CredentialPicker.PickAsync - 如何验证证书身份验证 [英] CredentialPicker.PickAsync - How to Validate Certificate Authentication
问题描述
Hello All,
使用CredentialPicker.PickAsync(System.String,System.String)函数时,无法验证某些用户凭据,因为返回的信息已加密且无法验证。
对于以下代码示例,我使用任意用户证书指定身份验证的结果。
如您所见,返回的信息未指定使用的证书信息,也无法清楚地辨别如何验证用户的凭据(AKA验证签名)。
注意:
建立在UWP 8.1桌面(不是电话)
var newCred = await CredentialPicker.PickAsync(" My-Target"," This is some message!");
var bytes = newCred.Credential.ToArray();
var msg = string.Format(" Credential(Length = {1}):{0} \\\\ nn",Convert.ToBase64String(bytes),bytes.Length);
msg + = string.Format(" CredentialUsername:{0} \\ nn",newCred.CredentialUserName);
msg + = string.Format(" CredentialPassword:{0} \\\\ n",newCred.CredentialPassword
.Replace(" \ a"," \\ a" ;)
.Replace(" \0"," \\\\")
.Replace(" \t"," \\t")
.Replace(" \b"," \\ b")
.Replace(" \f"," \\f")
.Replace (" \ n"," \\ n")
.Replace(" \r"," \\ r")
);
/ * MSG =
凭据(长度= 266):AQIAADAAAAACAQAAMAAAADwAAAAAAAAAAAAAAGwAAACOAAAAAAABAAAAAAAAAAAAQABAAEIASAAxADMASQBIAHoAZwA5AHAAbQBkAHEAQwBxAGQANgBlAGQAQQB5AFAAVABVAFgAdwBJAEsAHACOAC / Dvyj2EDhHmNEawGHfcWocAAAAcgAAAEAAQABEAAcACAAMAAoADQBnAEEAQQBBAEEAQQB4ADYAcABhAEIAQQBBAEEAQQBBAHcAdgBSAEEAUQBMAHIAcwBEAFYAaABSAGYAdABJAEIALQBmADEAdgBkAEsASwAjAFIASQByAGoAZgB6AGcALQBQAAAAAAAAAAAAAAAAAAAAAAA =
CredentialUsername:@@ BH13IHzg9pmdqCqd6edAyPTUXwIK
CredentialPassword:@@ D\a\ b \\\\\\ argAAAAAx6paBAAAAAwvRAQLrsDVhRftIB-f1vdKK#RIrjfzg-P
* /
- Rashad Rivera www.omegusprime.com
全部,
因为我知道有人会问:
- 否。 "Windows-universal-sample-master"不包括此主题。 此外,它甚至没有显示如何以编程方式使用调用返回的凭据;我觉得这是一个缺陷
- 没有。 返回的266个字节不代表用户指定的证书。
$
证书通常为500字节且更大。 如果是我指定的证书,则长度为789字节,并且如果更改了证书的完整性,我们知道此调用无法返回
用户指定的证书。- 号  MSDN文档不包括此方案。
提前致谢。
Hello All,
When using the CredentialPicker.PickAsync(System.String, System.String) function, there is no way to validate certain user credentials because the information returned is encrypted and unverifiable.
In the case of the following code sample, I specify the results of an authentication using an arbitrary user certificate. As you can see, the information returned does not specify the certificate information used, nor can we clearly discern how to validate the user’s credentials (AKA validating the signature).
NOTES:
Built on UWP 8.1 Desktop (NOT PHONE)
var newCred = await CredentialPicker.PickAsync("My-Target", "This is some message!");
var bytes = newCred.Credential.ToArray();
var msg = string.Format("Credential(Length = {1}): {0}\r\n", Convert.ToBase64String(bytes), bytes.Length);
msg += string.Format("CredentialUsername: {0}\r\n", newCred.CredentialUserName);
msg += string.Format("CredentialPassword: {0}\r\n", newCred.CredentialPassword
.Replace("\a", "\\a")
.Replace("\0", "\\0")
.Replace("\t", "\\t")
.Replace("\b", "\\b")
.Replace("\f", "\\f")
.Replace("\n", "\\n")
.Replace("\r", "\\r")
);
/* msg =
Credential(Length = 266): AQIAADAAAAACAQAAMAAAADwAAAAAAAAAAAAAAGwAAACOAAAAAAABAAAAAAAAAAAAQABAAEIASAAxADMASQBIAHoAZwA5AHAAbQBkAHEAQwBxAGQANgBlAGQAQQB5AFAAVABVAFgAdwBJAEsAHACOAC/Dvyj2EDhHmNEawGHfcWocAAAAcgAAAEAAQABEAAcACAAMAAoADQBnAEEAQQBBAEEAQQB4ADYAcABhAEIAQQBBAEEAQQBBAHcAdgBSAEEAUQBMAHIAcwBEAFYAaABSAGYAdABJAEIALQBmADEAdgBkAEsASwAjAFIASQByAGoAZgB6AGcALQBQAAAAAAAAAAAAAAAAAAAAAAA=
CredentialUsername: @@BH13IHzg9pmdqCqd6edAyPTUXwIK
CredentialPassword: @@D\a\b\f\n\rgAAAAAx6paBAAAAAwvRAQLrsDVhRftIB-f1vdKK#RIrjfzg-P
*/
- Rashad Rivera www.omegusprime.com
All,
Because I know someone is going to ask:
- No. The "Windows-universal-sample-master" does not cover this topic. In addition, it does not even show how to programmatically use the credentials returned by the call; which I feel is a deficiency
- No. The 266 bytes returned does NOT represent the certificates specified by the user.
Certificate are generally 500 bytes and greater in size. In the case of the certificate I specified, it is 789 bytes in length and because the integrity of the certificate would be violated if altered, we know that this call could not be returning the certificate specified by the user.- No. The MSDN documentation does not cover this scenario.
Thanks in advance.
这篇关于CredentialPicker.PickAsync - 如何验证证书身份验证的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
