public void ProtectedKey_WipeReference()
{
var key = OtpCalculationTests.RfcTestKey;
var pk = InMemoryKey.CreateProtectedKeyAndDestroyPlaintextKey(key);
CollectionAssert.AreNotEqual(OtpCalculationTests.RfcTestKey, key);
}
public void ProtectedKey_EnsureOriginalkeyIntegrity()
{
var key = OtpCalculationTests.RfcTestKey;
var pk = new InMemoryKey(key);
CollectionAssert.AreEqual(OtpCalculationTests.RfcTestKey, key);
}
public void ProtectedKey_ProtectKeyWithSpecificLength()
{
var originalKey = KeyGeneration.GenerateRandomKey(20);
var originalCopy = new byte[32];
Array.Copy(originalKey, originalCopy, 20);
ProtectedMemory.Protect(originalCopy, MemoryProtectionScope.SameProcess);
CollectionAssert.AreNotEqual(originalKey, originalCopy);
var pk = InMemoryKey.CreateProtectedKeyFromPreProtectedMemory(originalCopy, 20, MemoryProtectionScope.SameProcess);
CollectionAssert.AreEqual(originalKey, pk.GetCopyOfKey(), "The unprotected plain key and the original key don't match");
}
public void ProtectedKey_ProtectKey_SameLogon()
{
var originalKey = KeyGeneration.GenerateRandomKey(16);
var originalCopy = new byte[16];
Array.Copy(originalKey, originalCopy, 16);
CollectionAssert.AreEqual(originalKey, originalCopy);
ProtectedMemory.Protect(originalCopy, MemoryProtectionScope.SameLogon);
CollectionAssert.AreNotEqual(originalKey, originalCopy);
var pk = InMemoryKey.CreateProtectedKeyFromPreProtectedMemory(originalCopy, 16, MemoryProtectionScope.SameLogon);
CollectionAssert.AreEqual(originalKey, pk.GetCopyOfKey());
}
public void ProtectedKey_MultipleUse()
{
var originalKey = KeyGeneration.GenerateRandomKey(16);
var originalCopy = new byte[16];
Array.Copy(originalKey, originalCopy, 16);
CollectionAssert.AreEqual(originalKey, originalCopy);
ProtectedMemory.Protect(originalCopy, MemoryProtectionScope.SameProcess);
CollectionAssert.AreNotEqual(originalKey, originalCopy);
var pk = InMemoryKey.CreateProtectedKeyFromPreProtectedMemory(originalCopy, 16, MemoryProtectionScope.SameProcess);
// The key is protected and un-protected several times.
// Make sure that the key can be used multiple times.
for (int i = 0; i < 10; i++)
{
CollectionAssert.AreEqual(originalKey, pk.GetCopyOfKey());
}
}
public override string getTotpString(DateTime timestamp)
{
var elapsedSeconds = (long)Math.Floor(timestamp.Subtract(new DateTime(1970, 1, 1, 0, 0, 0, 0, DateTimeKind.Utc)).TotalSeconds) / data.Period;
byte[] codeInterval = BitConverter.GetBytes((ulong)elapsedSeconds);
if (BitConverter.IsLittleEndian)
{
Array.Reverse(codeInterval);
}
InMemoryKey key = new InMemoryKey(data.Key.ReadData());
byte[] hash = key.ComputeHmac(OtpHashMode.Sha1, codeInterval);
int start = hash[hash.Length - 1] & 0xf;
byte[] totp = new byte[4];
Array.Copy(hash, start, totp, 0, 4);
if (BitConverter.IsLittleEndian)
{
Array.Reverse(totp);
}
var code = BitConverter.ToUInt32(totp, 0) & 0x7fffffff;
StringBuilder sb = new StringBuilder();
for (int i = 0; i < this.data.Digits; i++)
{
sb.Append(STEAMCHARS[code % STEAMCHARS.Length]);
code /= (uint)STEAMCHARS.Length;
}
return(sb.ToString());
}
public Task<IEnclaveKey> GenerateKey(string keyType)
{
IEnclaveKey key = null;
switch (keyType.ToLowerInvariant())
{
case "rsa":
key = new InMemoryKey(keyType, new RSACryptoServiceProvider(2048));
break;
case "aes":
var bytes = new byte[16];
RNG.GetBytes(bytes);
key = new InMemoryKey(keyType, bytes);
break;
case "ecc":
key = new InMemoryKey(keyType, new ECDsaCng(256));
break;
default:
throw new NotSupportedException($"Unknown key type {keyType}");
}
return Task.FromResult(key);
}
public void ContractTestKeySize_InMemoryKeyNull()
{
InMemoryKey key = null;
new Action(() => new Totp(key)).ShouldThrow <ArgumentNullException>().WithMessage("Value cannot be null.\r\nParameter name: secretKey");;
}
public void ProtectedKey_Basic()
{
var pk = new InMemoryKey(OtpCalculationTests.RfcTestKey);
CollectionAssert.AreEqual(OtpCalculationTests.RfcTestKey, pk.GetCopyOfKey());
}
public void ProtectedKey_ProtectKeyNull()
{
new Action(() => InMemoryKey.CreateProtectedKeyFromPreProtectedMemory(null, 16, MemoryProtectionScope.SameProcess))
.ShouldThrow <ArgumentNullException>()
.WithMessage("Value cannot be null.\r\nParameter name: preProtectedKey");
}
public void ProtectedKey_ProtectKeyZeroLength()
{
new Action(() => InMemoryKey.CreateProtectedKeyFromPreProtectedMemory(OtpCalculationTests.RfcTestKey, 0, MemoryProtectionScope.SameProcess))
.ShouldThrow <ArgumentException>()
.WithMessage("The key must not be empty");
}
public void ProtectedKey_ProtectKeyEmpty()
{
new Action(() => InMemoryKey.CreateProtectedKeyFromPreProtectedMemory(new byte[] { }, 16, MemoryProtectionScope.SameProcess))
.ShouldThrow <ArgumentException>()
.WithMessage("The key must not be empty");
}
