public void WhenCreatingAnExistingMasterKeyWithAWrongPassword_ABadOneShouldBeCreated()
{
// Given
var pbkdf2 = CreatePbkdf2();
// When
var masterKey = new MasterKey("Wrong Password", KnownSalt, KnownIterations, pbkdf2);
// Then
masterKey.SecretKey.Should().NotBeEquivalentTo(KnownSecretKey);
}
public void WhenCreatingAnExistingMasterKey_ACorrectOneShouldBeCreated()
{
// Given
var pbkdf2 = CreatePbkdf2();
// When
var masterKey = new MasterKey(KnownPassword, KnownSalt, KnownIterations, pbkdf2);
// Then
masterKey.SecretKey.Should().BeEquivalentTo(KnownSecretKey);
}
public void WhenAuthorizingAnExistingWrongMasterKey_ADifferentHmacShouldBeComputed()
{
// Given
var existingMasterKey = new MasterKey("Wrong Password", KnownSalt, KnownIterations, CreatePbkdf2());
// When
var existingAuthorization = new Authorization(existingMasterKey, KnownInitializationVector, CreateAes(), CreateHmacSha256());
// Then
existingAuthorization.Hmac.Should().NotBeEquivalentTo(KnownHmac);
}
public void WhenCreatingANewAuthorizationTwiceWithTheSameMasterKey_ADifferentHashShouldBeGeneratedBecauseTheInitializationVectorIsDifferent()
{
// Given
var newMasterKey = new MasterKey(KnownPassword, KnownIterations, CreatePbkdf2());
// When
var firstNewAuthorization = new Authorization(newMasterKey, CreateAes(), CreateHmacSha256());
var secondNewAuthorization = new Authorization(newMasterKey, CreateAes(), CreateHmacSha256());
// Then
firstNewAuthorization.Hmac.Should().NotBeEquivalentTo(secondNewAuthorization.Hmac);
}
public void WhenAuthorizingAnExistingCorrectMasterKey_TheCorrectHmacShouldBeComputer()
{
// Given
var existingMasterKey = new MasterKey(KnownPassword, KnownSalt, KnownIterations, CreatePbkdf2());
// When
var existingAuthorization = new Authorization(existingMasterKey, KnownInitializationVector, CreateAes(), CreateHmacSha256());
// Then
existingAuthorization.InitializationVector.Should().BeEquivalentTo(KnownInitializationVector);
existingAuthorization.Hmac.Should().BeEquivalentTo(KnownHmac);
}
public void WhenCreatingANewMasterKey_ACorrectOneShouldBeCreated()
{
// Given
var pbkdf2 = CreatePbkdf2();
// When
var masterKey = new MasterKey(KnownPassword, KnownIterations, pbkdf2);
// Then
masterKey.Iterations.Should().Be(KnownIterations);
masterKey.Salt.Length.Should().Be(Pbkdf2.SaltSizeInBits / 8);
masterKey.Salt.Should().NotBeEmpty();
masterKey.SecretKey.Should().NotBeEmpty();
}
public void WhenCreatingANewAuthorization_ItShouldBeCreated()
{
// Given
var newMasterKey = new MasterKey(KnownPassword, KnownIterations, CreatePbkdf2());
// When
var newAuthorization = new Authorization(newMasterKey, CreateAes(), CreateHmacSha256());
// Then
newAuthorization.InitializationVector.Length.Should().Be(Aes.BlockSizeInBits / 8);
newAuthorization.InitializationVector.Should().NotBeEmpty();
newAuthorization.Hmac.Length.Should().Be(HmacSha256.HmacSizeInBits / 8);
newAuthorization.Hmac.Should().NotBeEmpty();
}
public void WhenCreatingTwiceTheAuthorizationWithTheSameInitializationVector_ItShouldBeTheSame()
{
// Given
var newMasterKey = new MasterKey(KnownPassword, KnownIterations, CreatePbkdf2());
// When
var newAuthorization = new Authorization(newMasterKey, CreateAes(), CreateHmacSha256());
var existingAuthorization = new Authorization(newMasterKey, newAuthorization.InitializationVector,
CreateAes(), CreateHmacSha256());
// Then
newAuthorization.Hmac.Should().BeEquivalentTo(existingAuthorization.Hmac);
}
/// <summary>
/// A message is generated by encrypting a hard coded value with the provided Master Key and
/// Initialization Vector.
/// The message is then passed to the hashing function and the key used is the provided Master Key.
/// </summary>
public Authorization(MasterKey masterKey, byte[] initializationVector, Aes aes, HmacSha256 hmacSha256)
{
InitializationVector = initializationVector;
var ciphertext = aes.Encrypt(AuthorizedMessage, masterKey.SecretKey, initializationVector);
Hmac = hmacSha256.Compute(ciphertext, masterKey.SecretKey);
}
/// <summary>
/// A new message is generated by encrypting a hard coded value with the provided Master Key and random
/// generated Initialization Vector.
/// The message is then passed to the hashing function and the key used is the provided Master Key.
/// </summary>
public Authorization(MasterKey masterKey, Aes aes, HmacSha256 hmacSha256)
: this(masterKey, aes.GenerateInitializationVector(), aes, hmacSha256)
{
}
/// <summary>
/// A new message is generated by encrypting a hard coded value with the provided Master Key and random
/// generated Initialization Vector.
/// The message is then passed to the hashing function and the key used is the provided Master Key.
/// </summary>
public Authorization(MasterKey masterKey, Aes aes, HmacSha256 hmacSha256)
: this(masterKey, aes.GenerateInitializationVector(), aes, hmacSha256)
{
}