public void U2F_FinishAuthentication()
{
StartedAuthentication startedAuthentication =
new StartedAuthentication(TestConts.SERVER_CHALLENGE_SIGN_BASE64, TestConts.APP_ID_ENROLL,
TestConts.KEY_HANDLE_BASE64);
AuthenticateResponse authenticateResponse = new AuthenticateResponse(TestConts.CLIENT_DATA_AUTHENTICATE_BASE64,
TestConts.SIGN_RESPONSE_DATA_BASE64,
TestConts.KEY_HANDLE_BASE64);
RegisterResponse registerResponse = new RegisterResponse(TestConts.REGISTRATION_RESPONSE_DATA_BASE64, TestConts.CLIENT_DATA_REGISTER_BASE64);
RawRegisterResponse rawAuthenticateResponse = RawRegisterResponse.FromBase64(registerResponse.RegistrationData);
DeviceRegistration deviceRegistration = rawAuthenticateResponse.CreateDevice();
uint orginalValue = deviceRegistration.Counter;
U2F.FinishAuthentication(startedAuthentication, authenticateResponse, deviceRegistration);
Assert.IsTrue(deviceRegistration.Counter != 0);
Assert.AreNotEqual(orginalValue, deviceRegistration.Counter);
}
public static async Task AuthenticateAsync(IHidDevice hidDevice, DeviceRegistration deviceRegistration, string appId, string facet, bool checkOnly = false, CancellationToken?cancellationToken = null)
{
cancellationToken = cancellationToken ?? CancellationToken.None;
if (hidDevice == null || !hidDevice.IsConnected)
{
throw new ArgumentException("Hid device not connected", nameof(hidDevice));
}
using (var u2fHidDevice = await U2FHidDevice.OpenAsync(hidDevice))
{
var startAuthentication = U2F.StartAuthentication(appId, deviceRegistration);
Log.Debug("Touch token to authenticate");
var authenticateResponse = await WaitForTokenInputAsync(() => U2Fv2.AuthenticateAsync(u2fHidDevice, startAuthentication, facet, checkOnly), cancellationToken.Value).ConfigureAwait(false);
U2F.FinishAuthentication(startAuthentication, authenticateResponse, deviceRegistration);
Log.Debug("Authenticated");
}
}
public void U2F_FinishAuthentication()
{
StartedAuthentication startedAuthentication = new StartedAuthentication(
TestConts.SERVER_CHALLENGE_SIGN_BASE64,
TestConts.APP_SIGN_ID,
TestConts.KEY_HANDLE_BASE64);
AuthenticateResponse authenticateResponse = new AuthenticateResponse(
TestConts.CLIENT_DATA_AUTHENTICATE_BASE64,
TestConts.SIGN_RESPONSE_DATA_BASE64,
TestConts.KEY_HANDLE_BASE64);
DeviceRegistration deviceRegistration = new DeviceRegistration(TestConts.KEY_HANDLE_BASE64_BYTE, TestConts.USER_PUBLIC_KEY_AUTHENTICATE_HEX,
Utils.Base64StringToByteArray(TestConts.ATTESTATION_CERTIFICATE), 0);
uint orginalValue = deviceRegistration.Counter;
U2F.FinishAuthentication(startedAuthentication, authenticateResponse, deviceRegistration);
Assert.IsTrue(deviceRegistration.Counter != 0);
Assert.AreNotEqual(orginalValue, deviceRegistration.Counter);
}
public bool AuthenticateUser(string userName, string deviceResponse)
{
if (string.IsNullOrWhiteSpace(userName) || string.IsNullOrWhiteSpace(deviceResponse))
{
return(false);
}
User user = _userRepository.FindUser(userName);
if (user == null)
{
return(false);
}
AuthenticateResponse authenticateResponse = AuthenticateResponse.FromJson <AuthenticateResponse>(deviceResponse);
var device = user.DeviceRegistrations.FirstOrDefault(f => f.KeyHandle.SequenceEqual(Utils.Base64StringToByteArray(authenticateResponse.KeyHandle)));
if (device == null || user.AuthenticationRequest == null)
{
return(false);
}
// User will have a authentication request for each device they have registered so get the one that matches the device key handle
AuthenticationRequest authenticationRequest = user.AuthenticationRequest.First(f => f.KeyHandle.Equals(authenticateResponse.KeyHandle));
DeviceRegistration registration = new DeviceRegistration(device.KeyHandle, device.PublicKey, device.AttestationCert, Convert.ToUInt32(device.Counter));
StartedAuthentication authentication = new StartedAuthentication(authenticationRequest.Challenge, authenticationRequest.AppId, authenticationRequest.KeyHandle);
U2F.FinishAuthentication(authentication, authenticateResponse, registration);
_userRepository.RemoveUsersAuthenticationRequests(user.Name);
_userRepository.UpdateDeviceCounter(user.Name, device.PublicKey, registration.Counter);
return(true);
}
public bool AuthenticateUser(string userName, string deviceResponse)
{
if (string.IsNullOrWhiteSpace(userName) || string.IsNullOrWhiteSpace(deviceResponse))
{
return(false);
}
User user = _userRepository.FindUser(userName);
if (user == null)
{
return(false);
}
AuthenticateResponse authenticateResponse = AuthenticateResponse.FromJson(deviceResponse);
byte[] keyHandle = Base64StringToByteArray(authenticateResponse.KeyHandle);
var device = user.DeviceRegistrations.FirstOrDefault();
if (device == null || user.AuthenticationRequest == null)
{
return(false);
}
DeviceRegistration registration = new DeviceRegistration(device.KeyHandle, device.PublicKey, device.AttestationCert, device.Counter);
StartedAuthentication authentication = new StartedAuthentication(user.AuthenticationRequest.Challenge, user.AuthenticationRequest.AppId, user.AuthenticationRequest.KeyHandle);
U2F.FinishAuthentication(authentication, authenticateResponse, registration);
_userRepository.RemoveUsersAuthenticationRequest(user.Name);
_userRepository.UpdateDeviceCounter(user.Name, device.PublicKey, registration.Counter);
return(true);
}