Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add many unit tests for nearly all attestation types #162

Merged
merged 13 commits into from
May 15, 2020
Merged

Add many unit tests for nearly all attestation types #162

Changes from 1 commit
Commits
Show all changes
13 commits
Select commit Hold shift + click to select a range
4cf3fab
Adding some work in progress attestation tests
aseigler Feb 25, 2020
02eb039
More WIP
aseigler Feb 29, 2020
cfaa719
U2F tests nearly complete
aseigler Feb 29, 2020
86cb26f
WIP
aseigler Mar 29, 2020
5e70ca5
EC2 tests for TPM are working
aseigler Apr 9, 2020
bd3b1c6
TPM positive cases working for both EC2 and RSA
aseigler Apr 10, 2020
47cbffe
Added a bunch of packed and TPM tests, added a little bit more error …
aseigler May 9, 2020
19c626e
Remainder of TPM tests (except chain validation).
aseigler May 11, 2020
92b03ff
Add (nearly complete) AndroidKey tests.
aseigler May 13, 2020
028ca0b
Update an Android Key test to StartsWith instead of Equal
aseigler May 13, 2020
1ff9c7b
Fix test data file name capitalization
aseigler May 15, 2020
3407c57
Change tests to use async properly
aseigler May 15, 2020
8fc05e2
Try to prevent test hangs
aseigler May 15, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
U2F tests nearly complete
  • Loading branch information
@aseigler
aseigler committed Feb 29, 2020
commit cfaa719bc6bfae7d93ea0c046234b9a3c60d6d39
58 changes: 58 additions & 0 deletions Test/Attestation/FidoU2f.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -83,5 +83,63 @@ public void TestU2fMalformedX5c()
var ex = Assert.ThrowsAsync<Fido2VerificationException>(() => MakeAttestationResponse());
Assert.Equal("Malformed x5c in fido-u2f attestation", ex.Result.Message);
}
[Fact]
public void TestU2fAttCertNotP256()
{
using (var ecdsaAtt = ECDsa.Create(ECCurve.NamedCurves.nistP384))
{
var attRequest = new CertificateRequest("CN=U2FTesting, OU=Authenticator Attestation, O=FIDO2-NET-LIB, C=US", ecdsaAtt, HashAlgorithmName.SHA256);

attRequest.CertificateExtensions.Add(
new X509BasicConstraintsExtension(false, false, 0, false));

using (var attestnCert = attRequest.CreateSelfSigned(DateTimeOffset.UtcNow, DateTimeOffset.UtcNow.AddDays(2)))
{
_attestationObject["attStmt"].Set("x5c", CBORObject.NewArray()
.Add(CBORObject.FromObject(attestnCert.RawData)));
;
}
}

var ex = Assert.ThrowsAsync<Fido2VerificationException>(() => MakeAttestationResponse());
Assert.Equal("Attestation certificate public key is not an Elliptic Curve (EC) public key over the P-256 curve", ex.Result.Message);
}
[Fact]
public void TestU2fSigNull()
{
_attestationObject["attStmt"].Set("sig", null);
var ex = Assert.ThrowsAsync<Fido2VerificationException>(() => MakeAttestationResponse());
Assert.Equal("Invalid fido-u2f attestation signature", ex.Result.Message);
}
[Fact]
public void TestU2fSigNotByteString()
{
_attestationObject["attStmt"].Set("sig", "walrus");
var ex = Assert.ThrowsAsync<Fido2VerificationException>(() => MakeAttestationResponse());
Assert.Equal("Invalid fido-u2f attestation signature", ex.Result.Message);
}
[Fact]
public void TestU2fSigByteStringZeroLen()
{
_attestationObject["attStmt"].Set("sig", CBORObject.FromObject(new byte[0]));
var ex = Assert.ThrowsAsync<Fido2VerificationException>(() => MakeAttestationResponse());
Assert.Equal("Invalid fido-u2f attestation signature", ex.Result.Message);
}
[Fact]
public void TestU2fSigNotASN1()
{
_attestationObject["attStmt"].Set("sig", CBORObject.FromObject(new byte[] { 0xf1, 0xd0 }));
var ex = Assert.ThrowsAsync<Fido2VerificationException>(() => MakeAttestationResponse());
Assert.Equal("Invalid fido-u2f attestation signature", ex.Result.Message);
}
[Fact]
public void TestU2fBadSig()
{
var sig = _attestationObject["attStmt"]["sig"].GetByteString();
sig[15] ^= sig[15];
_attestationObject["attStmt"].Set("sig", CBORObject.FromObject(sig));
var ex = Assert.ThrowsAsync<Fido2VerificationException>(() => MakeAttestationResponse());
Assert.Equal("Invalid fido-u2f attestation signature", ex.Result.Message);
}
}
}