public async Task Sign() { var keySignRequests = new[] { new KeySignRequest(U2FVersion.V2, BROWSER_DATA_SIGN_SHA256, APP_ID_SIGN_SHA256, KEY_HANDLE) }; keyOperations .Setup( x => x.SignAsync( It.Is<ICollection<KeySignRequest>>(reqs => reqs.SequenceEqual(keySignRequests)), It.IsAny<CancellationToken>(), false)) .Returns( (ICollection<KeySignRequest> reqs, CancellationToken ct, bool individualAttest) => Task.FromResult( SignOperationResult.Success( reqs.Single(), new KeySignResponse( UserPresenceVerifierConstants.UserPresentFlag, COUNTER_VALUE, SIGNATURE_AUTHENTICATE)))); var signRequest = new SignRequest(U2FConsts.U2Fv2, SERVER_CHALLENGE_SIGN_BASE64, APP_ID_SIGN, KEY_HANDLE_BASE64, SESSION_ID); var result = await u2FClient.Sign(new[] {signRequest}, CancellationToken.None); Assert.AreEqual(new SignResponse (BROWSER_DATA_SIGN_BASE64, SIGN_RESPONSE_DATA_BASE64, SERVER_CHALLENGE_SIGN_BASE64 , SESSION_ID, APP_ID_SIGN), result); }
public static KeySignRequest SignRequestToAuthenticateRequest(string origin, SignRequest signRequest, JObject channelIdJson, out string clientData, IClientCrypto crypto) { clientData = ClientDataCodec.EncodeClientData(ClientDataCodec.RequestTypeAuthenticate, signRequest.Challenge, origin, channelIdJson); var clientDataSha256 = crypto.ComputeSha256(clientData); var appIdSha256 = crypto.ComputeSha256(signRequest.AppId); var keyHandle = WebSafeBase64Converter.FromBase64String(signRequest.KeyHandle); return new KeySignRequest(U2FVersion.V2, clientDataSha256, appIdSha256, keyHandle); }
public virtual void TestAuthenticate() { var signRequest = new SignRequest(U2FConsts.U2Fv2, SERVER_CHALLENGE_SIGN_BASE64, APP_ID_SIGN, KEY_HANDLE_BASE64, SESSION_ID); mockU2FServer.Setup(x => x.GetSignRequests(ACCOUNT_NAME, ORIGIN)) .Returns(new[] { signRequest }); mockOriginVerifier.Setup(x => x.ValidateOrigin(APP_ID_SIGN, ORIGIN)); mockU2FKey.Setup(x => x.Authenticate(new KeySignRequest(U2FVersion.V2, BROWSER_DATA_SIGN_SHA256, APP_ID_SIGN_SHA256, KEY_HANDLE))) .Returns(new KeySignResponse(UserPresenceVerifierConstants.UserPresentFlag, COUNTER_VALUE, SIGNATURE_AUTHENTICATE)); mockU2FServer.Setup(x => x.ProcessSignResponse(new SignResponse (BROWSER_DATA_SIGN_BASE64, SIGN_RESPONSE_DATA_BASE64, SERVER_CHALLENGE_SIGN_BASE64 , SESSION_ID, APP_ID_SIGN))).Returns(new SecurityKeyData (0L, KEY_HANDLE, USER_PUBLIC_KEY_ENROLL_HEX, VENDOR_CERTIFICATE, 0)); u2FClient.Authenticate(ORIGIN, ACCOUNT_NAME); }
public virtual void TestGetSignRequest() { var u2FServer = new U2FServerReferenceImpl(mockChallengeGenerator.Object, mockDataStore.Object, crypto, TRUSTED_DOMAINS); mockChallengeGenerator.Setup(x => x.GenerateChallenge(ACCOUNT_NAME)) .Returns(SERVER_CHALLENGE_SIGN); var signRequest = u2FServer.GetSignRequests(ACCOUNT_NAME, APP_ID_SIGN); var expected = new SignRequest("U2F_V2", SERVER_CHALLENGE_SIGN_BASE64, APP_ID_SIGN, KEY_HANDLE_BASE64, SESSION_ID); Assert.AreEqual(expected, signRequest[0]); }
private SignInfo GenerateSignInfo(SignRequest signRequest) { var clientDataB64 = ClientDataCodec.EncodeClientData(ClientDataCodec.RequestTypeAuthenticate, signRequest.Challenge, sender.Origin, sender.ChannelId); var clientDataSha256 = crypto.ComputeSha256(clientDataB64); var appIdSha256 = crypto.ComputeSha256(signRequest.AppId); var keyHandle = WebSafeBase64Converter.FromBase64String(signRequest.KeyHandle); var authRequest = new KeySignRequest(U2FVersion.V2, clientDataSha256, appIdSha256, keyHandle); return new SignInfo(signRequest, clientDataB64, authRequest); }
public SignInfo(SignRequest signRequest, string clientDataBase64, KeySignRequest keySignRequest) { ClientDataBase64 = clientDataBase64; KeySignRequest = keySignRequest; SignRequest = signRequest; }
public async Task Register() { var keySignRequests = new[] { new KeySignRequest(U2FVersion.V2, BROWSER_DATA_SIGN_SHA256, APP_ID_SIGN_SHA256, KEY_HANDLE) }; var keyRegisterRequests = new[] {new KeyRegisterRequest(APP_ID_ENROLL_SHA256, BROWSER_DATA_ENROLL_SHA256)}; keyOperations .Setup( x => x.RegisterAsync( It.Is<ICollection<KeyRegisterRequest>>(reqs => reqs.SequenceEqual(keyRegisterRequests)), It.Is<ICollection<KeySignRequest>>(reqs => reqs.SequenceEqual(keySignRequests)), It.IsAny<CancellationToken>())) .Returns( (ICollection<KeyRegisterRequest> registerReqs, ICollection<KeySignRequest> signReqs, CancellationToken ct) => Task.FromResult( RegisterOperationResult.Success( registerReqs.Single(), new KeyRegisterResponse( USER_PUBLIC_KEY_ENROLL_HEX, KEY_HANDLE, VENDOR_CERTIFICATE, SIGNATURE_ENROLL)))); var signRequest = new SignRequest(U2FConsts.U2Fv2, SERVER_CHALLENGE_SIGN_BASE64, APP_ID_SIGN, KEY_HANDLE_BASE64, SESSION_ID); var registerRequest = new RegisterRequest(U2FConsts.U2Fv2, SERVER_CHALLENGE_ENROLL_BASE64, APP_ID_ENROLL, SESSION_ID); var result = await u2FClient.Register(new [] { registerRequest }, new[] { signRequest }, CancellationToken.None); Assert.AreEqual(new RegisterResponse(REGISTRATION_DATA_BASE64, BROWSER_DATA_ENROLL_BASE64, SESSION_ID), result); }