Exemplo n.º 1
0
        public static void ImportExport()
        {
            using (RSA rsa = new RSACng())
            {
                rsa.ImportParameters(TestData.TestRsaKeyPair);
                RSAParameters reExported;

                // This is the current 4.6 behavior.
                Assert.Throws<CryptographicException>(() => reExported = rsa.ExportParameters(includePrivateParameters: true));
                //AssertRSAParametersEquals(TestData.TestRsaKeyPair, reExported);
            }
        }
Exemplo n.º 2
0
 public static void ImportExportPublicOnly()
 {
     using (RSA rsa = new RSACng())
     {
         rsa.ImportParameters(TestData.TestRsaKeyPair);
         RSAParameters reExported = rsa.ExportParameters(includePrivateParameters: false);
         Assert.Null(reExported.D);
         Assert.Null(reExported.DP);
         Assert.Null(reExported.DQ);
         Assert.Null(reExported.InverseQ);
         Assert.Null(reExported.P);
         Assert.Null(reExported.Q);
         Assert.Equal<byte>(TestData.TestRsaKeyPair.Exponent, reExported.Exponent);
         Assert.Equal<byte>(TestData.TestRsaKeyPair.Modulus, reExported.Modulus);
     }
 }
        public async Task<bool> SubmitResponse(SignatureMessage message)
        {
            bool retval = false;

            try
            {
                string challenge;
                JsonWebKey publicKey = _credentialService.GetPublicKeyForUser(message.UserId, message.PublicKeyHint, out challenge);

                var decodedClientData = message.ClientData.Rfc4648Base64UrlDecode();
                var decodedAuthnrData = message.AuthnrData.Rfc4648Base64UrlDecode();

                var clientDataJson = Encoding.UTF8.GetString(decodedClientData);
                var clientData = JsonConvert.DeserializeObject<ClientData>(clientDataJson);
                if (clientData.Challenge != challenge) return false;
                
                var sha256 = SHA256.Create();
                var hashedClientData = sha256.ComputeHash(decodedClientData);
                var buffer = new byte[decodedAuthnrData.Length + hashedClientData.Length];
                decodedAuthnrData.CopyTo(buffer, 0);
                hashedClientData.CopyTo(buffer, decodedAuthnrData.Length);

                var publicKeyInfo = new RSAParameters();
                publicKeyInfo.Modulus = publicKey.N.Rfc4648Base64UrlDecode();
                publicKeyInfo.Exponent = publicKey.E.Rfc4648Base64UrlDecode();
                var rsa = new RSACng();
                rsa.ImportParameters(publicKeyInfo);

                byte[] signature = message.Signature.Rfc4648Base64UrlDecode();
                retval = rsa.VerifyData(buffer, signature, HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1);
                if (retval)
                {
                    var user = _signInService.FindBySubject(message.UserId);
                    await IssueCookie(user, "idsvr", "fido");
                }
            }
            catch (Exception)
            { }
            
            return retval;
        }