public virtual void TestEncodeRegisterRequest() { var registerRequest = new KeyRegisterRequest(APP_ID_ENROLL_SHA256, BROWSER_DATA_ENROLL_SHA256); var encodedBytes = RawMessageCodec.EncodeKeyRegisterRequest(registerRequest); CollectionAssert.AreEqual(REGISTRATION_REQUEST_DATA, encodedBytes); }
async Task <RegisterOperationResult?> TryOneRequest(IKey key, KeyRegisterRequest request, CancellationToken cancellationToken) { try { var result = await key.RegisterAsync(request, cancellationToken); log.Info(result.Status.ToString()); switch (result.Status) { case KeyResponseStatus.Success: return(RegisterOperationResult.Success(request, result.Data)); } } catch (KeyGoneException) { // No sense in continuing with this signer, the key isn't physically present anymore log.DebugFormat("Key '{0}' is gone", keyId); throw; } catch (TaskCanceledException) { // Let cancellation bubble up throw; } catch (KeyBusyException) { // Maybe it won't be busy later } catch (Exception exception) { log.Error("Authenticate request failed", exception); } return(null); }
public KeyRegisterResponse Register(KeyRegisterRequest keyRegisterRequest) { while (true) { var result = key.RegisterAsync(keyRegisterRequest).Result; switch (result.Status) { case KeyResponseStatus.Success: Debug.Assert(result.Data != null, "no data for success"); return(result.Data); case KeyResponseStatus.TestOfuserPresenceRequired: Console.WriteLine("User presence required"); Thread.Sleep(100); continue; case KeyResponseStatus.Failure: throw new U2FException("Failure"); default: throw new ArgumentOutOfRangeException(); } } }
public virtual void TestDecodeRegisterRequest() { KeyRegisterRequest keyRegisterRequest = RawMessageCodec .DecodeKeyRegisterRequest(REGISTRATION_REQUEST_DATA); Assert.AreEqual(new KeyRegisterRequest(APP_ID_ENROLL_SHA256 , BROWSER_DATA_ENROLL_SHA256), keyRegisterRequest); }
public async Task <KeyResponse <KeyRegisterResponse> > RegisterAsync(KeyRegisterRequest request, CancellationToken cancellationToken = new CancellationToken(), bool invididualAttestation = false) { var flags = invididualAttestation ? EnforceUserPresenceAndSign | InteractionFlags.AttestWithDeviceKey : EnforceUserPresenceAndSign; var message = ApduMessageCodec.EncodeRegisterRequest(new KeyRequest <KeyRegisterRequest>(request, flags)); var response = await QueryApduAsync(message, cancellationToken); return(ApduMessageCodec.DecodeRegisterReponse(response)); }
public Task <KeyResponse <KeyRegisterResponse> > RegisterAsync(KeyRegisterRequest request, CancellationToken cancellationToken = new CancellationToken(), bool invididualAttestation = false) { if (request == null) { throw new ArgumentNullException(nameof(request)); } log.Info(">> register"); var applicationSha256 = request.ApplicationSha256; var challengeSha256 = request.ChallengeSha256; log.Info(" -- Inputs --"); log.Info(" applicationSha256: " + applicationSha256.ToHexString()); log.Info(" challengeSha256: " + challengeSha256.ToHexString()); var userPresent = userPresenceVerifier.VerifyUserPresence(); if ((userPresent & UserPresenceVerifierConstants.UserPresentFlag) == 0) { return(TestOfUserPresenceRequired <KeyRegisterResponse>()); } var keyPair = keyPairGenerator.GenerateKeyPair(applicationSha256, challengeSha256); var keyHandle = keyHandleGenerator.GenerateKeyHandle(applicationSha256, keyPair); dataStore.StoreKeyPair(keyHandle, keyPair); var userPublicKey = keyPairGenerator.EncodePublicKey(keyPair.PublicKey); var signedData = RawMessageCodec.EncodeKeyRegisterSignedBytes(applicationSha256, challengeSha256, keyHandle, userPublicKey); log.Info("Signing bytes " + signedData.ToHexString()); var signature = crypto.Sign(signedData, certificatePrivateKey); log.Info(" -- Outputs --"); log.Info(" userPublicKey: " + userPublicKey.ToHexString()); log.Info(" keyHandle: " + keyHandle.ToHexString()); log.Info(" vendorCertificate: " + vendorCertificate); log.Info(" signature: " + signature.ToHexString()); log.Info("<< register"); var response = new KeyRegisterResponse(userPublicKey, keyHandle, vendorCertificate, signature); var responseData = RawMessageCodec.EncodeKeyRegisterResponse(response).Segment(); var apdu = new ApduResponse(ApduResponseStatus.NoError, responseData); var keyResponse = new KeyResponse <KeyRegisterResponse>(apdu, response, KeyResponseStatus.Success); return(TaskEx.FromResult(keyResponse)); }
public virtual void TestRegister() { var registerRequest = new KeyRegisterRequest(APP_ID_ENROLL_SHA256, BROWSER_DATA_ENROLL_SHA256); var registerResponse = u2FKey.Register(registerRequest); mockDataStore.Verify(x => x.StoreKeyPair(KEY_HANDLE, USER_KEY_PAIR_ENROLL)); CollectionAssert.AreEqual(USER_PUBLIC_KEY_ENROLL_HEX, registerResponse.UserPublicKey); Assert.AreEqual(VENDOR_CERTIFICATE, registerResponse.AttestationCertificate); CollectionAssert.AreEqual(KEY_HANDLE, registerResponse.KeyHandle); var ecdsaSignature = SignerUtilities.GetSigner("SHA-256withECDSA"); ecdsaSignature.Init(false, VENDOR_CERTIFICATE.GetPublicKey()); ecdsaSignature.BlockUpdate(EXPECTED_REGISTER_SIGNED_BYTES, 0, EXPECTED_REGISTER_SIGNED_BYTES.Length); Assert.IsTrue(ecdsaSignature.VerifySignature(registerResponse.Signature)); }
public static byte[] EncodeKeyRegisterRequest([NotNull] KeyRegisterRequest keyRegisterRequest) { if (keyRegisterRequest == null) { throw new ArgumentNullException(nameof(keyRegisterRequest)); } var appIdSha256 = keyRegisterRequest.ApplicationSha256; var challengeSha256 = keyRegisterRequest.ChallengeSha256; var result = new byte[appIdSha256.Length + challengeSha256.Length]; using (var writer = new EndianWriter(new MemoryStream(result), Endianness.BigEndian)) { writer.Write(challengeSha256); writer.Write(appIdSha256); } return(result); }
/// <exception cref="U2FException" /> public KeyRegisterResponse Register(KeyRegisterRequest keyRegisterRequest) { if (keyRegisterRequest == null) { throw new ArgumentNullException(nameof(keyRegisterRequest)); } log.Info(">> register"); var applicationSha256 = keyRegisterRequest.ApplicationSha256; var challengeSha256 = keyRegisterRequest.ChallengeSha256; log.Info(" -- Inputs --"); log.Info(" applicationSha256: " + applicationSha256.ToHexString()); log.Info(" challengeSha256: " + challengeSha256.ToHexString()); var userPresent = userPresenceVerifier.VerifyUserPresence(); if ((userPresent & UserPresenceVerifierConstants.UserPresentFlag) == 0) { throw new U2FException("Cannot verify user presence"); } var keyPair = keyPairGenerator.GenerateKeyPair(applicationSha256, challengeSha256); var keyHandle = keyHandleGenerator.GenerateKeyHandle(applicationSha256, keyPair); dataStore.StoreKeyPair(keyHandle, keyPair); var userPublicKey = keyPairGenerator.EncodePublicKey(keyPair.PublicKey); var signedData = RawMessageCodec.EncodeKeyRegisterSignedBytes(applicationSha256, challengeSha256, keyHandle, userPublicKey); log.Info("Signing bytes " + signedData.ToHexString()); var signature = crypto.Sign(signedData, certificatePrivateKey); log.Info(" -- Outputs --"); log.Info(" userPublicKey: " + userPublicKey.ToHexString()); log.Info(" keyHandle: " + keyHandle.ToHexString()); log.Info(" vendorCertificate: " + vendorCertificate); log.Info(" signature: " + signature.ToHexString()); log.Info("<< register"); return(new KeyRegisterResponse(userPublicKey, keyHandle, vendorCertificate, signature)); }
/// <exception cref="System.IO.IOException"/> /// <exception cref="U2FException"/> public static void SendRegisterRequest(Stream outputStream, KeyRegisterRequest keyRegisterRequest) { SendRequest(outputStream, CommandRegister, RawMessageCodec. EncodeKeyRegisterRequest(keyRegisterRequest)); }
public RegisterInfo(RegisterRequest registerRequest, string clientDataBase64, KeyRegisterRequest keyRegisterRequest) { RegisterRequest = registerRequest; ClientDataBase64 = clientDataBase64; KeyRegisterRequest = keyRegisterRequest; }
public static RegisterOperationResult Success(KeyRegisterRequest request, KeyRegisterResponse response) { return(new RegisterOperationResult(KeyResponseStatus.Success, request, response)); }
private RegisterOperationResult(KeyResponseStatus status, KeyRegisterRequest request, KeyRegisterResponse response) { Status = status; Request = request; Response = response; }