WebAuthN与BouncyCastle in .Net

Question

我正在为YubiKey和webAuthN做一个概念证明；我认为我已经完成了基本步骤，但我在验证签名时遇到了一些问题；

对于我来说，有几个地方可能出了问题：

1)当我执行"navigator.credentials.create“时，我获得了发送给服务器的凭据对象。

2)在服务器上，我得到了COSE公钥；它有一个X和Y点(这是椭圆曲线加密)

3)我将X和Y (32 Bytes Uint8Array)转换为Org.BouncyCastle.Math.BigInteger --这里的一个问题是，有时这些X和Y坐标产生负的BigInteger (设置了最左边的位)--我读到这意味着这是“引导”零字节，即33字节数组，字节0为"0“--不确定这是否属实，但在设置第一个位的情况下找不到另一个指令。

4)我从"navigator.credentials.get“获得断言并将其发送到服务器

5)我使用前一步中的X和Y来构建公钥，

6)我使用Base64Decode将clientDataJSON和authenticatorData从断言解码到各自的ByteArrays

7)使用clientDataJSON对“SHA256”元素进行散列

8)我构建了一个包含原始"authenticatorData“和哈希"clientDataJSON”(级联)的字节数组。

9)我使用Base64Decode从断言中解码签名元素

10)我使用上面的公钥创建一个Org.BouncyCastle.Crypto.Signers.ECDsaSigner

11)我在级联的VerifySignature和ClientDataHash上使用了ClientDataHash。

这总是返回"FALSE“(即错误签名)。

以下是一些相关代码：

//Load the Base64 Encoded ByteArrays for the PublicKey X and Y (stored when registered)
Dim EncryptionX as Byte() = Base64Decode(SavedPublicKey.X)
Dim EncryptionY as Byte() = Base64Decode(SavedPublicKey.Y)


//Decode signature and AuthenticatorData elements from assertion
Dim Signature as Byte() = Base64Decode(Assertion.Signature)
Dim authenticatorData as Byte() = Base64Decode(Assertion.authenticatorData)


//Decode and HASH ClientDataJson element form assertion
Dim ClientDataJson as Byte() = Base64Decode(Assertion.ClientDataJson)
Dim shaHash = SHA256.Create
Dim ClientDataHash As Byte() = shaHash.ComputeHash(ClientDataJson)

//Concatenate the AuthenticatorData and ClientDataHash
Dim CombinedMessage as List(Of Byte)
CombinedMessage.AddRange(authenticatorData)
CombinedMessage.AddRange(ClientDataHash)
Dim MessageToValidate as Byte()=CombinedMessage.ToArray()


//Get the secp256r1 Curve (I think this is the correct curve for WebAuthN
Dim x9ecpPar As Org.BouncyCastle.Asn1.X9.X9ECParameters = Org.BouncyCastle.Asn1.Sec.SecNamedCurves.GetByName("secp256r1")

Dim ECCcurve As Org.BouncyCastle.Math.EC.ECCurve = x9ecpPar.Curve

//build the "point" form the curve and the X and Y points
Dim Q As Org.BouncyCastle.Math.EC.ECPoint = ECCcurve.CreatePoint(New Org.BouncyCastle.Math.BigInteger(EncryptionX), New Org.BouncyCastle.Math.BigInteger(EncryptionY))

//Build the Public Keys from the "Q" point using ECDSA algorthim 
Dim PublicKey As Org.BouncyCastle.Crypto.Parameters.ECPublicKeyParameters = New Org.BouncyCastle.Crypto.Parameters.ECPublicKeyParameters("ECDSA", Q, Org.BouncyCastle.Asn1.Sec.SecObjectIdentifiers.SecP256r1)


//Get an ANS1 Input stream from the Signature ByteArray
Dim ASN1 = New Org.BouncyCastle.Asn1.Asn1InputStream(Signature)


Dim Sequence As Org.BouncyCastle.Asn1.Asn1Sequence = ASN1.ReadObject()

Dim eR As Org.BouncyCastle.Math.BigInteger = DirectCast(Sequence(0), Org.BouncyCastle.Asn1.DerInteger).PositiveValue

Dim eS As Org.BouncyCastle.Math.BigInteger = DirectCast(seq(1), Org.BouncyCastle.Asn1.DerInteger).PositiveValue

Dim signer As Org.BouncyCastle.Crypto.Signers.ECDsaSigner = New Org.BouncyCastle.Crypto.Signers.ECDsaSigner

signer.Init(False, PublicKey)
Dim SignatureGood As Boolean = signer.VerifySignature(MessageToValidate, er, es)


//**** SignatureGood  ALWAYS False *****

任何帮助都是非常感谢的！提前感谢！

Answer 1

由于最初打算深入WebAuthn (正如您所做的那样)，我最终只需要转到这个优秀的项目(https://github.com/abergs/fido2-net-lib)中(并为其做出贡献)。至少它会有您可以参考的代码。

我可能会从这里开始：https://github.com/abergs/fido2-net-lib/blob/master/Src/Fido2/Objects/CredentialPublicKey.cs