public void U2F_StartAuthentication() { RegisterResponse registerResponse = new RegisterResponse(TestConts.REGISTRATION_RESPONSE_DATA_BASE64, TestConts.CLIENT_DATA_REGISTER_BASE64); RawRegisterResponse rawAuthenticateResponse = RawRegisterResponse.FromBase64(registerResponse.RegistrationData); DeviceRegistration deviceRegistration = rawAuthenticateResponse.CreateDevice(); var results = U2F.StartAuthentication(TestConts.APP_ID_ENROLL, deviceRegistration); Assert.IsNotNull(results); Assert.IsNotNull(results.AppId); Assert.IsNotNull(results.Challenge); Assert.IsNotNull(results.KeyHandle); Assert.IsNotNull(results.Version); }
public List <ServerChallenge> GenerateServerChallenges(string userName) { if (string.IsNullOrWhiteSpace(userName)) { return(null); } User user = _userRepository.FindUser(userName); if (user == null) { return(null); } // We only want to generate challenges for un-compromised devices List <Device> device = user.DeviceRegistrations.Where(w => w.IsCompromised == false).ToList(); if (device.Count == 0) { return(null); } _userRepository.RemoveUsersAuthenticationRequests(userName); List <ServerChallenge> serverChallenges = new List <ServerChallenge>(); foreach (var registeredDevice in device) { DeviceRegistration registration = new DeviceRegistration(registeredDevice.KeyHandle, registeredDevice.PublicKey, registeredDevice.AttestationCert, Convert.ToUInt32(registeredDevice.Counter)); StartedAuthentication startedAuthentication = U2F.StartAuthentication(DemoAppId, registration); serverChallenges.Add(new ServerChallenge { appId = startedAuthentication.AppId, challenge = startedAuthentication.Challenge, keyHandle = startedAuthentication.KeyHandle, version = startedAuthentication.Version }); _userRepository.SaveUserAuthenticationRequest(userName, startedAuthentication.AppId, startedAuthentication.Challenge, startedAuthentication.KeyHandle); } return(serverChallenges); }
public static async Task AuthenticateAsync(IHidDevice hidDevice, DeviceRegistration deviceRegistration, string appId, string facet, bool checkOnly = false, CancellationToken?cancellationToken = null) { cancellationToken = cancellationToken ?? CancellationToken.None; if (hidDevice == null || !hidDevice.IsConnected) { throw new ArgumentException("Hid device not connected", nameof(hidDevice)); } using (var u2fHidDevice = await U2FHidDevice.OpenAsync(hidDevice)) { var startAuthentication = U2F.StartAuthentication(appId, deviceRegistration); Log.Debug("Touch token to authenticate"); var authenticateResponse = await WaitForTokenInputAsync(() => U2Fv2.AuthenticateAsync(u2fHidDevice, startAuthentication, facet, checkOnly), cancellationToken.Value).ConfigureAwait(false); U2F.FinishAuthentication(startAuthentication, authenticateResponse, deviceRegistration); Log.Debug("Authenticated"); } }
public ServerChallenge GenerateServerChallenge(string userName) { if (string.IsNullOrWhiteSpace(userName)) { return(null); } User user = _userRepository.FindUser(userName); if (user == null) { return(null); } // TODO this would have to change var device = user.DeviceRegistrations.FirstOrDefault(); if (device == null) { return(null); } DeviceRegistration registration = new DeviceRegistration(device.KeyHandle, device.PublicKey, device.AttestationCert, device.Counter); StartedAuthentication startedAuthentication = U2F.StartAuthentication(DemoAppId, registration); _userRepository.SaveUserAuthenticationRequest(userName, startedAuthentication.AppId, startedAuthentication.Challenge, startedAuthentication.KeyHandle); return(new ServerChallenge { AppId = startedAuthentication.AppId, Challenge = startedAuthentication.Challenge, KeyHandle = startedAuthentication.KeyHandle, Version = startedAuthentication.Version }); }