public void GivenNullOrEmptyEncryptionKey_DoesNotThrow(string nullOrEmpty)
{
using (var hmac = SignatureAlgorithm.CreateForVerification(_unencryptedKey, HashAlgorithmName.SHA384)) {
Action act = () => SignatureAlgorithmDataRecordV2.FromSignatureAlgorithm(hmac, nullOrEmpty);
act.Should().NotThrow();
}
}
public async Task Register(Client client)
{
if (client == null)
{
throw new ArgumentNullException(nameof(client));
}
await _migrator.Migrate();
if (IsProhibitedId(client.Id))
{
throw new ArgumentException($"The id value of the specified {nameof(Client)} is prohibited ({client.Id}).", nameof(client));
}
var record = new ClientDataRecordV2 {
Id = client.Id,
Name = client.Name,
NonceLifetime = client.NonceLifetime.TotalSeconds,
ClockSkew = client.ClockSkew.TotalSeconds,
Claims = client.Claims?.Select(ClaimDataRecordV2.FromClaim)?.ToArray(),
SignatureAlgorithm = SignatureAlgorithmDataRecordV2.FromSignatureAlgorithm(client.SignatureAlgorithm, _encryptionKey),
RequestTargetEscaping = client.RequestTargetEscaping.ToString()
};
record.V = record.GetV();
var collection = _lazyCollection.Value;
await collection.ReplaceOneAsync(r => r.Id == record.Id, record, new ReplaceOptions { IsUpsert = true });
}
public void GivenUnsupportedAlgorithmType_ThrowsNotSupportedException()
{
var unsupported = new CustomSignatureAlgorithm("CUSTOM");
Action act = () => SignatureAlgorithmDataRecordV2.FromSignatureAlgorithm(unsupported, _encryptionKey);
act.Should().Throw <NotSupportedException>();
}
public void GivenNullOrEmptyEncryptionKey_DoesNotEncryptParameter(string nullOrEmpty)
{
using (var hmac = SignatureAlgorithm.CreateForVerification(_unencryptedKey, HashAlgorithmName.SHA384)) {
var actual = SignatureAlgorithmDataRecordV2.FromSignatureAlgorithm(hmac, nullOrEmpty);
actual.Parameter.Should().Be(_unencryptedKey);
actual.IsParameterEncrypted.Should().BeFalse();
}
}
public void GivenHMACAlgorithm_ReturnsExpectedDataRecord()
{
using (var hmac = SignatureAlgorithm.CreateForVerification(_unencryptedKey, HashAlgorithmName.SHA384)) {
var actual = SignatureAlgorithmDataRecordV2.FromSignatureAlgorithm(hmac, _encryptionKey);
var expected = new SignatureAlgorithmDataRecordV2 {
Type = "HMAC",
HashAlgorithm = HashAlgorithmName.SHA384.Name,
IsParameterEncrypted = true
};
actual.Should().BeEquivalentTo(expected, opts => opts.Excluding(_ => _.Parameter));
actual.Parameter.Should().NotBe(_unencryptedKey);
}
}
public void GivenECDsaAlgorithm_ReturnsExpectedDataRecord()
{
using (var ecdsa = ECDsa.Create()) {
using (var ecdsaAlg = SignatureAlgorithm.CreateForVerification(ecdsa, HashAlgorithmName.SHA384)) {
var actual = SignatureAlgorithmDataRecordV2.FromSignatureAlgorithm(ecdsaAlg, _encryptionKey);
var expected = new SignatureAlgorithmDataRecordV2 {
Type = "ECDsa",
Parameter = ecdsa.ExportParameters(false).ToXml(),
HashAlgorithm = HashAlgorithmName.SHA384.Name,
IsParameterEncrypted = false
};
actual.Should().BeEquivalentTo(expected);
}
}
}
public void GivenNullSignatureAlgorithm_ThrowsArgumentNullException()
{
Action act = () => SignatureAlgorithmDataRecordV2.FromSignatureAlgorithm(null, _encryptionKey);
act.Should().Throw <ArgumentNullException>();
}
