public void FinishRegistration_UntrustedOrigin_Throws(string origin)
        {
            var fido = new FidoUniversalTwoFactor();
            var startedRegistration = fido.StartRegistration(TestVectors.AppIdEnroll);

            var registerResponse = GetValidRegisterResponse();

            registerResponse.ClientData.Origin = origin;

            Assert.Throws <InvalidOperationException>(() => fido.FinishRegistration(startedRegistration, registerResponse, TestVectors.TrustedDomains));
        }
        public void FinishRegistration_IncorrectType_Throws()
        {
            var fido = new FidoUniversalTwoFactor();
            var startedRegistration = fido.StartRegistration(TestVectors.AppIdEnroll);

            var registerResponse = GetValidRegisterResponse();

            registerResponse.ClientData.Type = "incorrect type";

            Assert.Throws <InvalidOperationException>(() => fido.FinishRegistration(startedRegistration, registerResponse, TestVectors.TrustedDomains));
        }
        public void FinishRegistration_IncorrectChallenge_Throws()
        {
            var fido = new FidoUniversalTwoFactor();
            var startedRegistration = fido.StartRegistration(TestVectors.AppIdEnroll);

            var registerResponse = GetValidRegisterResponse();

            registerResponse.ClientData.Challenge =
                WebSafeBase64Converter.ToBase64String(Encoding.Default.GetBytes("incorrect challenge"));

            Assert.Throws <InvalidOperationException>(() => fido.FinishRegistration(startedRegistration, registerResponse, TestVectors.TrustedDomains));
        }
        public void FinishRegistration_RegisterResponse_Works()
        {
            var fido = new FidoUniversalTwoFactor();
            var startedRegistration = fido.StartRegistration(TestVectors.AppIdEnroll);

            startedRegistration.Challenge = TestVectors.ServerChallengeRegisterBase64;

            var registerResponse = GetValidRegisterResponse();
            var registrationData = registerResponse.RegistrationData;

            var deviceRegistration = fido.FinishRegistration(startedRegistration, registerResponse, TestVectors.TrustedDomains);

            Assert.IsNotNull(deviceRegistration);
            Assert.AreEqual(deviceRegistration.Certificate.RawData, registrationData.AttestationCertificate.RawData);
            Assert.AreEqual(deviceRegistration.KeyHandle, registrationData.KeyHandle);
        }
        public void StartRegistration()
        {
            var randomChallenge = Encoding.Default.GetBytes("random challenge");

            var mockGenerateChallenge = new Mock <IGenerateFidoChallenge>();

            mockGenerateChallenge.Setup(x => x.GenerateChallenge()).Returns(randomChallenge);

            var fido = new FidoUniversalTwoFactor(mockGenerateChallenge.Object);
            var startedRegistration = fido.StartRegistration(TestVectors.AppIdEnroll);

            mockGenerateChallenge.Verify(x => x.GenerateChallenge(), Times.Once);

            Assert.AreEqual(TestVectors.AppIdEnroll, startedRegistration.AppId.ToString());
            Assert.AreEqual(randomChallenge, WebSafeBase64Converter.FromBase64String(startedRegistration.Challenge));
        }
Пример #6
0
        public ActionResult TESTREG()
        {
            var u2f   = new FidoUniversalTwoFactor();
            var appId = new FidoAppId(Request.Url);
            var startedRegistration = u2f.StartRegistration(appId);

            GetFidoRepository().StoreStartedRegistration(GetCurrentUser(), startedRegistration);

            var model = new RegisterNewDeviceViewModel
            {
                AppId     = startedRegistration.AppId.ToString(),
                Challenge = startedRegistration.Challenge,
                UserName  = GetCurrentUser()
            };

            return(View(model));
        }
Пример #7
0
        public ActionResult Register(NewUserViewModel newUserModel)
        {
            var u2f   = new FidoUniversalTwoFactor();
            var appId = new FidoAppId(Request.Url);
            var startedRegistration = u2f.StartRegistration(appId);


            GetFidoRepository().StoreStartedRegistration(newUserModel.UserName, startedRegistration);

            var model = new RegisterNewDeviceViewModel
            {
                AppId     = startedRegistration.AppId.ToString(),
                Challenge = startedRegistration.Challenge,
                UserName  = newUserModel.UserName,
                Email     = newUserModel.Email
            };

            return(View(model));
        }
Пример #8
0
        public RegisterDeviceModel GetRegistrationModel()
        {
            var u2F = new FidoUniversalTwoFactor();
            var startedRegistration = u2F.StartRegistration(AppId);

            var model = new RegisterDeviceModel
            {
                AppId     = startedRegistration.AppId.ToString(),
                Challenge = startedRegistration.Challenge
            };

            if (App.CurrentUser.Devices.Any())
            {
                model.RegisteredKeys.AddRange(App.CurrentUser.Devices.Select(x => x.Identifier).ToList());
            }

            App.AddRegistration(model.Challenge, startedRegistration);
            return(model);
        }
        public void FinishRegistration_JsonRegisterResponse_Works()
        {
            var challenge = WebSafeBase64Converter.FromBase64String(TestVectors.ServerChallengeRegisterBase64);

            var mockGenerateChallenge = new Mock <IGenerateFidoChallenge>();

            mockGenerateChallenge.Setup(x => x.GenerateChallenge()).Returns(challenge);

            var fido = new FidoUniversalTwoFactor();
            var startedRegistration = fido.StartRegistration(TestVectors.AppIdEnroll);

            startedRegistration.Challenge = TestVectors.ServerChallengeRegisterBase64;

            var registerResponse = GetValidRegisterResponse();
            var registrationData = registerResponse.RegistrationData;

            var jsonValue          = registerResponse.ToJson();
            var deviceRegistration = fido.FinishRegistration(startedRegistration, jsonValue, TestVectors.TrustedDomains);

            Assert.IsNotNull(deviceRegistration);
            Assert.AreEqual(deviceRegistration.Certificate.RawData, registrationData.AttestationCertificate.RawData);
            Assert.AreEqual(deviceRegistration.KeyHandle, registrationData.KeyHandle);
        }
        public void StartRegistration()
        {
            var randomChallenge = Encoding.Default.GetBytes("random challenge");

            var mockGenerateChallenge = new Mock<IGenerateFidoChallenge>();
            mockGenerateChallenge.Setup(x => x.GenerateChallenge()).Returns(randomChallenge);

            var fido = new FidoUniversalTwoFactor(mockGenerateChallenge.Object);
            var startedRegistration = fido.StartRegistration(TestVectors.AppIdEnroll);

            mockGenerateChallenge.Verify(x => x.GenerateChallenge(), Times.Once);

            Assert.AreEqual(TestVectors.AppIdEnroll, startedRegistration.AppId.ToString());
            Assert.AreEqual(randomChallenge, WebSafeBase64Converter.FromBase64String(startedRegistration.Challenge));
        }
        public void FinishRegistration_UntrustedOrigin_Throws(string origin)
        {
            var fido = new FidoUniversalTwoFactor();
            var startedRegistration = fido.StartRegistration(TestVectors.AppIdEnroll);

            var registerResponse = GetValidRegisterResponse();
            registerResponse.ClientData.Origin = origin;

            Assert.Throws<InvalidOperationException>(() => fido.FinishRegistration(startedRegistration, registerResponse, TestVectors.TrustedDomains));
        }
        public void FinishRegistration_RegisterResponse_Works()
        {
            var fido = new FidoUniversalTwoFactor();
            var startedRegistration = fido.StartRegistration(TestVectors.AppIdEnroll);
            startedRegistration.Challenge = TestVectors.ServerChallengeRegisterBase64;

            var registerResponse = GetValidRegisterResponse();
            var registrationData = registerResponse.RegistrationData;

            var deviceRegistration = fido.FinishRegistration(startedRegistration, registerResponse, TestVectors.TrustedDomains);
            Assert.IsNotNull(deviceRegistration);
            Assert.AreEqual(deviceRegistration.Certificate.RawData, registrationData.AttestationCertificate.RawData);
            Assert.AreEqual(deviceRegistration.KeyHandle, registrationData.KeyHandle);
        }
        public void FinishRegistration_JsonRegisterResponse_Works()
        {
            var challenge = WebSafeBase64Converter.FromBase64String(TestVectors.ServerChallengeRegisterBase64);

            var mockGenerateChallenge = new Mock<IGenerateFidoChallenge>();
            mockGenerateChallenge.Setup(x => x.GenerateChallenge()).Returns(challenge);

            var fido = new FidoUniversalTwoFactor();
            var startedRegistration = fido.StartRegistration(TestVectors.AppIdEnroll);
            startedRegistration.Challenge = TestVectors.ServerChallengeRegisterBase64;

            var registerResponse = GetValidRegisterResponse();
            var registrationData = registerResponse.RegistrationData;

            var jsonValue = registerResponse.ToJson();
            var deviceRegistration = fido.FinishRegistration(startedRegistration, jsonValue, TestVectors.TrustedDomains);
            Assert.IsNotNull(deviceRegistration);
            Assert.AreEqual(deviceRegistration.Certificate.RawData, registrationData.AttestationCertificate.RawData);
            Assert.AreEqual(deviceRegistration.KeyHandle, registrationData.KeyHandle);
        }
        public void FinishRegistration_IncorrectType_Throws()
        {
            var fido = new FidoUniversalTwoFactor();
            var startedRegistration = fido.StartRegistration(TestVectors.AppIdEnroll);

            var registerResponse = GetValidRegisterResponse();
            registerResponse.ClientData.Type = "incorrect type";

            Assert.Throws<InvalidOperationException>(() => fido.FinishRegistration(startedRegistration, registerResponse, TestVectors.TrustedDomains));
        }
        public void FinishRegistration_IncorrectChallenge_Throws()
        {
            var fido = new FidoUniversalTwoFactor();
            var startedRegistration = fido.StartRegistration(TestVectors.AppIdEnroll);

            var registerResponse = GetValidRegisterResponse();
            registerResponse.ClientData.Challenge =
                WebSafeBase64Converter.ToBase64String(Encoding.Default.GetBytes("incorrect challenge"));

            Assert.Throws<InvalidOperationException>(() => fido.FinishRegistration(startedRegistration, registerResponse, TestVectors.TrustedDomains));
        }
Пример #16
0
        public ActionResult Register()
        {
            var u2f = new FidoUniversalTwoFactor();
            var appId = new FidoAppId(Request.Url);
            var startedRegistration = u2f.StartRegistration(appId);

            GetFidoRepository().StoreStartedRegistration(GetCurrentUser(), startedRegistration);

            var model = new RegisterNewDeviceViewModel
            {
                AppId = startedRegistration.AppId.ToString(),
                Challenge = startedRegistration.Challenge,
                UserName = GetCurrentUser()
            };

            return View(model);
        }