From 0f302e2251a060c76b10e6c9cd924aa2bc470645 Mon Sep 17 00:00:00 2001 From: joegoldman2 <147369450+joegoldman2@users.noreply.github.com> Date: Wed, 28 Feb 2024 19:51:53 +0200 Subject: [PATCH] Update to .NET 8 (#503) * Update to .NET 8 * Remove GuidHelper --- Directory.Build.props | 3 +- Src/Directory.Build.props | 7 ++-- .../Fido2.BlazorWebAssembly.csproj | 2 +- .../Metadata/AuthenticatorStatus.cs | 2 +- Src/Fido2/AttestationFormat/Packed.cs | 12 +++---- Src/Fido2/AttestationFormat/Tpm.cs | 4 +-- Src/Fido2/Extensions/GuidHelper.cs | 34 ------------------- Src/Fido2/Objects/AttestedCredentialData.cs | 7 ++-- 8 files changed, 16 insertions(+), 55 deletions(-) delete mode 100644 Src/Fido2/Extensions/GuidHelper.cs diff --git a/Directory.Build.props b/Directory.Build.props index f6c346c7..7d240700 100644 --- a/Directory.Build.props +++ b/Directory.Build.props @@ -7,6 +7,7 @@ FIDO2 .NET library (WebAuthn) https://github.com/passwordless-lib/fido2-net-lib git + true fido2 webauthn Initial release https://github.com/passwordless-lib/fido2-net-lib @@ -15,7 +16,7 @@ - net6.0 + net8.0 enable true true diff --git a/Src/Directory.Build.props b/Src/Directory.Build.props index 1520c7df..e65a5950 100644 --- a/Src/Directory.Build.props +++ b/Src/Directory.Build.props @@ -2,12 +2,9 @@ - + $(AllowedOutputExtensionsInPackageBuildOutputFolder);.pdb - true - - - + \ No newline at end of file diff --git a/Src/Fido2.BlazorWebAssembly/Fido2.BlazorWebAssembly.csproj b/Src/Fido2.BlazorWebAssembly/Fido2.BlazorWebAssembly.csproj index f8af24e9..f39bc6cb 100644 --- a/Src/Fido2.BlazorWebAssembly/Fido2.BlazorWebAssembly.csproj +++ b/Src/Fido2.BlazorWebAssembly/Fido2.BlazorWebAssembly.csproj @@ -1,7 +1,7 @@  - net8.0 + $(SupportedTargetFrameworks) Fido2NetLib true enable diff --git a/Src/Fido2.Models/Metadata/AuthenticatorStatus.cs b/Src/Fido2.Models/Metadata/AuthenticatorStatus.cs index b5f44ee6..54d0e46b 100644 --- a/Src/Fido2.Models/Metadata/AuthenticatorStatus.cs +++ b/Src/Fido2.Models/Metadata/AuthenticatorStatus.cs @@ -8,7 +8,7 @@ namespace Fido2NetLib; /// /// /// -[JsonConverter(typeof(JsonStringEnumConverter))] +[JsonConverter(typeof(JsonStringEnumConverter))] public enum AuthenticatorStatus { /// diff --git a/Src/Fido2/AttestationFormat/Packed.cs b/Src/Fido2/AttestationFormat/Packed.cs index 04e41660..29929f65 100644 --- a/Src/Fido2/AttestationFormat/Packed.cs +++ b/Src/Fido2/AttestationFormat/Packed.cs @@ -74,7 +74,7 @@ public override ValueTask VerifyAsync(VerifyAttestation else { throw new Fido2VerificationException(Fido2ErrorCode.InvalidAttestation, "Malformed x5c cert found in packed attestation statement"); - } + } } // The attestation certificate attestnCert MUST be the first element in the array. @@ -109,15 +109,15 @@ public override ValueTask VerifyAsync(VerifyAttestation // 2c. If attestnCert contains an extension with OID 1.3.6.1.4.1.45724.1.1.4 (id-fido-gen-ce-aaguid) verify that the value of this extension matches the aaguid in authenticatorData if (aaguid != null) { - if (GuidHelper.FromBigEndian(aaguid).CompareTo(request.AuthData.AttestedCredentialData!.AaGuid) != 0) + if (new Guid(aaguid, bigEndian: true).CompareTo(request.AuthData.AttestedCredentialData!.AaGuid) != 0) throw new Fido2VerificationException(Fido2ErrorCode.InvalidAttestation, "aaguid present in packed attestation cert exts but does not match aaguid from authData"); } // id-fido-u2f-ce-transports - byte u2fTransports = U2FTransportsFromAttnCert(attestnCert.Extensions); - - // 2d. Optionally, inspect x5c and consult externally provided knowledge to determine whether attStmt conveys a Basic or AttCA attestation - + byte u2fTransports = U2FTransportsFromAttnCert(attestnCert.Extensions); + + // 2d. Optionally, inspect x5c and consult externally provided knowledge to determine whether attStmt conveys a Basic or AttCA attestation + return new(new VerifyAttestationResult(AttestationType.AttCa, trustPath)); } diff --git a/Src/Fido2/AttestationFormat/Tpm.cs b/Src/Fido2/AttestationFormat/Tpm.cs index bd4e0b47..d430ac4b 100644 --- a/Src/Fido2/AttestationFormat/Tpm.cs +++ b/Src/Fido2/AttestationFormat/Tpm.cs @@ -198,9 +198,9 @@ public override ValueTask VerifyAsync(VerifyAttestation // 5c. If aikCert contains an extension with OID 1.3.6.1.4.1.45724.1.1.4 (id-fido-gen-ce-aaguid) verify that the value of this extension matches the aaguid in authenticatorData if (AaguidFromAttnCertExts(aikCert.Extensions) is byte[] aaguid && (!aaguid.AsSpan().SequenceEqual(Guid.Empty.ToByteArray())) && - (GuidHelper.FromBigEndian(aaguid).CompareTo(request.AuthData.AttestedCredentialData!.AaGuid) != 0)) + (new Guid(aaguid, bigEndian: true).CompareTo(request.AuthData.AttestedCredentialData!.AaGuid) != 0)) { - throw new Fido2VerificationException($"aaguid malformed, expected {request.AuthData.AttestedCredentialData.AaGuid}, got {new Guid(aaguid)}"); + throw new Fido2VerificationException($"aaguid malformed, expected {request.AuthData.AttestedCredentialData.AaGuid}, got {new Guid(aaguid, bigEndian: true)}"); } return new(new VerifyAttestationResult(AttestationType.AttCa, trustPath)); diff --git a/Src/Fido2/Extensions/GuidHelper.cs b/Src/Fido2/Extensions/GuidHelper.cs deleted file mode 100644 index 3181ecb6..00000000 --- a/Src/Fido2/Extensions/GuidHelper.cs +++ /dev/null @@ -1,34 +0,0 @@ -using System; - -namespace Fido2NetLib; - -internal static class GuidHelper -{ - private static void SwapBytes(byte[] bytes, int index1, int index2) - { - byte temp = bytes[index1]; - bytes[index1] = bytes[index2]; - bytes[index2] = temp; - } - - /// - /// AAGUID is sent as big endian byte array, this converter is for little endian systems. - /// - public static Guid FromBigEndian(byte[] bytes) - { - if (!BitConverter.IsLittleEndian) - { - // we're already on a big-endian system, keep the bytes as is - return new Guid(bytes); - } - - // swap the bytes to little-endian - - SwapBytes(bytes, 0, 3); - SwapBytes(bytes, 1, 2); - SwapBytes(bytes, 4, 5); - SwapBytes(bytes, 6, 7); - - return new Guid(bytes); - } -} diff --git a/Src/Fido2/Objects/AttestedCredentialData.cs b/Src/Fido2/Objects/AttestedCredentialData.cs index 28f75f7f..94deffd1 100644 --- a/Src/Fido2/Objects/AttestedCredentialData.cs +++ b/Src/Fido2/Objects/AttestedCredentialData.cs @@ -99,11 +99,8 @@ internal static AttestedCredentialData Parse(ReadOnlyMemory data, out int position += 16; -#if NET8_0_OR_GREATER - Guid aaGuid = new Guid(aaGuidBytes, isBigEndian: true); -#else - Guid aaGuid = GuidHelper.FromBigEndian(aaGuidBytes.ToArray()); -#endif + var aaGuid = new Guid(aaGuidBytes.Span, bigEndian: true); + // Byte length of Credential ID, 16-bit unsigned big-endian integer. var credentialIDLen = BinaryPrimitives.ReadUInt16BigEndian(data.Slice(position, 2).Span); if (credentialIDLen > _maxCredentialIdLength)