Add algorithm support for ALG_SIGN_ED25519_EDDSA_SHA512_RAW

aseigler · Oct 9, 2018 · 5743c4b · 5743c4b
1 parent e61e8fb
commit 5743c4b
Show file tree

Hide file tree

Showing 7 changed files with 26 additions and 1 deletion.
diff --git a/fido2-net-lib.Test/UnitTest1.cs b/fido2-net-lib.Test/UnitTest1.cs
@@ -204,6 +204,14 @@ public async Task TestAndroidKeyAttestationAsync()
  await o.VerifyAsync(options, "https://localhost:44329", (x) => Task.FromResult(true), null, null);
  byte[] ad = o.AttestationObject.AuthData;
  }
+ [Fact]
+ public async Task TestEdDsaAttestationAsync()
+ {
+ var jsonPost = JsonConvert.DeserializeObject<AuthenticatorAttestationRawResponse>(File.ReadAllText("./attestationEdDsaResponse.json"));
+ var options = JsonConvert.DeserializeObject<CredentialCreateOptions>(File.ReadAllText("./attestationEdDsaOptions.json"));
+ var o = AuthenticatorAttestationResponse.Parse(jsonPost);
+ await o.VerifyAsync(options, "https://localhost:44329", (x) => Task.FromResult(true), null, null);
+ }
  //public void TestHasCorrentAAguid()
  //{
  // var expectedAaguid = new Uint8Array([

diff --git a/fido2-net-lib.Test/attestationEdDsaOptions.json b/fido2-net-lib.Test/attestationEdDsaOptions.json
@@ -0,0 +1 @@
+{"rp":{"id":"localhost","name":"Fido2 test"},"user":{"name":"yyHXZ5PzC5042t2JA1fR","id":"yyHXZ5PzC5042t2JA1fR","displayName":"Kanisha Vanmeter"},"challenge":"-Mzw3CyzCJclomObjN6lyA","pubKeyCredParams":[{"type":"public-key","alg":-7},{"type":"public-key","alg":-257},{"type":"public-key","alg":-37},{"type":"public-key","alg":-35},{"type":"public-key","alg":-258},{"type":"public-key","alg":-38},{"type":"public-key","alg":-36},{"type":"public-key","alg":-259},{"type":"public-key","alg":-39},{"type":"public-key","alg":-65535}],"timeout":60000,"attestation":"direct","authenticatorSelection":null,"excludeCredentials":[],"status":"ok","errorMessage":""}
diff --git a/fido2-net-lib.Test/attestationEdDsaResponse.json b/fido2-net-lib.Test/attestationEdDsaResponse.json
@@ -0,0 +1 @@
+{"id":"VCmtL0LgCaimWON7J-mrr5b-IfifqSaIWb0hcNZeyNg","rawId":"VCmtL0LgCaimWON7J-mrr5b-IfifqSaIWb0hcNZeyNg","response":{"attestationObject":"o2NmbXRmcGFja2VkZ2F0dFN0bXSiY2FsZydjc2lnWECXpZ_GLjK6Nyih_GSKrrzLYtBDbUwvqgdvgZE033lSoLxwaBp6MOCY6e8wwgQQZnnUJPCbZNOT3BqKM5b2RnkHaGF1dGhEYXRhWIFJlg3liA6MaHQ0Fw9kdmBbj-SuuaKGMseZXPO6gx2XY0EAAABdkd_q15WeRHWtJpsNSCvgiQAgVCmtL0LgCaimWON7J-mrr5b-IfifqSaIWb0hcNZeyNikAQEDJyAGIVggscgctmfHnFPrfECuS_coR8eWticfjl0qCnAMr5rkzCQ","clientDataJSON":"eyJvcmlnaW4iOiJodHRwczovL2xvY2FsaG9zdDo0NDMyOSIsImNoYWxsZW5nZSI6Ii1NenczQ3l6Q0pjbG9tT2JqTjZseUEiLCJ0eXBlIjoid2ViYXV0aG4uY3JlYXRlIn0"},"type":"public-key"}
diff --git a/fido2-net-lib.Test/fido2-net-lib.Test.csproj b/fido2-net-lib.Test/fido2-net-lib.Test.csproj
@@ -11,6 +11,8 @@
  <None Remove="assertionNoneResponse.json" />
  <None Remove="attestationAndroidKeyOptions.json" />
  <None Remove="attestationAndroidKeyResponse.json" />
+ <None Remove="attestationEDDSAOptions.json" />
+ <None Remove="attestationEDDSAResponse.json" />
  <None Remove="attestationNoneOptions.json" />
  <None Remove="attestationNoneResponse.json" />
  <None Remove="attestationOptionsNone.json" />
@@ -47,6 +49,12 @@
  <Content Include="attestationAndroidKeyResponse.json">
  <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
  </Content>
+ <Content Include="attestationEdDsaOptions.json">
+ <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
+ </Content>
+ <Content Include="attestationEdDsaResponse.json">
+ <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
+ </Content>
  <Content Include="attestationNoneOptions.json">
  <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
  </Content>

diff --git a/fido2-net-lib.sln b/fido2-net-lib.sln
@@ -16,6 +16,8 @@ Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Solution Items", "Solution
 EndProject
 Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "CBOR", "CBOR\CBOR\CBOR.csproj", "{1D590BC5-7954-4A2E-B5B5-9A4B4AE1B3F7}"
 EndProject
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Chaos.NaCl", "Chaos.NaCl\Chaos.NaCl\Chaos.NaCl.csproj", "{AE28FD14-7985-4707-A963-C94B8597AE50}"
+EndProject
 Global
  GlobalSection(SolutionConfigurationPlatforms) = preSolution
  Debug|Any CPU = Debug|Any CPU
@@ -38,6 +40,10 @@ Global
  {1D590BC5-7954-4A2E-B5B5-9A4B4AE1B3F7}.Debug|Any CPU.Build.0 = Debug|Any CPU
  {1D590BC5-7954-4A2E-B5B5-9A4B4AE1B3F7}.Release|Any CPU.ActiveCfg = Release|Any CPU
  {1D590BC5-7954-4A2E-B5B5-9A4B4AE1B3F7}.Release|Any CPU.Build.0 = Release|Any CPU
+ {AE28FD14-7985-4707-A963-C94B8597AE50}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+ {AE28FD14-7985-4707-A963-C94B8597AE50}.Debug|Any CPU.Build.0 = Debug|Any CPU
+ {AE28FD14-7985-4707-A963-C94B8597AE50}.Release|Any CPU.ActiveCfg = Release|Any CPU
+ {AE28FD14-7985-4707-A963-C94B8597AE50}.Release|Any CPU.Build.0 = Release|Any CPU
  EndGlobalSection
  GlobalSection(SolutionProperties) = preSolution
  HideSolutionNode = FALSE

diff --git a/fido2-net-lib/AuthDataHelper.cs b/fido2-net-lib/AuthDataHelper.cs
@@ -76,7 +76,7 @@ public static bool VerifySigWithCoseKey(byte[] data, CBORObject coseKey, byte[]
  switch (crv) // https://www.iana.org/assignments/cose/cose.xhtml#elliptic-curves
  {
  case 6:
- throw new Fido2VerificationException("ALG_SIGN_ED25519_EDDSA_SHA512_RAW support not yet implmented");
+ return Chaos.NaCl.Ed25519.Verify(sig, GetHasher(HashAlgorithmName.SHA512).ComputeHash(data), coseKey[CBORObject.FromObject(-2)].GetByteString());
  default:
  throw new ArgumentOutOfRangeException("crv");
  }

diff --git a/fido2-net-lib/Fido2NetLib.csproj b/fido2-net-lib/Fido2NetLib.csproj
@@ -28,6 +28,7 @@
 
  <ItemGroup>
  <ProjectReference Include="..\CBOR\CBOR\CBOR.csproj" />
+ <ProjectReference Include="..\Chaos.NaCl\Chaos.NaCl\Chaos.NaCl.csproj" />
  </ItemGroup>
 
 </Project>