[PM-5732] feat: finish authenticator assertion implementation

note: CryptoFunctionService still needs Sign implemenation
2024-11-25 12:05:59 +01:00 · 2024-01-23 10:27:41 +01:00 · 2024-01-23 10:27:41 +01:00 · b23d58c0b1
commit b23d58c0b1
parent e8f6c37c06
7 changed files with 80 additions and 14 deletions
--- a/src/Core/Abstractions/ICryptoFunctionService.cs
+++ b/src/Core/Abstractions/ICryptoFunctionService.cs
@ -1,6 +1,7 @@
 using System;
 using System.Threading.Tasks;
 using Bit.Core.Enums;
+using Bit.Core.Models.Domain;

 namespace Bit.Core.Abstractions
 {
@ -20,6 +21,7 @@ namespace Bit.Core.Abstractions
        Task<byte[]> HkdfAsync(byte[] ikm, byte[] salt, byte[] info, int outputByteSize, HkdfAlgorithm algorithm);
        Task<byte[]> HkdfExpandAsync(byte[] prk, string info, int outputByteSize, HkdfAlgorithm algorithm);
        Task<byte[]> HkdfExpandAsync(byte[] prk, byte[] info, int outputByteSize, HkdfAlgorithm algorithm);
+        Task<byte[]> SignAsync(byte[] data, byte[] privateKey, ICryptoSignOptions options);
        Task<byte[]> HashAsync(string value, CryptoHashAlgorithm algorithm);
        Task<byte[]> HashAsync(byte[] value, CryptoHashAlgorithm algorithm);
        Task<byte[]> HmacAsync(byte[] value, byte[] key, CryptoHashAlgorithm algorithm);
--- a/src/Core/Models/Domain/CryptoSignEcdsaOptions.cs
+++ b/src/Core/Models/Domain/CryptoSignEcdsaOptions.cs
@ -0,0 +1,17 @@
+namespace Bit.Core.Models.Domain
+{
+    public struct CryptoSignEcdsaOptions : ICryptoSignOptions
+    {
+        public enum EcdsaAlgorithm : byte {
+            EcdsaP256Sha256 = 0,
+        }
+
+        public enum DsaSignatureFormat : byte {
+            IeeeP1363FixedFieldConcatenation = 0,
+            Rfc3279DerSequence = 1
+        }
+
+        public EcdsaAlgorithm Algorithm { get; set; }
+        public DsaSignatureFormat SignatureFormat { get; set; }
+    }
+}
--- a/src/Core/Models/Domain/ICryptoSignOptions.cs
+++ b/src/Core/Models/Domain/ICryptoSignOptions.cs
@ -0,0 +1,6 @@
+namespace Bit.Core.Models.Domain
+{
+    public interface ICryptoSignOptions
+    {
+    }
+}
--- a/src/Core/Models/View/Fido2CredentialView.cs
+++ b/src/Core/Models/View/Fido2CredentialView.cs
@ -38,6 +38,11 @@ namespace Bit.Core.Models.View
            set => UserHandle = value == null ? null : CoreHelpers.Base64UrlEncode(value);
        }

+        public byte[] KeyBytes {
+            get => KeyValue == null ? null : CoreHelpers.Base64UrlDecode(KeyValue);
+            set => KeyValue = value == null ? null : CoreHelpers.Base64UrlEncode(value);
+        }
+
        public override string SubTitle => UserName;
        public override List<KeyValuePair<string, LinkedIdType>> LinkedFieldOptions => new List<KeyValuePair<string, LinkedIdType>>();
        public bool IsDiscoverable => bool.TryParse(Discoverable, out var isDiscoverable) && isDiscoverable;
--- a/src/Core/Services/Fido2AuthenticatorService.cs
+++ b/src/Core/Services/Fido2AuthenticatorService.cs
@ -1,6 +1,7 @@
 using Bit.Core.Abstractions;
 using Bit.Core.Models.View;
 using Bit.Core.Enums;
+using Bit.Core.Models.Domain;
 using Bit.Core.Utilities.Fido2;
 using System.Buffers.Binary;

@ -88,15 +89,15 @@ namespace Bit.Core.Services
                    rpId: selectedFido2Credential.RpId,
                    userPresence: true,
                    userVerification: userVerified,
-                    counter: selectedFido2Credential.CounterValue);
+                    counter: selectedFido2Credential.CounterValue
+                );

-                // const signature = await generateSignature({
-                //     authData: authenticatorData,
-                //     clientDataHash: params.hash,
-                //     privateKey: await getPrivateKeyFromFido2Credential(selectedFido2Credential),
-                // });
+                var signature = await GenerateSignature(
+                    authData: authenticatorData,
+                    clientDataHash: assertionParams.Hash,
+                    privateKey: selectedFido2Credential.KeyBytes
+                );

-                // TODO: IMPLEMENT this
                return new Fido2AuthenticatorGetAssertionResult
                {
                    SelectedCredential = new Fido2AuthenticatorGetAssertionSelectedCredential
@ -105,7 +106,7 @@ namespace Bit.Core.Services
                        UserHandle = selectedFido2Credential.UserHandleValue
                    },
                    AuthenticatorData = authenticatorData,
-                    Signature = new byte[8]
+                    Signature = signature
                };
            } catch {
                _logService.Info(
@ -204,6 +205,21 @@ namespace Bit.Core.Services
        return flags;
    }

+    private async Task<byte[]> GenerateSignature(
+        byte[] authData,
+        byte[] clientDataHash,
+        byte[] privateKey
+    )
+    {
+        var sigBase = authData.Concat(clientDataHash).ToArray();
+        var signature = await _cryptoFunctionService.SignAsync(sigBase, privateKey, new CryptoSignEcdsaOptions
+        {
+            Algorithm = CryptoSignEcdsaOptions.EcdsaAlgorithm.EcdsaP256Sha256,
+            SignatureFormat = CryptoSignEcdsaOptions.DsaSignatureFormat.Rfc3279DerSequence
+        });
+
+        return signature;
+    }

    private string GuidToStandardFormat(byte[] bytes)
    {
--- a/src/Core/Services/PclCryptoFunctionService.cs
+++ b/src/Core/Services/PclCryptoFunctionService.cs
@ -4,6 +4,7 @@ using System.Text;
 using System.Threading.Tasks;
 using Bit.Core.Abstractions;
 using Bit.Core.Enums;
+using Bit.Core.Models.Domain;
 using PCLCrypto;
 using static PCLCrypto.WinRTCrypto;

@ -121,6 +122,16 @@ namespace Bit.Core.Services
            return okm.Take(outputByteSize).ToArray();
        }

+        public Task<byte[]> SignAsync(byte[] data, byte[] privateKey, ICryptoSignOptions options)
+        {
+            throw new NotSupportedException();
+
+            // Not supported on iOS and Android
+            // var provider = AsymmetricKeyAlgorithmProvider.OpenAlgorithm(AsymmetricAlgorithm.EcdsaP256Sha256);
+            // var cryptoKey = provider.ImportKeyPair(privateKey, CryptographicPrivateKeyBlobType.Pkcs8RawPrivateKeyInfo);
+            // return Task.FromResult(CryptographicEngine.Sign(cryptoKey, data));
+        }
+
        public Task<byte[]> HashAsync(string value, CryptoHashAlgorithm algorithm)
        {
            return HashAsync(Encoding.UTF8.GetBytes(value), algorithm);
--- a/test/Core.Test/Services/Fido2AuthenticatorTests.cs
+++ b/test/Core.Test/Services/Fido2AuthenticatorTests.cs
@ -306,6 +306,15 @@ namespace Bit.Core.Test.Services
            var rpIdHashMock = RandomBytes(32);
            sutProvider.GetDependency<ICryptoFunctionService>().HashAsync(aParams.RpId, CryptoHashAlgorithm.Sha256).Returns(rpIdHashMock);
            cipherView.Login.MainFido2Credential.CounterValue = 9000;
+            var signatureMock = RandomBytes(32);
+            sutProvider.GetDependency<ICryptoFunctionService>().SignAsync(
+                Arg.Any<byte[]>(),
+                Arg.Any<byte[]>(),
+                new CryptoSignEcdsaOptions { 
+                    Algorithm = CryptoSignEcdsaOptions.EcdsaAlgorithm.EcdsaP256Sha256,
+                    SignatureFormat = CryptoSignEcdsaOptions.DsaSignatureFormat.Rfc3279DerSequence
+                }
+            ).Returns(signatureMock);
            
            // Act
            var result = await sutProvider.Sut.GetAssertionAsync(aParams);
@ -316,12 +325,12 @@ namespace Bit.Core.Test.Services
            var flags = encAuthData.Skip(32).Take(1);
            var counter = encAuthData.Skip(33).Take(4);

-            Assert.Equal(result.SelectedCredential.Id, Guid.Parse(cipherView.Login.MainFido2Credential.CredentialId).ToByteArray());
-            Assert.Equal(result.SelectedCredential.UserHandle, CoreHelpers.Base64UrlDecode(cipherView.Login.MainFido2Credential.UserHandle));
-            Assert.Equal(rpIdHash, rpIdHashMock);
-            Assert.Equal(flags, new byte[] { 0b00000101 }); // UP = true, UV = true
-            Assert.Equal(counter, new byte[] { 0, 0, 0x23, 0x29 }); // 9001 in binary big-endian format
-            // TODO: Assert signature...
+            Assert.Equal(Guid.Parse(cipherView.Login.MainFido2Credential.CredentialId).ToByteArray(), result.SelectedCredential.Id);
+            Assert.Equal(CoreHelpers.Base64UrlDecode(cipherView.Login.MainFido2Credential.UserHandle), result.SelectedCredential.UserHandle);
+            Assert.Equal(rpIdHashMock, rpIdHash);
+            Assert.Equal(new byte[] { 0b00000101 }, flags); // UP = true, UV = true
+            Assert.Equal(new byte[] { 0, 0, 0x23, 0x29 }, counter); // 9001 in binary big-endian format
+            Assert.Equal(signatureMock, result.Signature);
        }

        [Theory]