public void U2F_StartAuthentication()
        {
            RegisterResponse    registerResponse        = new RegisterResponse(TestConts.REGISTRATION_RESPONSE_DATA_BASE64, TestConts.CLIENT_DATA_REGISTER_BASE64);
            RawRegisterResponse rawAuthenticateResponse = RawRegisterResponse.FromBase64(registerResponse.RegistrationData);
            DeviceRegistration  deviceRegistration      = rawAuthenticateResponse.CreateDevice();

            var results = U2F.StartAuthentication(TestConts.APP_ID_ENROLL, deviceRegistration);

            Assert.IsNotNull(results);
            Assert.IsNotNull(results.AppId);
            Assert.IsNotNull(results.Challenge);
            Assert.IsNotNull(results.KeyHandle);
            Assert.IsNotNull(results.Version);
        }
        public List <ServerChallenge> GenerateServerChallenges(string userName)
        {
            if (string.IsNullOrWhiteSpace(userName))
            {
                return(null);
            }

            User user = _userRepository.FindUser(userName);

            if (user == null)
            {
                return(null);
            }

            // We only want to generate challenges for un-compromised devices
            List <Device> device = user.DeviceRegistrations.Where(w => w.IsCompromised == false).ToList();

            if (device.Count == 0)
            {
                return(null);
            }

            _userRepository.RemoveUsersAuthenticationRequests(userName);

            List <ServerChallenge> serverChallenges = new List <ServerChallenge>();

            foreach (var registeredDevice in device)
            {
                DeviceRegistration    registration          = new DeviceRegistration(registeredDevice.KeyHandle, registeredDevice.PublicKey, registeredDevice.AttestationCert, Convert.ToUInt32(registeredDevice.Counter));
                StartedAuthentication startedAuthentication = U2F.StartAuthentication(DemoAppId, registration);

                serverChallenges.Add(new ServerChallenge
                {
                    appId     = startedAuthentication.AppId,
                    challenge = startedAuthentication.Challenge,
                    keyHandle = startedAuthentication.KeyHandle,
                    version   = startedAuthentication.Version
                });

                _userRepository.SaveUserAuthenticationRequest(userName, startedAuthentication.AppId, startedAuthentication.Challenge,
                                                              startedAuthentication.KeyHandle);
            }

            return(serverChallenges);
        }
Exemplo n.º 3
0
        public static async Task AuthenticateAsync(IHidDevice hidDevice, DeviceRegistration deviceRegistration, string appId, string facet, bool checkOnly = false, CancellationToken?cancellationToken = null)
        {
            cancellationToken = cancellationToken ?? CancellationToken.None;

            if (hidDevice == null || !hidDevice.IsConnected)
            {
                throw new ArgumentException("Hid device not connected", nameof(hidDevice));
            }

            using (var u2fHidDevice = await U2FHidDevice.OpenAsync(hidDevice))
            {
                var startAuthentication = U2F.StartAuthentication(appId, deviceRegistration);

                Log.Debug("Touch token to authenticate");
                var authenticateResponse = await WaitForTokenInputAsync(() => U2Fv2.AuthenticateAsync(u2fHidDevice, startAuthentication, facet, checkOnly), cancellationToken.Value).ConfigureAwait(false);

                U2F.FinishAuthentication(startAuthentication, authenticateResponse, deviceRegistration);
                Log.Debug("Authenticated");
            }
        }
Exemplo n.º 4
0
        public ServerChallenge GenerateServerChallenge(string userName)
        {
            if (string.IsNullOrWhiteSpace(userName))
            {
                return(null);
            }

            User user = _userRepository.FindUser(userName);

            if (user == null)
            {
                return(null);
            }

            // TODO  this would have to change
            var device = user.DeviceRegistrations.FirstOrDefault();

            if (device == null)
            {
                return(null);
            }

            DeviceRegistration    registration          = new DeviceRegistration(device.KeyHandle, device.PublicKey, device.AttestationCert, device.Counter);
            StartedAuthentication startedAuthentication = U2F.StartAuthentication(DemoAppId, registration);

            _userRepository.SaveUserAuthenticationRequest(userName, startedAuthentication.AppId, startedAuthentication.Challenge,
                                                          startedAuthentication.KeyHandle);


            return(new ServerChallenge
            {
                AppId = startedAuthentication.AppId,
                Challenge = startedAuthentication.Challenge,
                KeyHandle = startedAuthentication.KeyHandle,
                Version = startedAuthentication.Version
            });
        }