[PM-5731] feat: implement signing

src/Core/Abstractions/ICryptoFunctionService.cs

@@ -21,7 +21,6 @@ namespace Bit.Core.Abstractions
         Task<byte[]> HkdfAsync(byte[] ikm, byte[] salt, byte[] info, int outputByteSize, HkdfAlgorithm algorithm);
         Task<byte[]> HkdfExpandAsync(byte[] prk, string info, int outputByteSize, HkdfAlgorithm algorithm);
         Task<byte[]> HkdfExpandAsync(byte[] prk, byte[] info, int outputByteSize, HkdfAlgorithm algorithm);
-        Task<byte[]> SignAsync(byte[] data, byte[] privateKey, ICryptoSignOptions options);
         Task<byte[]> HashAsync(string value, CryptoHashAlgorithm algorithm);
         Task<byte[]> HashAsync(byte[] value, CryptoHashAlgorithm algorithm);
         Task<byte[]> HmacAsync(byte[] value, byte[] key, CryptoHashAlgorithm algorithm);

src/Core/Models/Domain/CryptoEcdsaAlgorithm.cs

@@ -1,6 +0,0 @@
-namespace Bit.Core.Models.Domain
-{
-    public enum CryptoEcdsaAlgorithm : byte {
-        P256Sha256 = 0,
-    }
-}

src/Core/Models/Domain/CryptoSignEcdsaOptions.cs

@@ -1,13 +0,0 @@
-namespace Bit.Core.Models.Domain
-{
-    public struct CryptoSignEcdsaOptions : ICryptoSignOptions
-    {
-        public enum DsaSignatureFormat : byte {
-            IeeeP1363FixedFieldConcatenation = 0,
-            Rfc3279DerSequence = 1
-        }
-
-        public CryptoEcdsaAlgorithm Algorithm { get; set; }
-        public DsaSignatureFormat SignatureFormat { get; set; }
-    }
-}

src/Core/Models/Domain/ICryptoSignOptions.cs

@@ -1,6 +0,0 @@
-namespace Bit.Core.Models.Domain
-{
-    public interface ICryptoSignOptions
-    {
-    }
-}

src/Core/Services/Fido2AuthenticatorService.cs

@@ -5,6 +5,7 @@ using Bit.Core.Models.Domain;
 using Bit.Core.Utilities.Fido2;
 using Bit.Core.Utilities;
 using System.Formats.Cbor;
+using System.Security.Cryptography;
 
 namespace Bit.Core.Services
 {
@@ -184,7 +185,7 @@ namespace Bit.Core.Services
                     counter: selectedFido2Credential.CounterValue
                 );
 
-                var signature = await GenerateSignature(
+                var signature = GenerateSignature(
                     authData: authenticatorData,
                     clientDataHash: assertionParams.Hash,
                     privateKey: selectedFido2Credential.KeyBytes
@@ -286,8 +287,8 @@ namespace Bit.Core.Services
         // TODO: Move this to a separate service
         private (PublicKey publicKey, byte[] privateKey) GenerateKeyPair()
         {
-            var dsa = System.Security.Cryptography.ECDsa.Create();
+            var dsa = ECDsa.Create();
-            dsa.GenerateKey(System.Security.Cryptography.ECCurve.NamedCurves.nistP256);
+            dsa.GenerateKey(ECCurve.NamedCurves.nistP256);
             var privateKey = dsa.ExportPkcs8PrivateKey();
 
             return (new PublicKey(dsa), privateKey);
@@ -400,20 +401,19 @@ namespace Bit.Core.Services
             return attestationObject.Encode();
         }
 
-        private async Task<byte[]> GenerateSignature(
+        // TODO: Move this to a separate service
-            byte[] authData,
+        private byte[] GenerateSignature(byte[] authData, byte[] clientDataHash, byte[] privateKey)
-            byte[] clientDataHash,
-            byte[] privateKey
-        )
         {
             var sigBase = authData.Concat(clientDataHash).ToArray();
-            var signature = await _cryptoFunctionService.SignAsync(sigBase, privateKey, new CryptoSignEcdsaOptions
+            var dsa = ECDsa.Create();
-            {
+            dsa.ImportPkcs8PrivateKey(privateKey, out var bytesRead);
-                Algorithm = CryptoEcdsaAlgorithm.P256Sha256,
-                SignatureFormat = CryptoSignEcdsaOptions.DsaSignatureFormat.Rfc3279DerSequence
-            });
 
-            return signature;
+            if (bytesRead == 0) 
+            {
+                throw new Exception("Failed to import private key");
+            }
+
+            return dsa.SignData(sigBase, HashAlgorithmName.SHA256);
         }
 
         private string GuidToStandardFormat(byte[] bytes)
@@ -428,9 +428,9 @@ namespace Bit.Core.Services
 
         private class PublicKey
         {
-            private readonly System.Security.Cryptography.ECDsa _dsa;
+            private readonly ECDsa _dsa;
 
-            public PublicKey(System.Security.Cryptography.ECDsa dsa) {
+            public PublicKey(ECDsa dsa) {
                 _dsa = dsa;
             }
 

src/Core/Services/PclCryptoFunctionService.cs

@@ -122,16 +122,6 @@ namespace Bit.Core.Services
             return okm.Take(outputByteSize).ToArray();
         }
 
-        public Task<byte[]> SignAsync(byte[] data, byte[] privateKey, ICryptoSignOptions options)
-        {
-            throw new NotSupportedException();
-
-            // Not supported on iOS and Android
-            // var provider = AsymmetricKeyAlgorithmProvider.OpenAlgorithm(AsymmetricAlgorithm.EcdsaP256Sha256);
-            // var cryptoKey = provider.ImportKeyPair(privateKey, CryptographicPrivateKeyBlobType.Pkcs8RawPrivateKeyInfo);
-            // return Task.FromResult(CryptographicEngine.Sign(cryptoKey, data));
-        }
-
         public Task<byte[]> HashAsync(string value, CryptoHashAlgorithm algorithm)
         {
             return HashAsync(Encoding.UTF8.GetBytes(value), algorithm);

test/Core.Test/Services/Fido2AuthenticatorGetAssertionTests.cs

@@ -16,6 +16,7 @@ using Xunit;
 using Bit.Core.Utilities;
 using System.Collections.Generic;
 using System.Linq;
+using System.Security.Cryptography;
 
 namespace Bit.Core.Test.Services
 {
@@ -290,7 +291,6 @@ namespace Bit.Core.Test.Services
 
         [Theory]
         [InlineCustomAutoData(new[] { typeof(SutProviderCustomization) })]
-        // Spec: Increment the credential associated signature counter
         public async Task GetAssertionAsync_ReturnsAssertion(SutProvider<Fido2AuthenticatorService> sutProvider, Fido2AuthenticatorGetAssertionParams aParams) {
             // Common Arrange
             var cipherView = CreateCipherView(null, "bitwarden.com", true);
@@ -303,34 +303,28 @@ namespace Bit.Core.Test.Services
             });
 
             // Arrange
+            var keyPair = GenerateKeyPair();
             var rpIdHashMock = RandomBytes(32);
+            aParams.Hash = RandomBytes(32);
             sutProvider.GetDependency<ICryptoFunctionService>().HashAsync(aParams.RpId, CryptoHashAlgorithm.Sha256).Returns(rpIdHashMock);
             cipherView.Login.MainFido2Credential.CounterValue = 9000;
-            var signatureMock = RandomBytes(32);
+            cipherView.Login.MainFido2Credential.KeyValue = CoreHelpers.Base64UrlEncode(keyPair.ExportPkcs8PrivateKey());
-            sutProvider.GetDependency<ICryptoFunctionService>().SignAsync(
-                Arg.Any<byte[]>(),
-                Arg.Any<byte[]>(),
-                new CryptoSignEcdsaOptions {
-                    Algorithm = CryptoEcdsaAlgorithm.P256Sha256,
-                    SignatureFormat = CryptoSignEcdsaOptions.DsaSignatureFormat.Rfc3279DerSequence
-                }
-            ).Returns(signatureMock);
             
             // Act
             var result = await sutProvider.Sut.GetAssertionAsync(aParams);
 
             // Assert
-            var encAuthData = result.AuthenticatorData;
+            var authData = result.AuthenticatorData;
-            var rpIdHash = encAuthData.Take(32);
+            var rpIdHash = authData.Take(32);
-            var flags = encAuthData.Skip(32).Take(1);
+            var flags = authData.Skip(32).Take(1);
-            var counter = encAuthData.Skip(33).Take(4);
+            var counter = authData.Skip(33).Take(4);
 
             Assert.Equal(Guid.Parse(cipherView.Login.MainFido2Credential.CredentialId).ToByteArray(), result.SelectedCredential.Id);
             Assert.Equal(CoreHelpers.Base64UrlDecode(cipherView.Login.MainFido2Credential.UserHandle), result.SelectedCredential.UserHandle);
             Assert.Equal(rpIdHashMock, rpIdHash);
             Assert.Equal(new byte[] { 0b00000101 }, flags); // UP = true, UV = true
             Assert.Equal(new byte[] { 0, 0, 0x23, 0x29 }, counter); // 9001 in binary big-endian format
-            Assert.Equal(signatureMock, result.Signature);
+            Assert.True(keyPair.VerifyData(authData.Concat(aParams.Hash).ToArray(), result.Signature, HashAlgorithmName.SHA256), "Signature verification failed");
         }
 
         [Theory]
@@ -364,6 +358,14 @@ namespace Bit.Core.Test.Services
             return bytes;
         }
 
+        private ECDsa GenerateKeyPair()
+        {
+            var dsa = ECDsa.Create();
+            dsa.GenerateKey(ECCurve.NamedCurves.nistP256);
+
+            return dsa;
+        }
+
         #nullable enable
         private CipherView CreateCipherView(string? credentialId, string? rpId, bool? discoverable)
         {
@@ -378,6 +380,7 @@ namespace Bit.Core.Test.Services
                             RpId = rpId ?? "bitwarden.com",
                             Discoverable = discoverable.HasValue ? discoverable.ToString() : "true",
                             UserHandleValue = RandomBytes(32),
+                            KeyValue = "MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgO4wC7AlY4eJP7uedRUJGYsAIJAd6gN1Vp7uJh6xXAp6hRANCAARGvr56F_t27DEG1Tzl-qJRhrTUtC7jOEbasAEEZcE3TiMqoWCan0sxKDPylhRYk-1qyrBC_feN1UtGWH57sROa"
                         }
                     }
                 }

test/Core.Test/Services/Fido2AuthenticatorMakeCredentialTests.cs

@@ -456,7 +456,7 @@ namespace Bit.Core.Test.Services
                             CredentialId = credentialId ?? Guid.NewGuid().ToString(),
                             RpId = rpId ?? "bitwarden.com",
                             Discoverable = discoverable.HasValue ? discoverable.ToString() : "true",
-                            UserHandleValue = RandomBytes(32),
+                            UserHandleValue = RandomBytes(32)
                         }
                     } : null
                 }