public void CreateHpkpResult_NegativeTimespanInConfig_ReturnsNull([Values(false, true)]bool reportOnly)
{
var hpkpConfig = new HpkpConfiguration { MaxAge = new TimeSpan(-1), Pins = _dummyPins };
Assert.IsNull(_generator.CreateHpkpResult(hpkpConfig, false));
Assert.IsNull(_generator.CreateHpkpResult(hpkpConfig, true));
}
public void ValidateNumberOfPins_TwoOrMore_NoException([Values(1, 0)] int maxageSeconds)
{
var age = new TimeSpan(0, 0, maxageSeconds);
var config2 = new HpkpConfiguration { MaxAge = age, Pins = new[] { "firstpin", "secondpin" } };
var config3 = new HpkpConfiguration { MaxAge = age, Pins = new[] { "firstpin", "secondpin", "thirdpin" } };
Assert.DoesNotThrow(() => _validator.ValidateNumberOfPins(config2));
Assert.DoesNotThrow(() => _validator.ValidateNumberOfPins(config3));
}
public void ValidateNumberOfPins_WithMaxAgeAndLessThanTwo_ThrowsException()
{
var age = new TimeSpan(0, 0, 1);
var config0 = new HpkpConfiguration { MaxAge = age, Pins = new string[] { } };
var config1 = new HpkpConfiguration { MaxAge = age, Pins = new[] { "firstpin" } };
Assert.Throws<Exception>(() => _validator.ValidateNumberOfPins(config0));
Assert.Throws<Exception>(() => _validator.ValidateNumberOfPins(config1));
}
public void ValidateNumberOfPins_ZeroMaxAgeAndLessThanTwo_NoException()
{
var age = TimeSpan.Zero;
var config0 = new HpkpConfiguration { MaxAge = age, Pins = new string[] { } };
var config1 = new HpkpConfiguration { MaxAge = age, Pins = new[] { "firstpin" } };
Assert.DoesNotThrow(() => _validator.ValidateNumberOfPins(config0));
Assert.DoesNotThrow(() => _validator.ValidateNumberOfPins(config1));
}
public void CreateHpkpResult_24hIncludeSubdomainsAndReportUri_ReturnsSetHpkpSubdomainsReportUriResult([Values(false, true)]bool reportOnly)
{
var hpkpConfig = new HpkpConfiguration { MaxAge = new TimeSpan(24, 0, 0), IncludeSubdomains = true, ReportUri = "https://nwebsec.com/report", Pins = _dummyPins };
var result = _generator.CreateHpkpResult(hpkpConfig, reportOnly);
Assert.IsNotNull(result);
Assert.AreEqual(HeaderResult.ResponseAction.Set, result.Action);
Assert.AreEqual(HpkpHeaderName(reportOnly), result.Name);
Assert.AreEqual("max-age=86400;includeSubdomains;pin-sha256=\"firstpin\";pin-sha256=\"secondpin\";report-uri=\"https://nwebsec.com/report\"", result.Value);
}
public void CreateHpkpResult_24hInConfig_ReturnsSetHpkpResult([Values(false, true)]bool reportOnly)
{
var hpkpConfig = new HpkpConfiguration { MaxAge = new TimeSpan(24, 0, 0), Pins = _dummyPins };
var result = _generator.CreateHpkpResult(hpkpConfig, reportOnly);
Assert.IsNotNull(result);
Assert.AreEqual(HeaderResult.ResponseAction.Set, result.Action);
Assert.AreEqual(HpkpHeaderName(reportOnly), result.Name);
Assert.AreEqual("max-age=86400;pin-sha256=\"firstpin\";pin-sha256=\"secondpin\"", result.Value);
}
public void CreateHpkpResult_ZeroTimespanInConfig_ReturnsSetHpkpResultWithMaxAgeOnly([Values(false, true)]bool reportOnly)
{
var hpkpConfig = new HpkpConfiguration { MaxAge = TimeSpan.Zero, IncludeSubdomains = true ,Pins = _dummyPins, ReportUri = "https://nwebsec.com/report"};
var result = _generator.CreateHpkpResult(hpkpConfig, reportOnly);
Assert.IsNotNull(result);
Assert.AreEqual(HeaderResult.ResponseAction.Set, result.Action);
Assert.AreEqual(HpkpHeaderName(reportOnly), result.Name);
Assert.AreEqual("max-age=0", result.Value);
}
