com.webauthn4j.validator.attestation.trustworthiness.self.DefaultSelfAttestationTrustworthinessValidator Java Examples

The following examples show how to use com.webauthn4j.validator.attestation.trustworthiness.self.DefaultSelfAttestationTrustworthinessValidator. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: WebAuthnRegistrationManagerTest.java    From webauthn4j with Apache License 2.0 6 votes vote down vote up 
@Test
void constructor_test() {
    NoneAttestationStatementValidator noneAttestationStatementValidator = new NoneAttestationStatementValidator();
    PackedAttestationStatementValidator packedAttestationStatementValidator = new PackedAttestationStatementValidator();
    FIDOU2FAttestationStatementValidator fidoU2FAttestationStatementValidator = new FIDOU2FAttestationStatementValidator();
    AndroidKeyAttestationStatementValidator androidKeyAttestationStatementValidator = new AndroidKeyAttestationStatementValidator();
    TrustAnchorsResolver trustAnchorsResolver = TestAttestationUtil.createTrustAnchorProviderWith3tierTestRootCACertificate();
    WebAuthnRegistrationManager webAuthnRegistrationManager = new WebAuthnRegistrationManager(
            Arrays.asList(
                    noneAttestationStatementValidator,
                    packedAttestationStatementValidator,
                    fidoU2FAttestationStatementValidator,
                    androidKeyAttestationStatementValidator),
            new TrustAnchorCertPathTrustworthinessValidator(trustAnchorsResolver),
            new DefaultSelfAttestationTrustworthinessValidator()
    );
    assertThat(webAuthnRegistrationManager).isNotNull();
}
Example #2
Source File: WebAuthnManagerTest.java    From webauthn4j with Apache License 2.0 6 votes vote down vote up 
@Test
void constructor_test() {
    NoneAttestationStatementValidator noneAttestationStatementValidator = new NoneAttestationStatementValidator();
    PackedAttestationStatementValidator packedAttestationStatementValidator = new PackedAttestationStatementValidator();
    FIDOU2FAttestationStatementValidator fidoU2FAttestationStatementValidator = new FIDOU2FAttestationStatementValidator();
    AndroidKeyAttestationStatementValidator androidKeyAttestationStatementValidator = new AndroidKeyAttestationStatementValidator();
    TrustAnchorsResolver trustAnchorsResolver = TestAttestationUtil.createTrustAnchorProviderWith3tierTestRootCACertificate();
    WebAuthnManager webAuthnManager = new WebAuthnManager(
            Arrays.asList(
                    noneAttestationStatementValidator,
                    packedAttestationStatementValidator,
                    fidoU2FAttestationStatementValidator,
                    androidKeyAttestationStatementValidator),
            new TrustAnchorCertPathTrustworthinessValidator(trustAnchorsResolver),
            new DefaultSelfAttestationTrustworthinessValidator()
    );
    assertThat(webAuthnManager).isNotNull();
}
Example #3
Source File: FIDOU2FAuthenticatorRegistrationValidationTest.java    From webauthn4j with Apache License 2.0 5 votes vote down vote up 
@Test
void validate_with_bad_attestationStatement_test() {
    String rpId = "example.com";
    Challenge challenge = new DefaultChallenge();
    PublicKeyCredentialParameters publicKeyCredentialParameters
            = new PublicKeyCredentialParameters(PublicKeyCredentialType.PUBLIC_KEY, COSEAlgorithmIdentifier.ES256);
    PublicKeyCredentialCreationOptions credentialCreationOptions = new PublicKeyCredentialCreationOptions(
            new PublicKeyCredentialRpEntity(rpId, "example.com"),
            new PublicKeyCredentialUserEntity(),
            challenge,
            Collections.singletonList(publicKeyCredentialParameters)
    );

    AuthenticatorAttestationResponse authenticatorAttestationResponse = clientPlatform.create(credentialCreationOptions).getAuthenticatorResponse();
    Set<String> transports = authenticatorTransportConverter.convertSetToStringSet(authenticatorAttestationResponse.getTransports());
    ServerProperty serverProperty = new ServerProperty(origin, rpId, challenge, null);
    RegistrationRequest registrationRequest
            = new RegistrationRequest(
            authenticatorAttestationResponse.getAttestationObject(),
            authenticatorAttestationResponse.getClientDataJSON(),
            transports
    );
    RegistrationParameters registrationParameters
            = new RegistrationParameters(
            serverProperty,
            false,
            true,
            Collections.emptyList()
    );
    WebAuthnManager target = new WebAuthnManager(
            Collections.singletonList(fidoU2FAttestationStatementValidator),
            new TrustAnchorCertPathTrustworthinessValidator(mock(TrustAnchorsResolver.class)),
            new DefaultSelfAttestationTrustworthinessValidator()
    );

    assertThrows(BadAttestationStatementException.class,
            () -> target.validate(registrationRequest, registrationParameters)
    );
}
Example #4
Source File: WebAuthnRegister.java    From keycloak with Apache License 2.0 5 votes vote down vote up 
private WebAuthnRegistrationManager createWebAuthnRegistrationManager() {
    return new WebAuthnRegistrationManager(
            Arrays.asList(
                    new NoneAttestationStatementValidator(),
                    new PackedAttestationStatementValidator(),
                    new TPMAttestationStatementValidator(),
                    new AndroidKeyAttestationStatementValidator(),
                    new AndroidSafetyNetAttestationStatementValidator(),
                    new FIDOU2FAttestationStatementValidator()
            ), this.certPathtrustValidator,
            new DefaultSelfAttestationTrustworthinessValidator(),
            Collections.emptyList(), // Custom Registration Validator is not supported
            new ObjectConverter()
            );
}