Fido2Tests.SignData(COSE.KeyType.EC2, COSE.Algorithm.ES256, verificationData, ecdsaAtt, null, null);

                    _attestationObject.Add("attStmt", new CborMap {
                        { "x5c", X5c },
                        { "sig", signature }
                    });
                }
            }
        }
Exemplo n.º 5
0
        public FidoU2f()
        {
            _aaguid = Guid.Empty;
            _attestationObject.Add("fmt", "fido-u2f");
            X509Certificate2 attestnCert;

            using (var ecdsaAtt = ECDsa.Create(ECCurve.NamedCurves.nistP256))
            {
                var attRequest = new CertificateRequest("CN=U2FTesting, OU=Authenticator Attestation, O=FIDO2-NET-LIB, C=US", ecdsaAtt, HashAlgorithmName.SHA256);

                attRequest.CertificateExtensions.Add(notCAExt);

                using (attestnCert = attRequest.CreateSelfSigned(DateTimeOffset.UtcNow, DateTimeOffset.UtcNow.AddDays(2)))
                {
                    var X5c = CBORObject.NewArray()
                              .Add(CBORObject.FromObject(attestnCert.RawData));
                    var ecparams = ecdsaAtt.ExportParameters(true);

                    _credentialPublicKey = Fido2Tests.MakeCredentialPublicKey(COSE.KeyType.EC2, COSE.Algorithm.ES256, COSE.EllipticCurve.P256, ecparams.Q.X, ecparams.Q.Y);

                    var x            = _credentialPublicKey.GetCBORObject()[CBORObject.FromObject(COSE.KeyTypeParameter.X)].GetByteString();
                    var y            = _credentialPublicKey.GetCBORObject()[CBORObject.FromObject(COSE.KeyTypeParameter.Y)].GetByteString();
                    var publicKeyU2F = new byte[1] {
                        0x4
                    }.Concat(x).Concat(y).ToArray();

                    var verificationData = new byte[1] {
                        0x00
                    };
                    verificationData = verificationData
                                       .Concat(_rpIdHash)
                                       .Concat(_clientDataHash)
                                       .Concat(_credentialID)
                                       .Concat(publicKeyU2F.ToArray())
                                       .ToArray();

                    byte[] signature = Fido2Tests.SignData(COSE.KeyType.EC2, COSE.Algorithm.ES256, verificationData, ecdsaAtt, null, null);

                    _attestationObject.Add("attStmt", CBORObject.NewMap().Add("x5c", X5c).Add("sig", signature));
                }
            }
        }