public RawAuthenticatorMakeCredentialOptions(AuthenticatorMakeCredentialOptions makeOptions) { ExcludeCredentialsList = new RawCredentialsList(makeOptions.ExcludeCredentials); if (makeOptions.ExcludeCredentialsEx?.Count > 0) { _excludeCredentialsExList = new RawCredentialExList(makeOptions.ExcludeCredentialsEx); ExcludeCredentialsExListPtr = Marshal.AllocHGlobal(Marshal.SizeOf<RawCredentialExList>()); Marshal.StructureToPtr(_excludeCredentialsExList, ExcludeCredentialsExListPtr, false); } CancellationId = IntPtr.Zero; if (makeOptions.CancellationId.HasValue) { CancellationId = Marshal.AllocHGlobal(Marshal.SizeOf<Guid>()); Marshal.StructureToPtr(makeOptions.CancellationId.Value, CancellationId, false); } TimeoutMilliseconds = makeOptions.TimeoutMilliseconds; AuthenticatorAttachment = makeOptions.AuthenticatorAttachment; UserVerificationRequirement = makeOptions.UserVerificationRequirement; AttestationConveyancePreference = makeOptions.AttestationConveyancePreference; RequireResidentKey = makeOptions.RequireResidentKey; Extensions = new RawWebauthnExtensions { Count = 0, Extensions = IntPtr.Zero }; //TODO }
public RawAuthenticatorGetAssertionOptions(AuthenticatorGetAssertionOptions getOptions) { AllowCredentialsList = new RawCredentialsList(getOptions.AllowedCredentials); if (getOptions.AllowedCredentialsEx?.Count > 0) { _allowedCredentialsExList = new RawCredentialExList(getOptions.AllowedCredentialsEx); AllowCredentialsExListPtr = Marshal.AllocHGlobal(Marshal.SizeOf <RawCredentialExList>()); Marshal.StructureToPtr(_allowedCredentialsExList, AllowCredentialsExListPtr, false); } CancellationId = IntPtr.Zero; if (getOptions.CancellationId.HasValue) { CancellationId = Marshal.AllocHGlobal(Marshal.SizeOf <Guid>()); Marshal.StructureToPtr(getOptions.CancellationId.Value, CancellationId, false); } U2fAppId = getOptions.U2fAppId; U2fAppIdUsedBoolPtr = Marshal.AllocHGlobal(Marshal.SizeOf <bool>()); TimeoutMilliseconds = getOptions.TimeoutMilliseconds; AuthenticatorAttachment = getOptions.AuthenticatorAttachment; UserVerificationRequirement = getOptions.UserVerificationRequirement; Extensions = new RawWebauthnExtensions { Count = 0, Extensions = IntPtr.Zero }; //TODO }
public JsonResult MakeCredentialOptions([FromForm] string username, [FromForm] string attType, [FromForm] string authType, [FromForm] bool requireResidentKey, [FromForm] string userVerification) { try { // 1. Get user from DB by username (in our example, auto create missing users) var user = DemoStorage.GetOrAddUser(username, () => new User { DisplayName = "Display " + username, Name = username, Id = Encoding.UTF8.GetBytes(username) // byte representation of userID is required }); // 2. Get user existing keys by username List <PublicKeyCredentialDescriptor> existingKeys = DemoStorage.GetCredentialsByUser(user).Select(c => c.Descriptor).ToList(); // 3. Create options var authenticatorSelection = new AuthenticatorSelection { AuthenticatorAttachment = !string.IsNullOrEmpty(authType) ? AuthenticatorAttachment.Parse(authType) : null, RequireResidentKey = requireResidentKey, UserVerification = UserVerificationRequirement.Parse(userVerification) }; var options = _lib.RequestNewCredential(user, existingKeys, authenticatorSelection, AttestationConveyancePreference.Parse(attType)); // 4. Temporarily store options, session/in-memory cache/redis/db HttpContext.Session.SetString("fido2.attestationOptions", options.ToJson()); // 5. return options to client return(Json(options)); } catch (Exception e) { return(Json(new CredentialCreateOptions { Status = "error", ErrorMessage = FormatException(e) })); } }
public InitiateAuthenticatorDeviceEnrollmentCommand(AuthenticatorAttachment authenticatorAttachment) { this.AuthenticatorAttachment = authenticatorAttachment; }
/// <summary> /// Create on database the new FIDO2 Key for the user. /// </summary> public async Task CreateFido2Key(Guid userId, string name, string credentialId, string publicKey, long signatureCounter, PublicKeyCredentialType credentialType, AuthenticatorAttachment authenticatorType, string transports) { using (var connection = new SqlConnection(ConnectionString)) { await connection.ExecuteAsync( $"[{Schema}].[Fido2Key_Create]", new { Id = CoreHelpers.GenerateComb(), UserId = userId, Name = name, CredentialId = credentialId, PublicKey = publicKey, SignatureCounter = signatureCounter, CredentialType = credentialType, AuthenticatorType = authenticatorType, Transports = transports, CreationDate = DateTime.UtcNow }, commandType : CommandType.StoredProcedure); } }