public async Task Verify_Should_Reject_Forged_Token()
{
var service = new AnonymousTokenService(ecParameters);
var tokenState = service.GenerateTokenRequest();
GenerateTokenResponseModel tokenResponse = await GenerateTokenAsync(await inMemoryPrivateKeyStore.GetAsync(), publicKeyStore, ecParameters, tokenState.P);
var privateKey = GeneratePrivateKey();
var token = service.RandomizeToken(tokenState, tokenResponse, await publicKeyStore.GetAsync());
(await VerifyToken(privateKey, ecParameters, tokenState, token)).Should().BeFalse();
}
public async Task RandomizeToken_Should_Reject_Token_From_Rogue_Generator()
{
var service = new AnonymousTokenService(ecParameters);
var tokenState = service.GenerateTokenRequest();
var privateKey = GeneratePrivateKey();
GenerateTokenResponseModel tokenResponse = await GenerateTokenAsync(privateKey, publicKeyStore, ecParameters, tokenState.P);
var publicKey = (await publicKeyStore.GetAsync()).Q;
Assert.Throws <AnonymousTokensException>(() => service.RandomizeToken(tokenState, tokenResponse, publicKey))
.Message.Should().Contain("proof is invalid");
}
public async Task GenerateToken_Generates_Valid_Token()
{
var privateKey = await inMemoryPrivateKeyStore.GetAsync();
var service = new AnonymousTokenService(ecParameters);
var tokenState = service.GenerateTokenRequest();
GenerateTokenResponseModel tokenResponse = await GenerateTokenAsync(privateKey, publicKeyStore, ecParameters, tokenState.P);
var token = service.RandomizeToken(tokenState, tokenResponse, await publicKeyStore.GetAsync());
(await VerifyToken(privateKey, ecParameters, tokenState, token)).Should().BeTrue();
}
private static async Task <ApiResponse> PostSelfExposureKeysWithAnonTokens(SelfDiagnosisSubmissionDTO selfDiagnosisSubmissionDTO, IEnumerable <ExposureKeyModel> temporaryExposureKeys, BaseWebService service)
{
var tokenService = new AnonymousTokenService(CustomNamedCurves.GetByOid(X9ObjectIdentifiers.Prime256v1));
var token = await tokenService.GetAnonymousTokenAsync();
var request = new HttpRequestMessage(HttpMethod.Post, Conf.URL_PUT_UPLOAD_DIAGNOSIS_KEYS);
request.Headers.Add("Authorization", $"Anonymous {token}");
string jsonBody = JsonConvert.SerializeObject(selfDiagnosisSubmissionDTO, JsonSerializerSettings);
request.Content = new StringContent(jsonBody, Encoding.UTF8, "application/json");
var response = await new HttpClient().SendAsync(request);
var result = new ApiResponse(Conf.URL_PUT_UPLOAD_DIAGNOSIS_KEYS, HttpMethod.Post);
result.StatusCode = (int)response.StatusCode;
result.ResponseText = await response.Content.ReadAsStringAsync();
if (!response.IsSuccessStatusCode)
{
result.ResponseText = response.ReasonPhrase;
}
return(result);
}