public void TestSignatureFactoryStringInput() { SignatureFactory f = new SignatureFactory(); string buffer = "abcdefghijklmnopqrstuvwxyz"; string signature1 = f.Sign(buffer); Assert.IsTrue(f.Verify(buffer, signature1), "(1) correct signature verification"); Assert.IsFalse(f.Verify(new string(buffer.Reverse().ToArray()), signature1), "(2) incorrect signature verification"); // Test new Encryption instance based on existing Key and IV. f = new SignatureFactory(f.ExportPrivateKey()); string signature2 = f.Sign(buffer); Assert.IsTrue(f.Verify(buffer, signature1), "(3) correct signature verification "); Assert.IsTrue(f.Verify(buffer, signature2), "(4) correct signature verification "); Assert.IsFalse(f.Verify(new string(buffer.Reverse().ToArray()), signature2), "(5) incorrect signature verification"); Assert.AreNotEqual(buffer, signature1, "(6) signature should not be the same as original data"); }
public void TestSignatureFactoryByteArrayInput() { SignatureFactory f = new SignatureFactory(); byte[] buffer = new byte[300]; new Random().NextBytes(buffer); byte[] signature1 = f.Sign(buffer); Assert.AreNotEqual(string.Join(",", buffer), string.Join(",", signature1), "signature should not be the same as original data"); Assert.IsTrue(f.Verify(buffer, signature1), "(1) correct signature verification"); Assert.IsFalse(f.Verify(buffer.Reverse().ToArray(), signature1), "(2) incorrect signature verification"); Assert.IsFalse(f.Verify(buffer, signature1.Reverse().ToArray()), "(3) incorrect signature verification"); // Test new Encryption instance based on existing Key and IV. f = new SignatureFactory(f.ExportPrivateKey()); byte[] signature2 = f.Sign(buffer); Assert.IsTrue(f.Verify(buffer, signature1), "(4) correct signature verification "); Assert.IsTrue(f.Verify(buffer, signature2), "(5) correct signature verification "); Assert.IsFalse(f.Verify(buffer.Reverse().ToArray(), signature2), "(6) incorrect signature verification"); Assert.IsFalse(f.Verify(buffer, signature2.Reverse().ToArray()), "(7) incorrect signature verification"); Assert.AreNotEqual(buffer, signature1, "(8) signature should not be the same as original data"); }
/// <summary> /// Verifies a secure token against the account data. Returns true if the token is valid and un-expired. /// </summary> /// <param name="account">An AccountInfo representing the account which the user wishes to reset the password for.</param> /// <param name="token">The token which was created earlier.</param> /// <returns></returns> internal static bool VerifyToken(AccountInfo account, string token) { long timestamp = TimeUtil.GetTimeInMsSinceEpoch() / timestampDivisor; for (int i = 0; i <= expirationMultiplier; i++) // Try the current timestamp and up to [expirationMultiplier] previous timestamps. { string data = GetData(timestamp - i, account.Type, account.Identifier, account.Password); if (sigFactory.Verify(data, token)) { return(true); } } return(false); }