public void DpapiCredentialStore_Get_ReadProtectedFile() { var fs = new TestFileSystem(); var store = new DpapiCredentialStore(fs, TestStoreRoot, TestNamespace); string service = "https://example.com"; const string userName = "******"; const string password = "******"; // [SuppressMessage("Microsoft.Security", "CS001:SecretInline", Justification="Fake credential")] string serviceSlug = Path.Combine(TestNamespace, "https", "example.com"); string fileName = $"{userName}.credential"; string filePath = Path.Combine(TestStoreRoot, serviceSlug, fileName); byte[] plainData = Encoding.UTF8.GetBytes(password); byte[] cryptoData = ProtectedData.Protect(plainData, null, DataProtectionScope.CurrentUser); string cryptoLine0 = Convert.ToBase64String(cryptoData); var contents = new StringBuilder(); contents.AppendLine(cryptoLine0); contents.AppendLine($"service={service}"); contents.AppendLine($"account={userName}"); contents.AppendLine(); byte[] data = Encoding.UTF8.GetBytes(contents.ToString()); fs.Directories.Add(Path.Combine(TestStoreRoot, serviceSlug)); fs.Files[filePath] = data; ICredential credential = store.Get(service, userName); Assert.Equal(password, credential.Password); Assert.Equal(userName, credential.Account); }
public void DpapiCredentialStore_Get_KeyNotFound_ReturnsNull() { var fs = new TestFileSystem(); var store = new DpapiCredentialStore(fs, TestStoreRoot, TestNamespace); // Unique service; guaranteed not to exist! string service = Guid.NewGuid().ToString("N"); ICredential credential = store.Get(service, account: null); Assert.Null(credential); }