Exemplo n.º 1
0
        public async Task <RegisterResponse> Register(ICollection <RegisterRequest> registrationRequests,
                                                      ICollection <SignRequest> signRequests, CancellationToken cancellationToken = default(CancellationToken))
        {
            var appIds = registrationRequests
                         .Select(r => r.AppId)
                         .Concat(signRequests.Select(r => r.AppId))
                         .Distinct()
                         .ToList();

            await CheckOriginAndAppIdsAsync(appIds, cancellationToken);

            var signInfos       = signRequests.Select(GenerateSignInfo).ToDictionary(s => s.KeySignRequest);
            var keySignRequests = signInfos.Keys.ToList();

            var registerInfos       = registrationRequests.Select(GenerateRegisterInfo).ToDictionary(s => s.KeyRegisterRequest);
            var keyRegisterRequests = registerInfos.Keys.ToList();
            var result = await keyOperations.Register(keyRegisterRequests, keySignRequests,
                                                      cancellationToken);

            if (!result.IsSuccess)
            {
                return(null);
            }

            var registerInfo = registerInfos[result.Request];

            return(new RegisterResponse(
                       WebSafeBase64Converter.ToBase64String(RawMessageCodec.EncodeKeyRegisterResponse(result.Response)),
                       WebSafeBase64Converter.ToBase64String(registerInfo.ClientDataBase64),
                       registerInfo.RegisterRequest.SessionId));
        }
Exemplo n.º 2
0
        public virtual void TestEncodeRegisterResponse()
        {
            var registerResponse = new KeyRegisterResponse(USER_PUBLIC_KEY_ENROLL_HEX, KEY_HANDLE, VENDOR_CERTIFICATE,
                                                           SIGNATURE_ENROLL);
            var encodedBytes = RawMessageCodec.EncodeKeyRegisterResponse(registerResponse);

            CollectionAssert.AreEqual(REGISTRATION_RESPONSE_DATA, encodedBytes);
        }
Exemplo n.º 3
0
        public Task <KeyResponse <KeyRegisterResponse> > RegisterAsync(KeyRegisterRequest request, CancellationToken cancellationToken = new CancellationToken(),
                                                                       bool invididualAttestation = false)
        {
            if (request == null)
            {
                throw new ArgumentNullException(nameof(request));
            }

            log.Info(">> register");

            var applicationSha256 = request.ApplicationSha256;
            var challengeSha256   = request.ChallengeSha256;

            log.Info(" -- Inputs --");
            log.Info("  applicationSha256: " + applicationSha256.ToHexString());
            log.Info("  challengeSha256: " + challengeSha256.ToHexString());

            var userPresent = userPresenceVerifier.VerifyUserPresence();

            if ((userPresent & UserPresenceVerifierConstants.UserPresentFlag) == 0)
            {
                return(TestOfUserPresenceRequired <KeyRegisterResponse>());
            }

            var keyPair   = keyPairGenerator.GenerateKeyPair(applicationSha256, challengeSha256);
            var keyHandle = keyHandleGenerator.GenerateKeyHandle(applicationSha256, keyPair);

            dataStore.StoreKeyPair(keyHandle, keyPair);

            var userPublicKey = keyPairGenerator.EncodePublicKey(keyPair.PublicKey);
            var signedData    = RawMessageCodec.EncodeKeyRegisterSignedBytes(applicationSha256, challengeSha256, keyHandle,
                                                                             userPublicKey);

            log.Info("Signing bytes " + signedData.ToHexString());
            var signature = crypto.Sign(signedData, certificatePrivateKey);

            log.Info(" -- Outputs --");
            log.Info("  userPublicKey: " + userPublicKey.ToHexString());
            log.Info("  keyHandle: " + keyHandle.ToHexString());
            log.Info("  vendorCertificate: " + vendorCertificate);
            log.Info("  signature: " + signature.ToHexString());
            log.Info("<< register");

            var response     = new KeyRegisterResponse(userPublicKey, keyHandle, vendorCertificate, signature);
            var responseData = RawMessageCodec.EncodeKeyRegisterResponse(response).Segment();
            var apdu         = new ApduResponse(ApduResponseStatus.NoError, responseData);
            var keyResponse  = new KeyResponse <KeyRegisterResponse>(apdu, response, KeyResponseStatus.Success);

            return(TaskEx.FromResult(keyResponse));
        }
        public void Register(string origin, string accountName)
        {
            var registrationRequest = server.GetRegistrationRequest(accountName, origin);

            if (!registrationRequest.Version.Equals(U2FConsts.U2Fv2))
            {
                throw new U2FException($"Unsupported protocol version: {registrationRequest.Version}");
            }
            appIdVerifier.ValidateOrigin(registrationRequest.AppId, origin);
            var    channelIdJson = channelIdProvider.GetJsonChannelId();
            string clientData;
            var    registerRequest           = RegistrationRequestToRegisterRequest(origin, registrationRequest, channelIdJson, out clientData, crypto);
            var    registerResponse          = key.Register(registerRequest);
            var    rawRegisterResponse       = RawMessageCodec.EncodeKeyRegisterResponse(registerResponse);
            var    rawRegisterResponseBase64 = WebSafeBase64Converter.ToBase64String(rawRegisterResponse);
            var    clientDataBase64          = WebSafeBase64Converter.ToBase64String(Encoding.UTF8.GetBytes(clientData));

            server.ProcessRegistrationResponse(
                new RegisterResponse(rawRegisterResponseBase64, clientDataBase64, registrationRequest.SessionId),
                clock.Now.ToUnixTimeMilliseconds());
        }