Search in sources :

Example 6 with PackedAttestationStatement

use of com.webauthn4j.data.attestation.statement.PackedAttestationStatement in project webauthn4j by webauthn4j.

the class PackedAuthenticator method createAttestationStatement.

@Override
public AttestationStatement createAttestationStatement(AttestationStatementRequest attestationStatementRequest, RegistrationEmulationOption registrationEmulationOption) {
    byte[] signature;
    if (registrationEmulationOption.isSignatureOverrideEnabled()) {
        signature = registrationEmulationOption.getSignature();
    } else {
        signature = TestDataUtil.calculateSignature(this.getAttestationKeyPair().getPrivate(), attestationStatementRequest.getSignedData());
    }
    AttestationOption attestationOption = registrationEmulationOption.getAttestationOption() == null ? new PackedAttestationOption() : registrationEmulationOption.getAttestationOption();
    X509Certificate attestationCertificate = getAttestationCertificate(attestationStatementRequest, attestationOption);
    AttestationCertificatePath attestationCertificatePath = new AttestationCertificatePath(attestationCertificate, this.getCACertificatePath());
    return new PackedAttestationStatement(COSEAlgorithmIdentifier.ES256, signature, attestationCertificatePath);
}
Also used : PackedAttestationStatement(com.webauthn4j.data.attestation.statement.PackedAttestationStatement) AttestationCertificatePath(com.webauthn4j.data.attestation.statement.AttestationCertificatePath) X509Certificate(java.security.cert.X509Certificate)

Example 7 with PackedAttestationStatement

use of com.webauthn4j.data.attestation.statement.PackedAttestationStatement in project webauthn4j by webauthn4j.

the class PackedAttestationStatementValidator method validate.

@Override
@NonNull
public AttestationType validate(@NonNull CoreRegistrationObject registrationObject) {
    AssertUtil.notNull(registrationObject, "registrationObject must not be null");
    if (!supports(registrationObject)) {
        throw new IllegalArgumentException("Specified format is not supported by " + this.getClass().getName());
    }
    PackedAttestationStatement attestationStatement = (PackedAttestationStatement) registrationObject.getAttestationObject().getAttestationStatement();
    validateAttestationStatementNotNull(attestationStatement);
    byte[] sig = attestationStatement.getSig();
    COSEAlgorithmIdentifier alg = attestationStatement.getAlg();
    byte[] attrToBeSigned = getAttToBeSigned(registrationObject);
    // If x5c is present,
    if (attestationStatement.getX5c() != null) {
        return validateX5c(registrationObject, attestationStatement, sig, alg, attrToBeSigned);
    } else // If x5c is not present, self attestation is in use.
    {
        return validateSelfAttestation(registrationObject, sig, alg, attrToBeSigned);
    }
}
Also used : PackedAttestationStatement(com.webauthn4j.data.attestation.statement.PackedAttestationStatement) COSEAlgorithmIdentifier(com.webauthn4j.data.attestation.statement.COSEAlgorithmIdentifier) NonNull(org.checkerframework.checker.nullness.qual.NonNull)

Example 8 with PackedAttestationStatement

use of com.webauthn4j.data.attestation.statement.PackedAttestationStatement in project webauthn4j by webauthn4j.

the class PackedAttestationStatementValidatorTest method validate_with_RSAx5c_test.

@Test
void validate_with_RSAx5c_test() throws Exception {
    KeyPair keyPair = RSAUtil.createKeyPair();
    AuthenticatorData<RegistrationExtensionAuthenticatorOutput> authenticatorData = TestDataUtil.createAuthenticatorData();
    byte[] clientData = TestDataUtil.createClientDataJSON(ClientDataType.WEBAUTHN_CREATE);
    byte[] signature = generateSignature("SHA256withRSA", keyPair, authenticatorData, clientData);
    AttestationCertificatePath x5c = generateCertPath(keyPair, "SHA256withRSA");
    PackedAttestationStatement packedAttestationStatement = new PackedAttestationStatement(COSEAlgorithmIdentifier.RS256, signature, x5c);
    AttestationObject attestationObject = new AttestationObject(authenticatorData, packedAttestationStatement);
    validate(clientData, attestationObject);
}
Also used : PackedAttestationStatement(com.webauthn4j.data.attestation.statement.PackedAttestationStatement) AttestationCertificatePath(com.webauthn4j.data.attestation.statement.AttestationCertificatePath) AttestationObject(com.webauthn4j.data.attestation.AttestationObject) RegistrationExtensionAuthenticatorOutput(com.webauthn4j.data.extension.authenticator.RegistrationExtensionAuthenticatorOutput) Test(org.junit.jupiter.api.Test)

Example 9 with PackedAttestationStatement

use of com.webauthn4j.data.attestation.statement.PackedAttestationStatement in project webauthn4j by webauthn4j.

the class PackedAttestationStatementValidatorTest method validateAttestationStatementNotNull_x5c_null_test.

@Test
void validateAttestationStatementNotNull_x5c_null_test() {
    PackedAttestationStatement attestationStatement = new PackedAttestationStatement(COSEAlgorithmIdentifier.ES256, new byte[32], null);
    assertThatCode(() -> target.validateAttestationStatementNotNull(attestationStatement)).doesNotThrowAnyException();
}
Also used : PackedAttestationStatement(com.webauthn4j.data.attestation.statement.PackedAttestationStatement) Test(org.junit.jupiter.api.Test)

Example 10 with PackedAttestationStatement

use of com.webauthn4j.data.attestation.statement.PackedAttestationStatement in project webauthn4j by webauthn4j.

the class DefaultSelfAttestationTrustworthinessValidatorTest method validate_basic_type_attestation_statement_test.

@Test
void validate_basic_type_attestation_statement_test() {
    DefaultSelfAttestationTrustworthinessValidator validator = new DefaultSelfAttestationTrustworthinessValidator();
    PackedAttestationStatement attestationStatement = TestAttestationStatementUtil.createBasicPackedAttestationStatement();
    assertThrows(BadAttestationStatementException.class, () -> validator.validate(attestationStatement));
}
Also used : PackedAttestationStatement(com.webauthn4j.data.attestation.statement.PackedAttestationStatement) Test(org.junit.jupiter.api.Test)

Aggregations

PackedAttestationStatement (com.webauthn4j.data.attestation.statement.PackedAttestationStatement)10 Test (org.junit.jupiter.api.Test)8 AttestationCertificatePath (com.webauthn4j.data.attestation.statement.AttestationCertificatePath)3 AttestationObject (com.webauthn4j.data.attestation.AttestationObject)1 AAGUID (com.webauthn4j.data.attestation.authenticator.AAGUID)1 COSEAlgorithmIdentifier (com.webauthn4j.data.attestation.statement.COSEAlgorithmIdentifier)1 RegistrationExtensionAuthenticatorOutput (com.webauthn4j.data.extension.authenticator.RegistrationExtensionAuthenticatorOutput)1 X509Certificate (java.security.cert.X509Certificate)1 NonNull (org.checkerframework.checker.nullness.qual.NonNull)1