Skip to content

DSInternals.Win32.WebAuthn.Cryptography.SoftwareAuthenticator.md

Latest commit

 

History

History
267 lines (150 loc) · 12.1 KB

DSInternals.Win32.WebAuthn.Cryptography.SoftwareAuthenticator.md

File metadata and controls

267 lines (150 loc) · 12.1 KB

Class SoftwareAuthenticator

Namespace: DSInternals.Win32.WebAuthn.Cryptography
Assembly: DSInternals.Win32.WebAuthn.dll

Software-based authenticator that signs WebAuthn requests using a PEM private key file, without requiring a hardware authenticator or the Windows WebAuthn API.

public static class SoftwareAuthenticator

Inheritance

objectSoftwareAuthenticator

Inherited Members

object.Equals(object?), object.Equals(object?, object?), object.GetHashCode(), object.GetType(), object.MemberwiseClone(), object.ReferenceEquals(object?, object?), object.ToString()

Fields

DefaultCredentialIdLength

public const int DefaultCredentialIdLength = 32

Field Value

int

Methods

DetectAlgorithm(AsymmetricAlgorithm)

Determines the COSE algorithm that matches the given private key.

public static Algorithm DetectAlgorithm(AsymmetricAlgorithm key)

Parameters

key AsymmetricAlgorithm

Returns

Algorithm

GenerateKeyPair(Algorithm)

public static AsymmetricAlgorithm GenerateKeyPair(Algorithm algorithm)

Parameters

algorithm Algorithm

Returns

AsymmetricAlgorithm

GenerateKeyPairPem(Algorithm)

Generates a private key for the requested COSE algorithm and exports it as PKCS#8 PEM.

public static string GenerateKeyPairPem(Algorithm algorithm)

Parameters

algorithm Algorithm

Returns

string

GetAssertion(string, byte[], Algorithm, uint, AuthenticatorFlags, byte[], byte[]?, AsymmetricAlgorithm, AuthenticatorAttachment)

Builds a complete assertion response signed with the given private key.

public static AssertionPublicKeyCredential GetAssertion(string relyingPartyId, byte[] challenge, Algorithm algorithm, uint signatureCounter, AuthenticatorFlags flags, byte[] credentialId, byte[]? userHandle, AsymmetricAlgorithm privateKey, AuthenticatorAttachment authenticatorAttachment = AuthenticatorAttachment.Any)

Parameters

relyingPartyId string

challenge byte[]

algorithm Algorithm

signatureCounter uint

flags AuthenticatorFlags

credentialId byte[]

userHandle byte[]?

privateKey AsymmetricAlgorithm

authenticatorAttachment AuthenticatorAttachment

Returns

AssertionPublicKeyCredential

GetAssertion(string, string?, byte[], Algorithm, uint, AuthenticatorFlags, byte[], byte[]?, AsymmetricAlgorithm, AuthenticatorAttachment)

Builds a complete assertion response signed with the given private key.

public static AssertionPublicKeyCredential GetAssertion(string hostName, string? relyingPartyId, byte[] challenge, Algorithm algorithm, uint signatureCounter, AuthenticatorFlags flags, byte[] credentialId, byte[]? userHandle, AsymmetricAlgorithm privateKey, AuthenticatorAttachment authenticatorAttachment = AuthenticatorAttachment.Any)

Parameters

hostName string

relyingPartyId string?

challenge byte[]

algorithm Algorithm

signatureCounter uint

flags AuthenticatorFlags

credentialId byte[]

userHandle byte[]?

privateKey AsymmetricAlgorithm

authenticatorAttachment AuthenticatorAttachment

Returns

AssertionPublicKeyCredential

ImportPrivateKeyFromPem(string)

Imports a private key from a PEM string. The caller is responsible for disposing the returned key.

public static AsymmetricAlgorithm ImportPrivateKeyFromPem(string pem)

Parameters

pem string

Returns

AsymmetricAlgorithm

ImportPrivateKeyFromPkcs8(byte[])

Imports a private key from DER-encoded PKCS#8 data. The caller is responsible for disposing the returned key.

public static AsymmetricAlgorithm ImportPrivateKeyFromPkcs8(byte[] privateKey)

Parameters

privateKey byte[]

Returns

AsymmetricAlgorithm

LoadPrivateKeyFromPem(string)

Loads a private key from a PEM file. The caller is responsible for disposing the returned key.

public static AsymmetricAlgorithm LoadPrivateKeyFromPem(string pemFilePath)

Parameters

pemFilePath string

Returns

AsymmetricAlgorithm

MakeCredential(RelyingPartyInformation, UserInformation, byte[], Algorithm, Guid, uint, AuthenticatorFlags, AsymmetricAlgorithm, byte[]?)

Builds a complete attestation response (packed self-attestation) signed with the given private key.

public static AttestationPublicKeyCredential MakeCredential(RelyingPartyInformation relyingParty, UserInformation user, byte[] challenge, Algorithm algorithm, Guid aaGuid, uint signatureCounter, AuthenticatorFlags flags, AsymmetricAlgorithm privateKey, byte[]? credentialId = null)

Parameters

relyingParty RelyingPartyInformation

user UserInformation

challenge byte[]

algorithm Algorithm

aaGuid Guid

signatureCounter uint

flags AuthenticatorFlags

privateKey AsymmetricAlgorithm

credentialId byte[]?

Returns

AttestationPublicKeyCredential

MakeCredential(RelyingPartyInformation, string, UserInformation, byte[], Algorithm, Guid, uint, AuthenticatorFlags, AsymmetricAlgorithm, byte[]?)

Builds a complete attestation response (packed self-attestation) signed with the given private key.

public static AttestationPublicKeyCredential MakeCredential(RelyingPartyInformation relyingParty, string hostName, UserInformation user, byte[] challenge, Algorithm algorithm, Guid aaGuid, uint signatureCounter, AuthenticatorFlags flags, AsymmetricAlgorithm privateKey, byte[]? credentialId = null)

Parameters

relyingParty RelyingPartyInformation

hostName string

user UserInformation

challenge byte[]

algorithm Algorithm

aaGuid Guid

signatureCounter uint

flags AuthenticatorFlags

privateKey AsymmetricAlgorithm

credentialId byte[]?

Returns

AttestationPublicKeyCredential