public void Should_Throw_Decrypting_Data_With_Wrong_DataCredentials()
{
const string data =
"r9y49J5oJiFTmPzvFtqf80ngL2Ymr90QzmTBptvhFsovZ4yBc06CU2wPhq0hSSLOkmbJq4NTy54sCIpmpIw7rM/QQQYvS5NRWH" +
"S7wHpSrgCU0FIP6G1Jp1Gx36ksy3/Z6KAyHY85LX99Odjl0SD3iIArtIQXNFHxIypNZWzdVgyWXKiOtBkKztAEYL+6vRJ8Uj1j" +
"5njMCThNJg3T0Ju+3QpjNUYpKd/dgOZRcm/z1ae0pcMiIUO0mpoeV0okSDnOEUGTTj3J2yrSxjeF39okufr0bwCQZQ7xQ8px2n" +
"BMiKuxwxGID9d9EjiQBvFofzNtDw56H/KQNwe57M4FfrV4Gv2JM+q3RyI0/81gOc+hXnIOq9Hi6PXl5DBfuPqQq7a6d0+WeyL2" +
"Q7/ruRwknggmUFxmgPadmZMTZS1XwcYBQtvLnXUtBiK+/asCCbNsZsM9qcUcpUn2hYIlpqu16Un7cA==";
DataCredentials wrongDataCredentials = new DataCredentials
{
DataHash = "IeyXbEWBTXXQYG+O0vv7munuGs0H0S4Jr7jzYV1ltCk=",
Secret = "v9Hx0oaQHLxyGuZdiYmszC3gTGyfYnc57zWLg+WaMus=",
};
IDecrypter decrypter = new Decrypter();
Exception exception = Assert.ThrowsAny <Exception>(() =>
decrypter.DecryptData <IDecryptedValue>(
data,
wrongDataCredentials
)
);
Assert.Matches(@"^Data hash mismatch at position \d+\.$", exception.Message);
Assert.IsType <PassportDataDecryptionException>(exception);
}
public void Should_Decrypt_Data()
{
Update update = _classFixture.Entity;
PassportData passportData = update.Message.PassportData;
EncryptedPassportElement element = passportData.Data.Single();
RSA key = EncryptionKey.ReadAsRsa();
IDecrypter decrypter = new Decrypter();
Credentials credentials = decrypter.DecryptCredentials(passportData.Credentials, key);
PersonalDetails personalDetails = decrypter.DecryptData <PersonalDetails>(
element.Data,
credentials.SecureData.PersonalDetails.Data
);
Assert.NotNull(personalDetails);
Assert.NotEmpty(personalDetails.FirstName);
Assert.NotEmpty(personalDetails.Gender);
Assert.NotEmpty(personalDetails.CountryCode);
Assert.Equal(2, personalDetails.CountryCode.Length);
Assert.NotEmpty(personalDetails.ResidenceCountryCode);
Assert.Equal(2, personalDetails.ResidenceCountryCode.Length);
Assert.NotEmpty(personalDetails.BirthDate);
Assert.InRange(personalDetails.Birthdate, new DateTime(1900, 1, 1), DateTime.Today);
}
public void Should_Decrypt_Personal_Details_Element()
{
PassportData passportData = GetPassportData();
IDecrypter decrypter = new Decrypter();
Credentials credentials =
decrypter.DecryptCredentials(passportData.Credentials, EncryptionKey.RsaPrivateKey);
EncryptedPassportElement element = Assert.Single(passportData.Data, el => el.Type == "personal_details");
PersonalDetails personalDetails = decrypter.DecryptData <PersonalDetails>(
encryptedData: element.Data,
dataCredentials: credentials.SecureData.PersonalDetails.Data
);
Assert.Equal("Poulad", personalDetails.FirstName);
Assert.Equal("Ashrafpour", personalDetails.LastName);
Assert.Equal("پولاد", personalDetails.FirstNameNative);
Assert.Equal("اشرف پور", personalDetails.LastNameNative);
Assert.Empty(personalDetails.MiddleName);
Assert.Empty(personalDetails.MiddleNameNative);
Assert.Equal("male", personalDetails.Gender);
Assert.Equal(PassportEnums.Gender.Male, personalDetails.Gender);
Assert.Equal("US", personalDetails.CountryCode); // U.S.A
Assert.Equal("IR", personalDetails.ResidenceCountryCode); // Iran
Assert.Equal("30.07.1990", personalDetails.BirthDate);
Assert.InRange(personalDetails.Birthdate, new DateTime(1990, 7, 30), new DateTime(1990, 7, 30, 1, 0, 0));
}
public void Should_Decrypt_Address_Data()
{
const string data =
"r9y49J5oJiFTmPzvFtqf80ngL2Ymr90QzmTBptvhFsovZ4yBc06CU2wPhq0hSSLOkmbJq4NTy54sCIpmpIw7rM/QQQYvS5NRWH" +
"S7wHpSrgCU0FIP6G1Jp1Gx36ksy3/Z6KAyHY85LX99Odjl0SD3iIArtIQXNFHxIypNZWzdVgyWXKiOtBkKztAEYL+6vRJ8Uj1j" +
"5njMCThNJg3T0Ju+3QpjNUYpKd/dgOZRcm/z1ae0pcMiIUO0mpoeV0okSDnOEUGTTj3J2yrSxjeF39okufr0bwCQZQ7xQ8px2n" +
"BMiKuxwxGID9d9EjiQBvFofzNtDw56H/KQNwe57M4FfrV4Gv2JM+q3RyI0/81gOc+hXnIOq9Hi6PXl5DBfuPqQq7a6d0+WeyL2" +
"Q7/ruRwknggmUFxmgPadmZMTZS1XwcYBQtvLnXUtBiK+/asCCbNsZsM9qcUcpUn2hYIlpqu16Un7cA==";
DataCredentials dataCredentials = new DataCredentials
{
DataHash = "s8B6UA9rwy3Z+rNvqSyJf/qGyKD01XnWDkF+esIzm14=",
Secret = "s5+CjA48fIOabQuvTHJGu5JLvPrCbhN/AFtJg5hxJg4=",
};
IDecrypter decrypter = new Decrypter();
ResidentialAddress address = decrypter.DecryptData <ResidentialAddress>(data, dataCredentials);
Assert.Equal("123 Maple Street", address.StreetLine1);
Assert.Equal("Unit 4", address.StreetLine2);
Assert.Equal("A1A 1A1", address.PostCode);
Assert.Equal("Toronto", address.City);
Assert.Equal("Ontario", address.State);
Assert.Equal("CA", address.CountryCode);
}
public void Should_Decrypt_Identity_Card_Element_Document()
{
Update update = _classFixture.Entity;
PassportData passportData = update.Message.PassportData;
RSA key = EncryptionKey.ReadAsRsa();
IDecrypter decrypter = new Decrypter();
Credentials credentials = decrypter.DecryptCredentials(passportData.Credentials, key);
EncryptedPassportElement idCardEl = Assert.Single(passportData.Data, el => el.Type == "identity_card");
IdDocumentData documentData = decrypter.DecryptData <IdDocumentData>(
idCardEl.Data,
credentials.SecureData.IdentityCard.Data
);
Assert.NotEmpty(documentData.DocumentNo);
if (string.IsNullOrEmpty(documentData.ExpiryDate))
{
Assert.Null(documentData.Expiry);
}
else
{
Assert.NotNull(documentData.Expiry);
}
}
public void Should_Throw_If_Null_Secret()
{
IDecrypter decrypter = new Decrypter();
Exception exception = Assert.ThrowsAny <Exception>(() =>
decrypter.DecryptData <IDecryptedValue>("", new DataCredentials())
);
Assert.Matches(@"^Value cannot be null\.\s+Parameter name: Secret$", exception.Message);
Assert.IsType <ArgumentNullException>(exception);
}
public void Should_Throw_If_Invalid_Data_Hash(string dataHash)
{
DataCredentials dataCredentials = new DataCredentials {
Secret = "", DataHash = dataHash
};
IDecrypter decrypter = new Decrypter();
Assert.ThrowsAny <FormatException>(() =>
decrypter.DecryptData <IDecryptedValue>("dGV4dCBvZiAxNiBjaGFycw==", dataCredentials)
);
}
public void Should_Throw_If_Null_EncryptedContent()
{
IDecrypter decrypter = new Decrypter();
Exception exception = Assert.ThrowsAny <Exception>(() =>
decrypter.DecryptData <IDecryptedValue>(null, null)
);
Assert.Matches(@"^Value cannot be null\.\s+Parameter name: encryptedData$", exception.Message);
Assert.IsType <ArgumentNullException>(exception);
}
public void Should_Throw_If_Invalid_Data_Hash_Length(string dataHash)
{
DataCredentials dataCredentials = new DataCredentials {
Secret = "", DataHash = dataHash
};
IDecrypter decrypter = new Decrypter();
Exception exception = Assert.ThrowsAny <Exception>(() =>
decrypter.DecryptData <IDecryptedValue>("dGV4dCBvZiAxNiBjaGFycw==", dataCredentials)
);
Assert.Matches(@"^Hash length is not 32: \d+\.$", exception.Message);
Assert.IsType <PassportDataDecryptionException>(exception);
}
public void Should_Throw_If_Empty_Data_String_Length()
{
IDecrypter decrypter = new Decrypter();
DataCredentials dataCredentials = new DataCredentials {
Secret = "", DataHash = ""
};
Exception exception = Assert.ThrowsAny <Exception>(() =>
decrypter.DecryptData <IDecryptedValue>("", dataCredentials)
);
Assert.Matches(@"^Data is empty\.\s+Parameter name: encryptedData$", exception.Message);
Assert.IsType <ArgumentException>(exception);
}
public void Should_Throw_If_Invalid_Data_String_Length()
{
IDecrypter decrypter = new Decrypter();
DataCredentials dataCredentials = new DataCredentials {
Secret = "", DataHash = ""
};
Exception exception = Assert.ThrowsAny <Exception>(() =>
decrypter.DecryptData <IDecryptedValue>("AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==", dataCredentials)
);
Assert.Equal("Data length is not divisible by 16: 31.", exception.Message);
Assert.IsType <PassportDataDecryptionException>(exception);
}
public void Should_Throw_Decrypting_Unencrypted_Data_Invalid_Length()
{
DataCredentials dataCredentials = new DataCredentials
{
DataHash = "v3q47iscI6TS94CMo7HGQUOxw28LIf82NJBkImzP57c=",
Secret = "vF7nut7clg/H/pEaTJigo4mQJ0s8B+HGCWKTWtOTIdo=",
};
IDecrypter decrypter = new Decrypter();
Exception exception = Assert.ThrowsAny <Exception>(() =>
decrypter.DecryptData <IDecryptedValue>("dGV4dCBvZiAxNiBjaGFycw==", dataCredentials)
);
Assert.Matches(@"^Data hash mismatch at position \d+\.$", exception.Message);
Assert.IsType <PassportDataDecryptionException>(exception);
}
public void Should_Decrypt_Element_Document()
{
PassportData passportData = GetPassportData();
IDecrypter decrypter = new Decrypter();
Credentials credentials =
decrypter.DecryptCredentials(passportData.Credentials, EncryptionKey.RsaPrivateKey);
EncryptedPassportElement idCardEl = Assert.Single(passportData.Data, el => el.Type == "identity_card");
IdDocumentData documentData = decrypter.DecryptData <IdDocumentData>(
idCardEl.Data,
credentials.SecureData.IdentityCard.Data
);
Assert.Equal("9999R", documentData.DocumentNo);
Assert.Empty(documentData.ExpiryDate);
Assert.Null(documentData.Expiry);
}
public void Should_Decrypt_Document_Data()
{
PassportData passportData = GetPassportData();
IDecrypter decrypter = new Decrypter();
Credentials credentials =
decrypter.DecryptCredentials(passportData.Credentials, EncryptionKey.RsaPrivateKey);
EncryptedPassportElement licenseEl = Assert.Single(passportData.Data, el => el.Type == "driver_license");
IdDocumentData licenseDoc = decrypter.DecryptData <IdDocumentData>(
encryptedData: licenseEl.Data,
dataCredentials: credentials.SecureData.DriverLicense.Data
);
Assert.Equal("G544-061", licenseDoc.DocumentNo);
Assert.Equal("26.11.2022", licenseDoc.ExpiryDate);
Assert.NotNull(licenseDoc.Expiry);
Assert.InRange(licenseDoc.Expiry.Value, new DateTime(2022, 11, 26), new DateTime(2022, 11, 26, 0, 0, 1));
}
public void Should_Decrypt_Data()
{
Update update = _classFixture.Entity;
PassportData passportData = update.Message.PassportData;
EncryptedPassportElement element = passportData.Data.Single();
IDecrypter decrypter = new Decrypter();
Credentials credentials = decrypter.DecryptCredentials(passportData.Credentials, EncryptionKey.ReadAsRsa());
ResidentialAddress residentialAddress = decrypter.DecryptData <ResidentialAddress>(
element.Data,
credentials.SecureData.Address.Data
);
Assert.NotNull(residentialAddress);
Assert.NotEmpty(residentialAddress.StreetLine1);
Assert.NotEmpty(residentialAddress.City);
Assert.NotEmpty(residentialAddress.PostCode);
Assert.Equal(2, residentialAddress.CountryCode.Length);
}
public void Should_Throw_Decrypting_Data_To_NonConcrete_Type()
{
const string data =
"r9y49J5oJiFTmPzvFtqf80ngL2Ymr90QzmTBptvhFsovZ4yBc06CU2wPhq0hSSLOkmbJq4NTy54sCIpmpIw7rM/QQQYvS5NRWH" +
"S7wHpSrgCU0FIP6G1Jp1Gx36ksy3/Z6KAyHY85LX99Odjl0SD3iIArtIQXNFHxIypNZWzdVgyWXKiOtBkKztAEYL+6vRJ8Uj1j" +
"5njMCThNJg3T0Ju+3QpjNUYpKd/dgOZRcm/z1ae0pcMiIUO0mpoeV0okSDnOEUGTTj3J2yrSxjeF39okufr0bwCQZQ7xQ8px2n" +
"BMiKuxwxGID9d9EjiQBvFofzNtDw56H/KQNwe57M4FfrV4Gv2JM+q3RyI0/81gOc+hXnIOq9Hi6PXl5DBfuPqQq7a6d0+WeyL2" +
"Q7/ruRwknggmUFxmgPadmZMTZS1XwcYBQtvLnXUtBiK+/asCCbNsZsM9qcUcpUn2hYIlpqu16Un7cA==";
DataCredentials dataCredentials = new DataCredentials
{
DataHash = "s8B6UA9rwy3Z+rNvqSyJf/qGyKD01XnWDkF+esIzm14=",
Secret = "s5+CjA48fIOabQuvTHJGu5JLvPrCbhN/AFtJg5hxJg4=",
};
IDecrypter decrypter = new Decrypter();
Assert.Throws <JsonSerializationException>(() =>
decrypter.DecryptData <IDecryptedValue>(data, dataCredentials)
);
}
public void Should_decrypt_address_element()
{
PassportData passportData = GetPassportData();
IDecrypter decrypter = new Decrypter();
Credentials credentials =
decrypter.DecryptCredentials(passportData.Credentials, EncryptionKey.RsaPrivateKey);
EncryptedPassportElement addressEl = Assert.Single(passportData.Data, el => el.Type == "address");
ResidentialAddress residentialAddress = decrypter.DecryptData <ResidentialAddress>(
encryptedData: addressEl.Data,
dataCredentials: credentials.SecureData.Address.Data
);
Assert.Equal("123 Maple Street", residentialAddress.StreetLine1);
Assert.Equal("Unit 4", residentialAddress.StreetLine2);
Assert.Equal("A1A 1A1", residentialAddress.PostCode);
Assert.Equal("Toronto", residentialAddress.City);
Assert.Equal("Ontario", residentialAddress.State);
Assert.Equal("CA", residentialAddress.CountryCode);
}
static async Task DecryptPassportDataAsync(Message message)
{
IDecrypter decrypter = new Decrypter();
// Step 1: Decrypt credentials
Credentials credentials = decrypter.DecryptCredentials(
message.PassportData.Credentials,
GetRsaPrivateKey()
);
// Step 2: Validate nonce
if (credentials.Nonce != "Test nonce for this demo")
{
throw new Exception($"Invalid nonce: \"{credentials.Nonce}\".");
}
// Step 3: Decrypt residential address using credentials
EncryptedPassportElement addressElement = message.PassportData.Data.Single(
el => el.Type == PassportEnums.Scope.Address
);
ResidentialAddress address = decrypter.DecryptData <ResidentialAddress>(
encryptedData: addressElement.Data,
dataCredentials: credentials.SecureData.Address.Data
);
// Step 4: Get phone number
string phoneNumber = message.PassportData.Data.Single(
el => el.Type == PassportEnums.Scope.PhoneNumber
).PhoneNumber;
await _botClient.SendTextMessageAsync(
message.From.Id,
"Your 🏠 address is:\n" +
$"{address.StreetLine1}\n" +
$"{address.City}, {address.CountryCode}\n" +
$"{address.PostCode}\n\n" +
$"📱 {phoneNumber}"
);
}
public void Should_Decrypt_Document_Data()
{
Update update = _classFixture.Entity;
PassportData passportData = update.Message.PassportData;
EncryptedPassportElement element = passportData.Data.Single();
RSA key = EncryptionKey.ReadAsRsa();
IDecrypter decrypter = new Decrypter();
Credentials credentials = decrypter.DecryptCredentials(passportData.Credentials, key);
IdDocumentData licenseDoc = decrypter.DecryptData <IdDocumentData>(
encryptedData: element.Data,
dataCredentials: credentials.SecureData.DriverLicense.Data
);
Assert.NotEmpty(licenseDoc.DocumentNo);
if (string.IsNullOrEmpty(licenseDoc.ExpiryDate))
{
Assert.Null(licenseDoc.Expiry);
}
else
{
Assert.NotNull(licenseDoc.Expiry);
}
}