public async Task TestWithInvalidUserRequestAsync() { // arrange var obj = new { username = "******", password = "******" }; var repository = new Mock <IRepository>(); var settings = new ApplicationSettings(); var validationService = new Mock <ValidationService>(repository.Object, settings); var administrationService = new Mock <AdministrationService>(repository.Object, validationService.Object); var mailService = new Mock <MailService>(repository.Object); validationService .SetupGet(x => x.Bundles) .Returns(new ValidationBundles(validationService.Object)); var request = new UserRequest { Id = 1, Username = obj.username, RequestType = UserRequestType.Activation }; repository .Setup(x => x.GetAsync <UserRequest>(1)) .ReturnsAsync(request); var credentials = JObject.FromObject(obj); string q; using (var algorithm = TripleDES.Create()) { var ciphertext = CryptoUtilities.Encrypt(credentials.ToString(), algorithm.Key, algorithm.IV); q = 1 + ":" + ciphertext; } dynamic model = JObject.FromObject(new { q }); var accountService = new AccountService(repository.Object, validationService.Object, administrationService.Object, mailService.Object); // act var exception = await TestUtilities.ThrowsAsync <ServiceException>(async() => await accountService.ResetPasswordAsync(model)); // assert Assert.Equal(ServiceReason.InvalidUserRequest, exception.Reason); repository.Verify(x => x.GetAsync <UserRequest>(It.IsAny <int>()), Times.Once); }
// Encryption of goal description byte[] GetCipherText(string diaryText) { Account account = accountManager.CheckForAccount(); if (!account.Properties.TryGetValue("keymaterial", out string keyString)) { return(null); } byte[] keyMaterial = Convert.FromBase64String(keyString); return(CryptoUtilities.Encrypt(CryptoUtilities.StringToByteArray(diaryText), keyMaterial)); }
byte[] GetCipherText(string diaryText) { string keyString; if (!account.Properties.TryGetValue(kmKey, out keyString)) { return(null); } byte[] keyMaterial = Convert.FromBase64String(keyString); return(CryptoUtilities.Encrypt(CryptoUtilities.StringToByteArray(diaryText), keyMaterial)); }
public void TestDefaultBehavior() { // arrange var obj = new { plaintext = "secret" }; string ciphertext; // act using (var algorithm = TripleDES.Create()) { ciphertext = CryptoUtilities.Encrypt(obj.plaintext, algorithm.Key, algorithm.IV); } // assert Assert.NotEqual(obj.plaintext, ciphertext); }
public virtual async Task <string> CreateUserRequestAsync(string username, UserRequestType requestType) { var password = Guid.NewGuid().ToString(); var credentials = JObject.FromObject(new { username, password }); using (var algorithm = TripleDES.Create()) { var request = new UserRequest { Key = algorithm.Key, IV = algorithm.IV, Username = username, Password = CryptoUtilities.CreateHash(password), RequestType = requestType }; await _repository.InsertAsync(request); var ciphertext = CryptoUtilities.Encrypt(credentials.ToString(), algorithm.Key, algorithm.IV); return(HttpUtility.UrlEncode(request.Id + ":" + ciphertext)); } }
// To encrypt using stored copy of the key public void EncryptToFile(string filepath, byte[] protectedKey) { #region Parameter Checks if (null == filepath) { throw new ArgumentNullException("Filepath can't be empty."); } if (null == EncryptionInfo) { throw new NullReferenceException("EncryptionInfo can't be empty."); } if (null == EncryptionInfo.EncryptionKey) { throw new NullReferenceException("EncryptionKey can't be empty."); } if (null == EncryptionInfo.ValidationKey) { throw new NullReferenceException("ValidationKey can't be empty."); } if (null == EncryptionInfo.IV) { throw new NullReferenceException("IV can't be empty."); } if (null == EncryptionInfo.Salt) { throw new NullReferenceException("Salt can't be empty."); } #endregion Parameter Checks try { using (var cu = new CryptoUtilities(EncryptionInfo.SelectedAlgorithm)) { // Serialize and encrypt folder list XmlSerializer xsSubmit = new XmlSerializer(typeof(MvxObservableCollection <Folder>)); var xml = string.Empty; using (var sww = new StringWriter()) using (XmlWriter writer = XmlWriter.Create(sww)) { xsSubmit.Serialize(writer, FolderList); xml = sww.ToString(); // Serialized XML } // Unprotect the key and encrypt data Data = cu.Encrypt(Encoding.UTF8.GetBytes(xml), cu.UnprotectEncryptionKey(protectedKey, EncryptionInfo.EncryptionKey, EncryptionInfo.IV), EncryptionInfo.IV); // Serialize vault and save to file xsSubmit = new XmlSerializer(typeof(Vault)); xml = string.Empty; using (var sww = new StringWriter()) using (XmlWriter writer = XmlWriter.Create(sww)) { xsSubmit.Serialize(writer, GetInstance()); xml = sww.ToString(); // Serialized XML } File.WriteAllText(filepath, xml); //byte[] encodedText = Encoding.UTF8.GetBytes(xml); //using (FileStream sourceStream = new FileStream(filepath, // FileMode.Create, FileAccess.Write, FileShare.None, // bufferSize: 4096, useAsync: true)) //{ // await sourceStream.WriteAsync(encodedText, 0, encodedText.Length); //}; } } catch (Exception) { throw; } }
public void EncryptToFile(string filepath, SecureString password) { #region Parameter Checks if (null == filepath) { throw new ArgumentNullException("Filepath can't be empty"); } if (null == EncryptionInfo) { throw new NullReferenceException("EncryptionInfo can't be empty"); } if (null == EncryptionInfo.EncryptionKey) { throw new NullReferenceException("EncryptionKey can't be empty"); } if (null == EncryptionInfo.ValidationKey) { throw new NullReferenceException("ValidationKey can't be empty"); } if (null == EncryptionInfo.IV) { throw new NullReferenceException("IV can't be empty"); } if (null == EncryptionInfo.Salt) { throw new NullReferenceException("Salt can't be empty"); } #endregion Parameter Checks try { using (var cu = new CryptoUtilities(EncryptionInfo.SelectedAlgorithm)) { if (!CryptoUtilities.ValidatePassword(password, EncryptionInfo.ValidationKey, EncryptionInfo.Salt)) { throw new ArgumentException("Incorrect password"); } // Serialize and encrypt folder list XmlSerializer xsSubmit = new XmlSerializer(typeof(MvxObservableCollection <Folder>)); var xml = string.Empty; using (var sww = new StringWriter()) using (XmlWriter writer = XmlWriter.Create(sww)) { xsSubmit.Serialize(writer, FolderList); xml = sww.ToString(); // Serialized XML } // Unprotect the key and encrypt data Data = cu.Encrypt(Encoding.UTF8.GetBytes(xml), cu.UnprotectEncryptionKey(password, EncryptionInfo.EncryptionKey, EncryptionInfo.Salt, EncryptionInfo.IV), EncryptionInfo.IV); // Serialize vault and save to file xsSubmit = new XmlSerializer(typeof(Vault)); xml = string.Empty; using (var sww = new StringWriter()) using (XmlWriter writer = XmlWriter.Create(sww)) { xsSubmit.Serialize(writer, GetInstance()); xml = sww.ToString(); // Serialized XML } File.WriteAllText(filepath, xml); } } catch (Exception) { throw; } }
public async Task TestDefaultBehaviorAsync() { // arrange var obj = new { username = "******" }; var repository = new Mock <IRepository>(); var settings = new ApplicationSettings(); var validationService = new Mock <ValidationService>(repository.Object, settings); var administrationService = new Mock <AdministrationService>(repository.Object, validationService.Object); var mailService = new Mock <MailService>(repository.Object); var user = new User { Username = obj.username }; var request = new UserRequest { Id = 1, Username = obj.username, RequestType = UserRequestType.Activation }; var userSet = TestUtilities.CreateDbSetMock(new List <User> { user }); repository .Setup(x => x.AsQueryable <User>()) .Returns(userSet.Object); repository .Setup(x => x.GetAsync <User>(1)) .ReturnsAsync(user); repository .Setup(x => x.GetAsync <UserRequest>(1)) .ReturnsAsync(request); var password = Guid.NewGuid().ToString(); var credentials = JObject.FromObject(new { obj.username, password }); string q; using (var algorithm = TripleDES.Create()) { request.Key = algorithm.Key; request.IV = algorithm.IV; request.Password = CryptoUtilities.CreateHash(password); var ciphertext = CryptoUtilities.Encrypt(credentials.ToString(), algorithm.Key, algorithm.IV); q = 1 + ":" + ciphertext; } dynamic model = JObject.FromObject(new { q }); var accountService = new AccountService(repository.Object, validationService.Object, administrationService.Object, mailService.Object); // act await TestUtilities.DoesNotThrowAsync(async() => await accountService.ActivateAsync(model)); // assert Assert.True(user.Enabled); repository.Verify(x => x.GetAsync <UserRequest>(It.IsAny <int>()), Times.Once); repository.Verify(x => x.AsQueryable <User>(), Times.Once); repository.Verify(x => x.UpdateAsync(user), Times.Once()); repository.Verify(x => x.UpdateAsync(request), Times.Once()); }
public async Task TestWithInvalidPasswordAsync() { // arrange var obj = new { username = "******", password = "******" }; var repository = new Mock <IRepository>(); var settings = new ApplicationSettings(); var validationService = new Mock <ValidationService>(repository.Object, settings); var administrationService = new Mock <AdministrationService>(repository.Object, validationService.Object); var mailService = new Mock <MailService>(repository.Object); validationService .SetupGet(x => x.Bundles) .Returns(new ValidationBundles(validationService.Object)); var user = new User { Username = obj.username }; var request = new UserRequest { Id = 1, Username = obj.username, RequestType = UserRequestType.ResetPassword }; var userSet = TestUtilities.CreateDbSetMock(new List <User> { user }); repository .Setup(x => x.AsQueryable <User>()) .Returns(userSet.Object); repository .Setup(x => x.GetAsync <UserRequest>(1)) .ReturnsAsync(request); var password = Guid.NewGuid().ToString(); var credentials = JObject.FromObject(obj); string q; using (var algorithm = TripleDES.Create()) { request.Key = algorithm.Key; request.IV = algorithm.IV; request.Password = CryptoUtilities.CreateHash(password); var ciphertext = CryptoUtilities.Encrypt(credentials.ToString(), algorithm.Key, algorithm.IV); q = 1 + ":" + ciphertext; } dynamic model = JObject.FromObject(new { q }); var accountService = new AccountService(repository.Object, validationService.Object, administrationService.Object, mailService.Object); // act var exception = await TestUtilities.ThrowsAsync <ServiceException>(async() => await accountService.ResetPasswordAsync(model)); // assert Assert.Equal(ServiceReason.ResetPasswordError, exception.Reason); Assert.Null(user.Password); repository.Verify(x => x.GetAsync <UserRequest>(It.IsAny <int>()), Times.Once); repository.Verify(x => x.AsQueryable <User>(), Times.Never); repository.Verify(x => x.UpdateAsync(user), Times.Never()); repository.Verify(x => x.UpdateAsync(request), Times.Never()); }