Java Code Examples for com.webauthn4j.data.attestation.statement.COSEAlgorithmIdentifier#ES256
The following examples show how to use
com.webauthn4j.data.attestation.statement.COSEAlgorithmIdentifier#ES256 .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: EC2COSEKey.java From webauthn4j with Apache License 2.0 | 6 votes |
|
/**
* create from uncompressed ECC 256-bit key
*
* @param publicKey publicKey
* @return {@link EC2COSEKey}
*/
public static EC2COSEKey createFromUncompressedECCKey(byte[] publicKey) {
if (publicKey.length != 65) {
throw new IllegalArgumentException("publicKey must be 65 bytes length");
}
byte[] x = Arrays.copyOfRange(publicKey, 1, 1 + 32);
byte[] y = Arrays.copyOfRange(publicKey, 1 + 32, 1 + 32 + 32);
return new EC2COSEKey(
null,
COSEAlgorithmIdentifier.ES256,
null,
Curve.SECP256R1,
x,
y,
null
);
}
Example 2
| Source File: PublicKeyCredentialCreationOptionsTest.java From webauthn4j with Apache License 2.0 | 6 votes |
|
@Test
void equals_hashCode_test() {
String rpId = "example.com";
Challenge challenge = new DefaultChallenge();
PublicKeyCredentialParameters publicKeyCredentialParameters
= new PublicKeyCredentialParameters(PublicKeyCredentialType.PUBLIC_KEY, COSEAlgorithmIdentifier.ES256);
PublicKeyCredentialCreationOptions instanceA = new PublicKeyCredentialCreationOptions(
new PublicKeyCredentialRpEntity(rpId, "example.com"),
new PublicKeyCredentialUserEntity(),
challenge,
Collections.singletonList(publicKeyCredentialParameters)
);
PublicKeyCredentialCreationOptions instanceB = new PublicKeyCredentialCreationOptions(
new PublicKeyCredentialRpEntity(rpId, "example.com"),
new PublicKeyCredentialUserEntity(),
challenge,
Collections.singletonList(publicKeyCredentialParameters)
);
assertAll(
() -> assertThat(instanceA).isEqualTo(instanceB),
() -> assertThat(instanceA).hasSameHashCodeAs(instanceB)
);
}
Example 3
| Source File: NullAttestationStatementValidatorTest.java From webauthn4j with Apache License 2.0 | 5 votes |
|
@Test
void validate_RegistrationRequest_with_fido_u2f_attestation_statement_test() {
FIDOU2FAuthenticatorAdaptor fidou2FAuthenticatorAdaptor = new FIDOU2FAuthenticatorAdaptor();
ClientPlatform clientPlatform = new ClientPlatform(origin, fidou2FAuthenticatorAdaptor);
String rpId = "example.com";
Challenge challenge = new DefaultChallenge();
PublicKeyCredentialParameters publicKeyCredentialParameters
= new PublicKeyCredentialParameters(PublicKeyCredentialType.PUBLIC_KEY, COSEAlgorithmIdentifier.ES256);
AuthenticatorSelectionCriteria authenticatorSelectionCriteria =
new AuthenticatorSelectionCriteria(
AuthenticatorAttachment.CROSS_PLATFORM,
true,
UserVerificationRequirement.REQUIRED);
AuthenticationExtensionsClientInputs<RegistrationExtensionClientInput<?>> extensions = new AuthenticationExtensionsClientInputs<>();
PublicKeyCredentialCreationOptions credentialCreationOptions = new PublicKeyCredentialCreationOptions(
new PublicKeyCredentialRpEntity(rpId, "valid.site.example.com"),
new PublicKeyCredentialUserEntity(),
challenge,
Collections.singletonList(publicKeyCredentialParameters),
null,
Collections.emptyList(),
authenticatorSelectionCriteria,
AttestationConveyancePreference.DIRECT,
extensions
);
AuthenticatorAttestationResponse registrationRequest = clientPlatform.create(credentialCreationOptions).getAuthenticatorResponse();
Set<String> transports = authenticatorTransportConverter.convertSetToStringSet(registrationRequest.getTransports());
ServerProperty serverProperty = new ServerProperty(origin, rpId, challenge, null);
RegistrationRequest webAuthnRegistrationRequest =
new RegistrationRequest(
registrationRequest.getAttestationObject(),
registrationRequest.getClientDataJSON(),
transports);
RegistrationParameters registrationParameters =
new RegistrationParameters(serverProperty, false);
target.validate(webAuthnRegistrationRequest, registrationParameters);
}
Example 4
| Source File: AndroidKeyAuthenticator.java From webauthn4j with Apache License 2.0 | 5 votes |
|
@Override
public AttestationStatement createAttestationStatement(AttestationStatementRequest attestationStatementRequest, RegistrationEmulationOption registrationEmulationOption) {
byte[] signature;
if (registrationEmulationOption.isSignatureOverrideEnabled()) {
signature = registrationEmulationOption.getSignature();
} else {
signature = TestDataUtil.calculateSignature(attestationStatementRequest.getCredentialKeyPair().getPrivate(), attestationStatementRequest.getSignedData());
}
AttestationOption attestationOption = registrationEmulationOption.getAttestationOption() == null ? new AndroidKeyAttestationOption() : registrationEmulationOption.getAttestationOption();
X509Certificate attestationCertificate =
getAttestationCertificate(attestationStatementRequest, attestationOption);
AttestationCertificatePath attestationCertificates = new AttestationCertificatePath(attestationCertificate, this.getCACertificatePath());
return new AndroidKeyAttestationStatement(COSEAlgorithmIdentifier.ES256, signature, attestationCertificates);
}
Example 5
| Source File: EC2COSEKeyTest.java From webauthn4j with Apache License 2.0 | 5 votes |
|
private EC2COSEKey createNullXKey() {
EC2COSEKey original = TestDataUtil.createEC2COSEPublicKey();
return new EC2COSEKey(
original.getKeyId(),
COSEAlgorithmIdentifier.ES256,
original.getKeyOps(),
Curve.SECP256R1,
null,
original.getY()
);
}
Example 6
| Source File: TestDataUtil.java From webauthn4j with Apache License 2.0 | 5 votes |
|
public static EC2COSEKey createEC2COSEPublicKey() {
return new EC2COSEKey(
null,
COSEAlgorithmIdentifier.ES256,
null,
Curve.SECP256R1,
new byte[32],
new byte[32]
);
}
Example 7
| Source File: FIDOU2FAuthenticatorAuthenticationValidationTest.java From webauthn4j with Apache License 2.0 | 5 votes |
|
private AttestationObject createAttestationObject(String rpId, Challenge challenge) {
PublicKeyCredentialParameters publicKeyCredentialParameters
= new PublicKeyCredentialParameters(PublicKeyCredentialType.PUBLIC_KEY, COSEAlgorithmIdentifier.ES256);
PublicKeyCredentialCreationOptions credentialCreationOptions = new PublicKeyCredentialCreationOptions(
new PublicKeyCredentialRpEntity(rpId, "example.com"),
new PublicKeyCredentialUserEntity(),
challenge,
Collections.singletonList(publicKeyCredentialParameters)
);
AuthenticatorAttestationResponse registrationRequest = clientPlatform.create(credentialCreationOptions).getAuthenticatorResponse();
AttestationObjectConverter attestationObjectConverter = new AttestationObjectConverter(objectConverter);
return attestationObjectConverter.convert(registrationRequest.getAttestationObject());
}
Example 8
| Source File: UserVerifyingAuthenticatorAuthenticationValidationTest.java From webauthn4j with Apache License 2.0 | 5 votes |
|
private AttestationObject createAttestationObject(String rpId, Challenge challenge) {
AuthenticatorSelectionCriteria authenticatorSelectionCriteria =
new AuthenticatorSelectionCriteria(
AuthenticatorAttachment.CROSS_PLATFORM,
true,
UserVerificationRequirement.REQUIRED);
PublicKeyCredentialParameters publicKeyCredentialParameters = new PublicKeyCredentialParameters(PublicKeyCredentialType.PUBLIC_KEY, COSEAlgorithmIdentifier.ES256);
PublicKeyCredentialUserEntity publicKeyCredentialUserEntity = new PublicKeyCredentialUserEntity();
AuthenticationExtensionsClientInputs<RegistrationExtensionClientInput<?>> extensions = new AuthenticationExtensionsClientInputs<>();
PublicKeyCredentialCreationOptions credentialCreationOptions
= new PublicKeyCredentialCreationOptions(
new PublicKeyCredentialRpEntity(rpId, "example.com"),
publicKeyCredentialUserEntity,
challenge,
Collections.singletonList(publicKeyCredentialParameters),
null,
Collections.emptyList(),
authenticatorSelectionCriteria,
AttestationConveyancePreference.NONE,
extensions
);
AuthenticatorAttestationResponse registrationRequest = clientPlatform.create(credentialCreationOptions).getAuthenticatorResponse();
AttestationObjectConverter attestationObjectConverter = new AttestationObjectConverter(objectConverter);
return attestationObjectConverter.convert(registrationRequest.getAttestationObject());
}
Example 9
| Source File: CustomAuthenticationValidationTest.java From webauthn4j with Apache License 2.0 | 5 votes |
|
private AttestationObject createAttestationObject(String rpId, Challenge challenge) {
PublicKeyCredentialParameters publicKeyCredentialParameters
= new PublicKeyCredentialParameters(PublicKeyCredentialType.PUBLIC_KEY, COSEAlgorithmIdentifier.ES256);
PublicKeyCredentialCreationOptions credentialCreationOptions = new PublicKeyCredentialCreationOptions(
new PublicKeyCredentialRpEntity(rpId, "example.com"),
new PublicKeyCredentialUserEntity(),
challenge,
Collections.singletonList(publicKeyCredentialParameters)
);
AuthenticatorAttestationResponse registrationRequest = clientPlatform.create(credentialCreationOptions).getAuthenticatorResponse();
AttestationObjectConverter attestationObjectConverter = new AttestationObjectConverter(objectConverter);
return attestationObjectConverter.convert(registrationRequest.getAttestationObject());
}
Example 10
| Source File: FIDOU2FAuthenticatorRegistrationValidationTest.java From webauthn4j with Apache License 2.0 | 5 votes |
|
@Test
void validate_with_bad_rpId_test() {
String rpId = "example.com";
String badRpId = "example.net";
Challenge challenge = new DefaultChallenge();
PublicKeyCredentialParameters publicKeyCredentialParameters
= new PublicKeyCredentialParameters(PublicKeyCredentialType.PUBLIC_KEY, COSEAlgorithmIdentifier.ES256);
PublicKeyCredentialCreationOptions credentialCreationOptions = new PublicKeyCredentialCreationOptions(
new PublicKeyCredentialRpEntity(badRpId, "example.com"),
new PublicKeyCredentialUserEntity(),
challenge,
Collections.singletonList(publicKeyCredentialParameters)
);
AuthenticatorAttestationResponse authenticatorAttestationResponse = clientPlatform.create(credentialCreationOptions).getAuthenticatorResponse();
Set<String> transports = authenticatorTransportConverter.convertSetToStringSet(authenticatorAttestationResponse.getTransports());
ServerProperty serverProperty = new ServerProperty(origin, rpId, challenge, null);
RegistrationRequest registrationRequest
= new RegistrationRequest(
authenticatorAttestationResponse.getAttestationObject(),
authenticatorAttestationResponse.getClientDataJSON(),
transports
);
RegistrationParameters registrationParameters
= new RegistrationParameters(
serverProperty,
false,
true,
Collections.emptyList()
);
assertThrows(BadRpIdException.class,
() -> target.validate(registrationRequest, registrationParameters)
);
}
Example 11
| Source File: PublicKeyCredentialParametersTest.java From webauthn4j with Apache License 2.0 | 5 votes |
|
@Test
void getter_test() {
PublicKeyCredentialParameters parameters =
new PublicKeyCredentialParameters(PublicKeyCredentialType.PUBLIC_KEY, COSEAlgorithmIdentifier.ES256);
assertAll(
() -> assertThat(parameters.getType()).isEqualTo(PublicKeyCredentialType.PUBLIC_KEY),
() -> assertThat(parameters.getAlg()).isEqualTo(COSEAlgorithmIdentifier.ES256)
);
}
Example 12
| Source File: PublicKeyCredentialTest.java From webauthn4j with Apache License 2.0 | 5 votes |
|
@Test
void test() {
String rpId = "example.com";
Challenge challenge = new DefaultChallenge();
AuthenticatorSelectionCriteria authenticatorSelectionCriteria =
new AuthenticatorSelectionCriteria(
AuthenticatorAttachment.CROSS_PLATFORM,
true,
UserVerificationRequirement.REQUIRED);
PublicKeyCredentialParameters publicKeyCredentialParameters = new PublicKeyCredentialParameters(PublicKeyCredentialType.PUBLIC_KEY, COSEAlgorithmIdentifier.ES256);
PublicKeyCredentialUserEntity publicKeyCredentialUserEntity = new PublicKeyCredentialUserEntity();
AuthenticationExtensionsClientInputs<RegistrationExtensionClientInput<?>> extensions = new AuthenticationExtensionsClientInputs<>();
PublicKeyCredentialCreationOptions credentialCreationOptions
= new PublicKeyCredentialCreationOptions(
new PublicKeyCredentialRpEntity(rpId, "example.com"),
publicKeyCredentialUserEntity,
challenge,
Collections.singletonList(publicKeyCredentialParameters),
null,
Collections.emptyList(),
authenticatorSelectionCriteria,
AttestationConveyancePreference.NONE,
extensions
);
PublicKeyCredential<AuthenticatorAttestationResponse, RegistrationExtensionClientOutput<?>> credential = clientPlatform.create(credentialCreationOptions);
assertAll(
() -> assertThat(credential.getType()).isEqualTo(PublicKeyCredentialType.PUBLIC_KEY.getValue()),
() -> assertThat(credential.getId()).isNotEmpty(),
() -> assertThat(credential.getRawId()).isNotEmpty(),
() -> assertThat(credential.getAuthenticatorResponse()).isInstanceOf(AuthenticatorAttestationResponse.class),
() -> assertThat(credential.getClientExtensionResults()).isNotNull()
);
}
Example 13
| Source File: PublicKeyCredentialParametersTest.java From webauthn4j with Apache License 2.0 | 5 votes |
|
@Test
void equals_hashCode_test() {
PublicKeyCredentialParameters instanceA =
new PublicKeyCredentialParameters(PublicKeyCredentialType.PUBLIC_KEY, COSEAlgorithmIdentifier.ES256);
PublicKeyCredentialParameters instanceB =
new PublicKeyCredentialParameters(PublicKeyCredentialType.PUBLIC_KEY, COSEAlgorithmIdentifier.ES256);
assertAll(
() -> assertThat(instanceA).isEqualTo(instanceB),
() -> assertThat(instanceA).hasSameHashCodeAs(instanceB)
);
}
Example 14
| Source File: FIDOU2FAuthenticatorRegistrationValidationTest.java From webauthn4j with Apache License 2.0 | 4 votes |
|
@Test
void validate_invalid_format_attestation_signature_test() {
String rpId = "example.com";
Challenge challenge = new DefaultChallenge();
PublicKeyCredentialParameters publicKeyCredentialParameters
= new PublicKeyCredentialParameters(PublicKeyCredentialType.PUBLIC_KEY, COSEAlgorithmIdentifier.ES256);
AuthenticatorSelectionCriteria authenticatorSelectionCriteria =
new AuthenticatorSelectionCriteria(
AuthenticatorAttachment.CROSS_PLATFORM,
true,
UserVerificationRequirement.REQUIRED);
AuthenticationExtensionsClientInputs<RegistrationExtensionClientInput<?>> extensions = new AuthenticationExtensionsClientInputs<>();
PublicKeyCredentialCreationOptions credentialCreationOptions = new PublicKeyCredentialCreationOptions(
new PublicKeyCredentialRpEntity(rpId, "valid.site.example.com"),
new PublicKeyCredentialUserEntity(),
challenge,
Collections.singletonList(publicKeyCredentialParameters),
null,
Collections.emptyList(),
authenticatorSelectionCriteria,
AttestationConveyancePreference.DIRECT,
extensions
);
RegistrationEmulationOption registrationEmulationOption = new RegistrationEmulationOption();
registrationEmulationOption.setSignatureOverrideEnabled(true);
AuthenticatorAttestationResponse authenticatorAttestationResponse = clientPlatform.create(credentialCreationOptions, registrationEmulationOption).getAuthenticatorResponse();
Set<String> transports = authenticatorTransportConverter.convertSetToStringSet(authenticatorAttestationResponse.getTransports());
ServerProperty serverProperty = new ServerProperty(origin, rpId, challenge, null);
RegistrationRequest registrationRequest
= new RegistrationRequest(
authenticatorAttestationResponse.getAttestationObject(),
authenticatorAttestationResponse.getClientDataJSON(),
transports
);
RegistrationParameters registrationParameters
= new RegistrationParameters(
serverProperty,
false,
true,
Collections.emptyList()
);
assertThrows(BadSignatureException.class,
() -> target.validate(registrationRequest, registrationParameters)
);
}
Example 15
| Source File: CustomRegistrationValidationTest.java From webauthn4j with Apache License 2.0 | 4 votes |
|
@Test
void CustomRegistrationValidator_test() {
String rpId = "example.com";
Challenge challenge = new DefaultChallenge();
PublicKeyCredentialParameters publicKeyCredentialParameters
= new PublicKeyCredentialParameters(PublicKeyCredentialType.PUBLIC_KEY, COSEAlgorithmIdentifier.ES256);
PublicKeyCredentialCreationOptions credentialCreationOptions = new PublicKeyCredentialCreationOptions(
new PublicKeyCredentialRpEntity(rpId, "example.com"),
new PublicKeyCredentialUserEntity(),
challenge,
Collections.singletonList(publicKeyCredentialParameters)
);
PublicKeyCredential<AuthenticatorAttestationResponse, RegistrationExtensionClientOutput<?>> credential = clientPlatform.create(credentialCreationOptions);
AuthenticatorAttestationResponse authenticatorAttestationResponse = credential.getAuthenticatorResponse();
AuthenticationExtensionsClientOutputs<RegistrationExtensionClientOutput<?>> clientExtensionResults = credential.getClientExtensionResults();
String clientExtensionJSON = authenticationExtensionsClientOutputsConverter.convertToString(clientExtensionResults);
Set<String> transports = authenticatorTransportConverter.convertSetToStringSet(authenticatorAttestationResponse.getTransports());
ServerProperty serverProperty = new ServerProperty(origin, rpId, challenge, null);
RegistrationRequest registrationRequest
= new RegistrationRequest(
authenticatorAttestationResponse.getAttestationObject(),
authenticatorAttestationResponse.getClientDataJSON(),
clientExtensionJSON,
transports
);
RegistrationParameters registrationParameters
= new RegistrationParameters(
serverProperty,
false,
true,
Collections.emptyList()
);
target.getRegistrationDataValidator().getCustomRegistrationValidators().add(registrationObject ->
assertThat(registrationObject).isNotNull());
target.validate(registrationRequest, registrationParameters);
}
Example 16
| Source File: NullAttestationStatementValidatorTest.java From webauthn4j with Apache License 2.0 | 4 votes |
|
@Test
void validate_RegistrationRequest_with_packed_attestation_statement_test() {
WebAuthnAuthenticatorAdaptor webAuthnAuthenticatorAdaptor = new WebAuthnAuthenticatorAdaptor(EmulatorUtil.PACKED_AUTHENTICATOR);
ClientPlatform clientPlatform = new ClientPlatform(origin, webAuthnAuthenticatorAdaptor);
String rpId = "example.com";
Challenge challenge = new DefaultChallenge();
AuthenticatorSelectionCriteria authenticatorSelectionCriteria =
new AuthenticatorSelectionCriteria(
AuthenticatorAttachment.CROSS_PLATFORM,
true,
UserVerificationRequirement.REQUIRED);
PublicKeyCredentialParameters publicKeyCredentialParameters = new PublicKeyCredentialParameters(PublicKeyCredentialType.PUBLIC_KEY, COSEAlgorithmIdentifier.ES256);
PublicKeyCredentialUserEntity publicKeyCredentialUserEntity = new PublicKeyCredentialUserEntity();
AuthenticationExtensionsClientInputs<RegistrationExtensionClientInput<?>> extensions = new AuthenticationExtensionsClientInputs<>();
PublicKeyCredentialCreationOptions credentialCreationOptions = new PublicKeyCredentialCreationOptions(
new PublicKeyCredentialRpEntity(rpId, "valid.site.example.com"),
publicKeyCredentialUserEntity,
challenge,
Collections.singletonList(publicKeyCredentialParameters),
null,
Collections.emptyList(),
authenticatorSelectionCriteria,
AttestationConveyancePreference.DIRECT,
extensions
);
AuthenticatorAttestationResponse registrationRequest = clientPlatform.create(credentialCreationOptions).getAuthenticatorResponse();
Set<String> transports = authenticatorTransportConverter.convertSetToStringSet(registrationRequest.getTransports());
ServerProperty serverProperty = new ServerProperty(origin, rpId, challenge, null);
RegistrationRequest webAuthnRegistrationRequest =
new RegistrationRequest(
registrationRequest.getAttestationObject(),
registrationRequest.getClientDataJSON(),
transports);
RegistrationParameters registrationParameters =
new RegistrationParameters(serverProperty, false);
target.validate(webAuthnRegistrationRequest, registrationParameters);
}
Example 17
| Source File: FIDOU2FAuthenticatorRegistrationValidationTest.java From webauthn4j with Apache License 2.0 | 4 votes |
|
@Test
void validate_malicious_client_data_test() {
Origin phishingSiteOrigin = new Origin("http://phishing.site.example.com");
Origin validSiteOrigin = new Origin("http://valid.site.example.com");
Origin phishingSiteClaimingOrigin = new Origin("http://valid.site.example.com");
ClientPlatform clientPlatform = new ClientPlatform(phishingSiteOrigin, new FIDOU2FAuthenticatorAdaptor()); // client platform loads phishing site
String rpId = "valid.site.example.com";
Challenge challenge = new DefaultChallenge();
PublicKeyCredentialParameters publicKeyCredentialParameters
= new PublicKeyCredentialParameters(PublicKeyCredentialType.PUBLIC_KEY, COSEAlgorithmIdentifier.ES256);
AuthenticatorSelectionCriteria authenticatorSelectionCriteria =
new AuthenticatorSelectionCriteria(
AuthenticatorAttachment.CROSS_PLATFORM,
true,
UserVerificationRequirement.REQUIRED);
AuthenticationExtensionsClientInputs<RegistrationExtensionClientInput<?>> extensions = new AuthenticationExtensionsClientInputs<>();
PublicKeyCredentialCreationOptions credentialCreationOptions = new PublicKeyCredentialCreationOptions(
new PublicKeyCredentialRpEntity(rpId, "valid.site.example.com"),
new PublicKeyCredentialUserEntity(),
challenge,
Collections.singletonList(publicKeyCredentialParameters),
null,
Collections.emptyList(),
authenticatorSelectionCriteria,
AttestationConveyancePreference.DIRECT,
extensions
);
AuthenticatorAttestationResponse authenticatorAttestationResponse = clientPlatform.create(credentialCreationOptions).getAuthenticatorResponse();
CollectedClientData maliciousClientData = new CollectedClientData(ClientDataType.CREATE, challenge, phishingSiteClaimingOrigin, null);
byte[] maliciousClientDataBytes = new CollectedClientDataConverter(objectConverter).convertToBytes(maliciousClientData);
Set<String> transports = authenticatorTransportConverter.convertSetToStringSet(authenticatorAttestationResponse.getTransports());
ServerProperty serverProperty = new ServerProperty(validSiteOrigin, rpId, challenge, null);
RegistrationRequest registrationRequest
= new RegistrationRequest(
authenticatorAttestationResponse.getAttestationObject(),
maliciousClientDataBytes,
transports
);
RegistrationParameters registrationParameters
= new RegistrationParameters(
serverProperty,
false,
true,
Collections.emptyList()
);
assertThrows(BadSignatureException.class,
() -> target.validate(registrationRequest, registrationParameters)
);
}
Example 18
| Source File: AndroidSafetyNetAuthenticatorRegistrationValidationTest.java From webauthn4j with Apache License 2.0 | 4 votes |
|
@Test
void validate_RegistrationContext_with_android_safety_net_attestation_statement_test() {
String rpId = "example.com";
Challenge challenge = new DefaultChallenge();
AuthenticatorSelectionCriteria authenticatorSelectionCriteria =
new AuthenticatorSelectionCriteria(
AuthenticatorAttachment.CROSS_PLATFORM,
true,
UserVerificationRequirement.REQUIRED);
PublicKeyCredentialParameters publicKeyCredentialParameters = new PublicKeyCredentialParameters(PublicKeyCredentialType.PUBLIC_KEY, COSEAlgorithmIdentifier.ES256);
PublicKeyCredentialUserEntity publicKeyCredentialUserEntity = new PublicKeyCredentialUserEntity();
AuthenticationExtensionsClientInputs<RegistrationExtensionClientInput<?>> extensions = new AuthenticationExtensionsClientInputs<>();
PublicKeyCredentialCreationOptions credentialCreationOptions
= new PublicKeyCredentialCreationOptions(
new PublicKeyCredentialRpEntity(rpId, "example.com"),
publicKeyCredentialUserEntity,
challenge,
Collections.singletonList(publicKeyCredentialParameters),
null,
Collections.emptyList(),
authenticatorSelectionCriteria,
AttestationConveyancePreference.DIRECT,
extensions
);
PublicKeyCredential<AuthenticatorAttestationResponse, RegistrationExtensionClientOutput<?>> credential = clientPlatform.create(credentialCreationOptions);
AuthenticatorAttestationResponse authenticatorAttestationResponse = credential.getAuthenticatorResponse();
AuthenticationExtensionsClientOutputs<RegistrationExtensionClientOutput<?>> clientExtensionResults = credential.getClientExtensionResults();
Set<String> transports = Collections.emptySet();
String clientExtensionJSON = authenticationExtensionsClientOutputsConverter.convertToString(clientExtensionResults);
ServerProperty serverProperty = new ServerProperty(origin, rpId, challenge, null);
RegistrationRequest registrationRequest
= new RegistrationRequest(
authenticatorAttestationResponse.getAttestationObject(),
authenticatorAttestationResponse.getClientDataJSON(),
clientExtensionJSON,
transports
);
RegistrationParameters registrationParameters
= new RegistrationParameters(
serverProperty,
false,
true,
Collections.emptyList()
);
RegistrationData response = target.validate(registrationRequest, registrationParameters);
assertAll(
() -> assertThat(response.getCollectedClientData()).isNotNull(),
() -> assertThat(response.getAttestationObject()).isNotNull(),
() -> assertThat(response.getClientExtensions()).isNotNull()
);
}
Example 19
| Source File: TPMAuthenticatorRegistrationValidationTest.java From webauthn4j with Apache License 2.0 | 4 votes |
|
@Test
void validate_RegistrationContext_with_tpm_attestation_statement_test() {
String rpId = "example.com";
Challenge challenge = new DefaultChallenge();
AuthenticatorSelectionCriteria authenticatorSelectionCriteria =
new AuthenticatorSelectionCriteria(
AuthenticatorAttachment.CROSS_PLATFORM,
true,
UserVerificationRequirement.REQUIRED);
PublicKeyCredentialParameters publicKeyCredentialParameters = new PublicKeyCredentialParameters(PublicKeyCredentialType.PUBLIC_KEY, COSEAlgorithmIdentifier.ES256);
PublicKeyCredentialUserEntity publicKeyCredentialUserEntity = new PublicKeyCredentialUserEntity();
AuthenticationExtensionsClientInputs<RegistrationExtensionClientInput<?>> extensions = new AuthenticationExtensionsClientInputs<>();
PublicKeyCredentialCreationOptions credentialCreationOptions
= new PublicKeyCredentialCreationOptions(
new PublicKeyCredentialRpEntity(rpId, "example.com"),
publicKeyCredentialUserEntity,
challenge,
Collections.singletonList(publicKeyCredentialParameters),
null,
Collections.emptyList(),
authenticatorSelectionCriteria,
AttestationConveyancePreference.DIRECT,
extensions
);
PublicKeyCredential<AuthenticatorAttestationResponse, RegistrationExtensionClientOutput<?>> credential = clientPlatform.create(credentialCreationOptions);
AuthenticatorAttestationResponse authenticatorAttestationResponse = credential.getAuthenticatorResponse();
AuthenticationExtensionsClientOutputs<RegistrationExtensionClientOutput<?>> clientExtensionResults = credential.getClientExtensionResults();
Set<String> transports = Collections.emptySet();
String clientExtensionJSON = authenticationExtensionsClientOutputsConverter.convertToString(clientExtensionResults);
ServerProperty serverProperty = new ServerProperty(origin, rpId, challenge, null);
RegistrationRequest registrationRequest
= new RegistrationRequest(
authenticatorAttestationResponse.getAttestationObject(),
authenticatorAttestationResponse.getClientDataJSON(),
clientExtensionJSON,
transports
);
RegistrationParameters registrationParameters
= new RegistrationParameters(
serverProperty,
false,
true,
Collections.emptyList()
);
RegistrationData response = target.validate(registrationRequest, registrationParameters);
assertAll(
() -> assertThat(response.getCollectedClientData()).isNotNull(),
() -> assertThat(response.getAttestationObject()).isNotNull(),
() -> assertThat(response.getClientExtensions()).isNotNull()
);
}
Example 20
| Source File: RegistrationValidationTest.java From webauthn4j-spring-security with Apache License 2.0 | 4 votes |
|
@Test
public void validate_test() {
ServerProperty serverProperty = new ServerProperty(origin, rpId, challenge, null);
when(serverPropertyProvider.provide(any())).thenReturn(serverProperty);
AuthenticatorSelectionCriteria authenticatorSelectionCriteria =
new AuthenticatorSelectionCriteria(AuthenticatorAttachment.CROSS_PLATFORM, true, UserVerificationRequirement.REQUIRED);
PublicKeyCredentialParameters publicKeyCredentialParameters = new PublicKeyCredentialParameters(PublicKeyCredentialType.PUBLIC_KEY, COSEAlgorithmIdentifier.ES256);
PublicKeyCredentialUserEntity publicKeyCredentialUserEntity = new PublicKeyCredentialUserEntity();
PublicKeyCredentialCreationOptions credentialCreationOptions = new PublicKeyCredentialCreationOptions(
new PublicKeyCredentialRpEntity(rpId, "example.com"),
publicKeyCredentialUserEntity,
challenge,
Collections.singletonList(publicKeyCredentialParameters),
null,
null,
authenticatorSelectionCriteria,
AttestationConveyancePreference.NONE,
null
);
AuthenticatorAttestationResponse registrationRequest = clientPlatform.create(credentialCreationOptions).getAuthenticatorResponse();
MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
mockHttpServletRequest.setScheme("https");
mockHttpServletRequest.setServerName("example.com");
mockHttpServletRequest.setServerPort(443);
String clientDataBase64 = Base64UrlUtil.encodeToString(registrationRequest.getClientDataJSON());
String attestationObjectBase64 = Base64UrlUtil.encodeToString(registrationRequest.getAttestationObject());
Set<String> transports = Collections.emptySet();
String clientExtensionsJSON = null;
WebAuthnRegistrationRequestValidationResponse response
= target.validate(mockHttpServletRequest, clientDataBase64, attestationObjectBase64, transports, clientExtensionsJSON);
assertThat(response.getAttestationObject()).isNotNull();
assertThat(response.getCollectedClientData()).isNotNull();
assertThat(response.getRegistrationExtensionsClientOutputs()).isNull();
}
