public static void SignDepositData(IServiceProvider testServiceProvider, DepositData depositData, byte[] privateKey, BeaconState?state) { SignatureDomains signatureDomains = testServiceProvider.GetService <IOptions <SignatureDomains> >().Value; BeaconChainUtility beaconChainUtility = testServiceProvider.GetService <BeaconChainUtility>(); ICryptographyService cryptographyService = testServiceProvider.GetService <ICryptographyService>(); Domain domain; if (state == null) { // Genesis domain = beaconChainUtility.ComputeDomain(signatureDomains.Deposit); } else { BeaconStateAccessor beaconStateAccessor = testServiceProvider.GetService <BeaconStateAccessor>(); domain = beaconStateAccessor.GetDomain(state, signatureDomains.Deposit, Epoch.None); } DepositMessage depositMessage = new DepositMessage(depositData.PublicKey, depositData.WithdrawalCredentials, depositData.Amount); Root depositMessageRoot = cryptographyService.HashTreeRoot(depositMessage); Root signingRoot = beaconChainUtility.ComputeSigningRoot(depositMessageRoot, domain); BlsSignature signature = TestSecurity.BlsSign(signingRoot, privateKey); depositData.SetSignature(signature); }
/// <summary> /// Prepare the state for the deposit, and create a deposit for the given validator, depositing the given amount. /// </summary> public static Deposit PrepareStateAndDeposit(IServiceProvider testServiceProvider, BeaconState state, ValidatorIndex validatorIndex, Gwei amount, Bytes32 withdrawalCredentials, bool signed) { ChainConstants chainConstants = testServiceProvider.GetService <ChainConstants>(); InitialValues initialValues = testServiceProvider.GetService <IOptions <InitialValues> >().Value; TimeParameters timeParameters = testServiceProvider.GetService <IOptions <TimeParameters> >().Value; IBeaconChainUtility beaconChainUtility = testServiceProvider.GetService <IBeaconChainUtility>(); BeaconStateAccessor beaconStateAccessor = testServiceProvider.GetService <BeaconStateAccessor>(); IDepositStore depositStore = testServiceProvider.GetService <IDepositStore>(); byte[][] privateKeys = TestKeys.PrivateKeys(timeParameters).ToArray(); BlsPublicKey[] publicKeys = TestKeys.PublicKeys(timeParameters).ToArray(); byte[] privateKey = privateKeys[(int)(ulong)validatorIndex]; BlsPublicKey publicKey = publicKeys[(int)(ulong)validatorIndex]; if (withdrawalCredentials == Bytes32.Zero) { // insecurely use pubkey as withdrawal key if no credentials provided byte[] withdrawalCredentialBytes = TestSecurity.Hash(publicKey.AsSpan()); withdrawalCredentialBytes[0] = initialValues.BlsWithdrawalPrefix; withdrawalCredentials = new Bytes32(withdrawalCredentialBytes); } DepositData depositData = BuildDeposit(testServiceProvider, state, publicKey, privateKey, amount, withdrawalCredentials, signed); Deposit deposit = depositStore.Place(depositData); state.SetEth1DepositIndex(0); state.Eth1Data.SetDepositRoot(depositStore.DepositData.Root); state.Eth1Data.SetDepositCount((ulong)depositStore.Deposits.Count); return(deposit); }
public void AddAndPurgeWorks() { TestSecurity security = new TestSecurity(false); NTAccount nta1 = new NTAccount(@"BUILTIN\Users"); NTAccount nta2 = new NTAccount(@"BUILTIN\Administrators"); security.AddAccessRuleTest(new TestAccessRule <TestRights> (nta1, TestRights.One, AccessControlType.Allow)); security.AddAccessRuleTest(new TestAccessRule <TestRights> (nta2, TestRights.One, AccessControlType.Allow)); AuthorizationRuleCollection rules1 = security.GetAccessRules(true, true, typeof(NTAccount)); Assert.AreEqual(2, rules1.Count); security.PurgeAccessRules(nta1); AuthorizationRuleCollection rules2 = security.GetAccessRules(true, true, typeof(NTAccount)); Assert.AreEqual(1, rules2.Count); Assert.IsInstanceOfType(typeof(TestAccessRule <TestRights>), rules2[0]); TestAccessRule <TestRights> rule = (TestAccessRule <TestRights>)rules2[0]; Assert.AreEqual(nta2, rule.IdentityReference); }
public void SetSddlFormAllowsFlags () { TestSecurity security = new TestSecurity (); security.SetSecurityDescriptorSddlForm ("G:BA", AccessControlSections.Group | AccessControlSections.Owner); Assert.AreEqual ("", security.GetSecurityDescriptorSddlForm (AccessControlSections.Owner)); Assert.AreEqual ("G:BA", security.GetSecurityDescriptorSddlForm (AccessControlSections.Group)); }
/// <summary> /// Prepare the state for the deposit, and create a deposit for the given validator, depositing the given amount. /// </summary> public static Deposit PrepareStateAndDeposit(IServiceProvider testServiceProvider, BeaconState state, ValidatorIndex validatorIndex, Gwei amount, Hash32 withdrawalCredentials, bool signed) { var chainConstants = testServiceProvider.GetService <ChainConstants>(); var initialValues = testServiceProvider.GetService <IOptions <InitialValues> >().Value; var timeParameters = testServiceProvider.GetService <IOptions <TimeParameters> >().Value; var beaconChainUtility = testServiceProvider.GetService <BeaconChainUtility>(); var beaconStateAccessor = testServiceProvider.GetService <BeaconStateAccessor>(); var privateKeys = TestKeys.PrivateKeys(timeParameters).ToArray(); var publicKeys = TestKeys.PublicKeys(timeParameters).ToArray(); var privateKey = privateKeys[(int)(ulong)validatorIndex]; var publicKey = publicKeys[(int)(ulong)validatorIndex]; if (withdrawalCredentials == Hash32.Zero) { // insecurely use pubkey as withdrawal key if no credentials provided var withdrawalCredentialBytes = TestSecurity.Hash(publicKey.AsSpan()); withdrawalCredentialBytes[0] = initialValues.BlsWithdrawalPrefix; withdrawalCredentials = new Hash32(withdrawalCredentialBytes); } var depositDataList = new List <DepositData>(); (var deposit, var depositRoot) = BuildDeposit(testServiceProvider, state, depositDataList, publicKey, privateKey, amount, withdrawalCredentials, signed); state.SetEth1DepositIndex(0); state.Eth1Data.SetDepositRoot(depositRoot); state.Eth1Data.SetDepositCount((ulong)depositDataList.Count); return(deposit); }
public static (Deposit, Root) BuildDeposit(IServiceProvider testServiceProvider, BeaconState?state, IList <DepositData> depositDataList, BlsPublicKey publicKey, byte[] privateKey, Gwei amount, Bytes32 withdrawalCredentials, bool signed) { ChainConstants chainConstants = testServiceProvider.GetService <ChainConstants>(); BeaconChainUtility beaconChainUtility = testServiceProvider.GetService <BeaconChainUtility>(); ICryptographyService cryptographyService = testServiceProvider.GetService <ICryptographyService>(); DepositData depositData = BuildDepositData(testServiceProvider, publicKey, privateKey, amount, withdrawalCredentials, state, signed); int index = depositDataList.Count; depositDataList.Add(depositData); Root root = cryptographyService.HashTreeRoot(depositDataList); IEnumerable <Bytes32> allLeaves = depositDataList.Select(x => new Bytes32(cryptographyService.HashTreeRoot(x).AsSpan())); IList <IList <Bytes32> > tree = TestSecurity.CalculateMerkleTreeFromLeaves(allLeaves); IList <Bytes32> merkleProof = TestSecurity.GetMerkleProof(tree, index, 32); List <Bytes32> proof = new List <Bytes32>(merkleProof); Span <byte> indexBytes = new Span <byte>(new byte[32]); BitConverter.TryWriteBytes(indexBytes, (ulong)index + 1); if (!BitConverter.IsLittleEndian) { indexBytes.Slice(0, 8).Reverse(); } Bytes32 indexHash = new Bytes32(indexBytes); proof.Add(indexHash); Bytes32 leaf = new Bytes32(cryptographyService.HashTreeRoot(depositData).AsSpan()); bool checkValid = beaconChainUtility.IsValidMerkleBranch(leaf, proof, chainConstants.DepositContractTreeDepth + 1, (ulong)index, root); Deposit deposit = new Deposit(proof, depositData); return(deposit, root); }
public static (Deposit, Hash32) BuildDeposit(IServiceProvider testServiceProvider, BeaconState?state, IList <DepositData> depositDataList, BlsPublicKey publicKey, byte[] privateKey, Gwei amount, Hash32 withdrawalCredentials, bool signed) { var chainConstants = testServiceProvider.GetService <ChainConstants>(); var beaconChainUtility = testServiceProvider.GetService <BeaconChainUtility>(); var depositData = BuildDepositData(testServiceProvider, publicKey, privateKey, amount, withdrawalCredentials, state, signed); var index = depositDataList.Count; depositDataList.Add(depositData); Hash32 root = depositDataList.HashTreeRoot((ulong)1 << chainConstants.DepositContractTreeDepth); var allLeaves = depositDataList.Select(x => x.HashTreeRoot()); var tree = TestSecurity.CalculateMerkleTreeFromLeaves(allLeaves); var merkleProof = TestSecurity.GetMerkleProof(tree, index, 32); var proof = new List <Hash32>(merkleProof); var indexBytes = new Span <byte>(new byte[32]); BitConverter.TryWriteBytes(indexBytes, (ulong)index + 1); if (!BitConverter.IsLittleEndian) { indexBytes.Slice(0, 8).Reverse(); } var indexHash = new Hash32(indexBytes); proof.Add(indexHash); var leaf = depositData.HashTreeRoot(); beaconChainUtility.IsValidMerkleBranch(leaf, proof, chainConstants.DepositContractTreeDepth + 1, (ulong)index, root); var deposit = new Deposit(proof, depositData); return(deposit, root); }
public void Defaults() { TestSecurity security = new TestSecurity(); Assert.IsTrue(security.IsContainerTest); Assert.IsTrue(security.IsDSTest); }
public void DefaultsForSddlAndBinary() { TestSecurity security = new TestSecurity(); Assert.AreEqual("D:", security.GetSecurityDescriptorSddlForm(AccessControlSections.All)); Assert.AreEqual(28, security.GetSecurityDescriptorBinaryForm().Length); }
public void SetSddlFormAllowsFlags() { TestSecurity security = new TestSecurity(); security.SetSecurityDescriptorSddlForm("G:BA", AccessControlSections.Group | AccessControlSections.Owner); Assert.AreEqual("", security.GetSecurityDescriptorSddlForm(AccessControlSections.Owner)); Assert.AreEqual("G:BA", security.GetSecurityDescriptorSddlForm(AccessControlSections.Group)); }
public void ResetAccessRuleCausesExactlyOneModifyAccessCall() { TestSecurity security = new TestSecurity(false); SecurityIdentifier sid = new SecurityIdentifier("WD"); security.ResetAccessRuleTest(new TestAccessRule <TestRights> (sid, TestRights.One, AccessControlType.Allow)); Assert.AreEqual(1, security.modify_access_called_count); }
public void ConstructorLetsFalseDSThrough () { CommonSecurityDescriptor descriptor = new CommonSecurityDescriptor (false, false, ControlFlags.None, null, null, null, null); TestSecurity security = new TestSecurity (descriptor); Assert.IsFalse (security.IsContainerTest); Assert.IsFalse (security.IsDSTest); }
public void Defaults () { TestSecurity security = new TestSecurity (); Assert.IsTrue (security.AreAccessRulesCanonical); Assert.IsTrue (security.AreAuditRulesCanonical); Assert.IsFalse (security.AreAccessRulesProtected); Assert.IsFalse (security.AreAuditRulesProtected); Assert.IsNull (security.GetGroup (typeof (SecurityIdentifier))); Assert.IsNull (security.GetOwner (typeof (SecurityIdentifier))); }
public void ConstructorLetsFalseDSThrough() { CommonSecurityDescriptor descriptor = new CommonSecurityDescriptor (false, false, ControlFlags.None, null, null, null, null); TestSecurity security = new TestSecurity(descriptor); Assert.IsFalse(security.IsContainerTest); Assert.IsFalse(security.IsDSTest); }
public static void SignVoluntaryExit(IServiceProvider testServiceProvider, BeaconState state, VoluntaryExit voluntaryExit, byte[] privateKey) { var signatureDomains = testServiceProvider.GetService <IOptions <SignatureDomains> >().Value; var beaconStateAccessor = testServiceProvider.GetService <BeaconStateAccessor>(); var domain = beaconStateAccessor.GetDomain(state, signatureDomains.VoluntaryExit, voluntaryExit.Epoch); var signature = TestSecurity.BlsSign(voluntaryExit.SigningRoot(), privateKey, domain); voluntaryExit.SetSignature(signature); }
public static void SignBlock(IServiceProvider testServiceProvider, BeaconState state, BeaconBlock block, ValidatorIndex proposerIndex) { MiscellaneousParameters miscellaneousParameters = testServiceProvider.GetService <IOptions <MiscellaneousParameters> >().Value; TimeParameters timeParameters = testServiceProvider.GetService <IOptions <TimeParameters> >().Value; MaxOperationsPerBlock maxOperationsPerBlock = testServiceProvider.GetService <IOptions <MaxOperationsPerBlock> >().Value; SignatureDomains signatureDomains = testServiceProvider.GetService <IOptions <SignatureDomains> >().Value; ICryptographyService cryptographyService = testServiceProvider.GetService <ICryptographyService>(); BeaconChainUtility beaconChainUtility = testServiceProvider.GetService <BeaconChainUtility>(); BeaconStateAccessor beaconStateAccessor = testServiceProvider.GetService <BeaconStateAccessor>(); BeaconStateTransition beaconStateTransition = testServiceProvider.GetService <BeaconStateTransition>(); if (state.Slot > block.Slot) { throw new ArgumentOutOfRangeException("block.Slot", block.Slot, $"Slot of block must be equal or less that state slot {state.Slot}"); } Epoch blockEpoch = beaconChainUtility.ComputeEpochAtSlot(block.Slot); if (proposerIndex == ValidatorIndex.None) { if (block.Slot == state.Slot) { proposerIndex = beaconStateAccessor.GetBeaconProposerIndex(state); } else { Epoch stateEpoch = beaconChainUtility.ComputeEpochAtSlot(state.Slot); if (stateEpoch + 1 > blockEpoch) { Console.WriteLine("WARNING: Block slot far away, and no proposer index manually given." + " Signing block is slow due to transition for proposer index calculation."); } // use stub state to get proposer index of future slot BeaconState stubState = BeaconState.Clone(state); beaconStateTransition.ProcessSlots(stubState, block.Slot); proposerIndex = beaconStateAccessor.GetBeaconProposerIndex(stubState); } } byte[][] privateKeys = TestKeys.PrivateKeys(timeParameters).ToArray(); byte[] privateKey = privateKeys[(int)(ulong)proposerIndex]; Domain randaoDomain = beaconStateAccessor.GetDomain(state, signatureDomains.Randao, blockEpoch); Hash32 randaoRevealHash = blockEpoch.HashTreeRoot(); BlsSignature randaoReveal = TestSecurity.BlsSign(randaoRevealHash, privateKey, randaoDomain); block.Body.SetRandaoReveal(randaoReveal); Domain signatureDomain = beaconStateAccessor.GetDomain(state, signatureDomains.BeaconProposer, blockEpoch); Hash32 signingRoot = cryptographyService.SigningRoot(block); BlsSignature signature = TestSecurity.BlsSign(signingRoot, privateKey, signatureDomain); block.SetSignature(signature); }
public void ModifyAccessRuleThrowsOnWrongType() { bool modified; SecurityIdentifier everyoneSid = new SecurityIdentifier("WD"); TestSecurity security = new TestSecurity(); FileSystemAccessRule rule = new FileSystemAccessRule (everyoneSid, FileSystemRights.FullControl, AccessControlType.Allow); security.ModifyAccessRule(AccessControlModification.Add, rule, out modified); }
public static void SignBlockHeader(IServiceProvider testServiceProvider, BeaconState state, BeaconBlockHeader header, byte[] privateKey) { var signatureDomains = testServiceProvider.GetService <IOptions <SignatureDomains> >().Value; var beaconStateAccessor = testServiceProvider.GetService <BeaconStateAccessor>(); var domain = beaconStateAccessor.GetDomain(state, signatureDomains.BeaconProposer, Epoch.None); var signingRoot = header.SigningRoot(); var signature = TestSecurity.BlsSign(signingRoot, privateKey, domain); header.SetSignature(signature); }
public void Defaults() { TestSecurity security = new TestSecurity(); Assert.IsTrue(security.AreAccessRulesCanonical); Assert.IsTrue(security.AreAuditRulesCanonical); Assert.IsFalse(security.AreAccessRulesProtected); Assert.IsFalse(security.AreAuditRulesProtected); Assert.IsNull(security.GetGroup(typeof(SecurityIdentifier))); Assert.IsNull(security.GetOwner(typeof(SecurityIdentifier))); }
public static BlsSignature GetAttestationSignature(IServiceProvider testServiceProvider, BeaconState state, AttestationData attestationData, byte[] privateKey) { var signatureDomains = testServiceProvider.GetService <IOptions <SignatureDomains> >().Value; var beaconStateAccessor = testServiceProvider.GetService <BeaconStateAccessor>(); var messageHash = attestationData.HashTreeRoot(); var domain = beaconStateAccessor.GetDomain(state, signatureDomains.BeaconAttester, attestationData.Target.Epoch); var signature = TestSecurity.BlsSign(messageHash, privateKey, domain); return(signature); }
public void Reset() { bool modifiedRet, modifiedOut; SecurityIdentifier everyoneSid = new SecurityIdentifier("WD"); TestSecurity security = new TestSecurity(); TestAccessRule rule = new TestAccessRule (everyoneSid, TestRights.One, AccessControlType.Allow); modifiedRet = security.ModifyAccessRule(AccessControlModification.Reset, rule, out modifiedOut); }
public void Defaults() { TestSecurity security; security = new TestSecurity(false); Assert.IsFalse(security.IsContainerTest); Assert.IsFalse(security.IsDSTest); security = new TestSecurity(true); Assert.IsTrue(security.IsContainerTest); Assert.IsFalse(security.IsDSTest); }
public static SignedBeaconBlock SignBlock(IServiceProvider testServiceProvider, BeaconState state, BeaconBlock block, ValidatorIndex?optionalProposerIndex) { TimeParameters timeParameters = testServiceProvider.GetService <IOptions <TimeParameters> >().Value; SignatureDomains signatureDomains = testServiceProvider.GetService <IOptions <SignatureDomains> >().Value; ICryptographyService cryptographyService = testServiceProvider.GetService <ICryptographyService>(); BeaconChainUtility beaconChainUtility = testServiceProvider.GetService <BeaconChainUtility>(); BeaconStateAccessor beaconStateAccessor = testServiceProvider.GetService <BeaconStateAccessor>(); BeaconStateTransition beaconStateTransition = testServiceProvider.GetService <BeaconStateTransition>(); if (state.Slot > block.Slot) { throw new ArgumentOutOfRangeException("block.Slot", block.Slot, $"Slot of block must be equal or less that state slot {state.Slot}"); } Epoch blockEpoch = beaconChainUtility.ComputeEpochAtSlot(block.Slot); ValidatorIndex proposerIndex; if (optionalProposerIndex.HasValue) { proposerIndex = optionalProposerIndex.Value; } else { if (block.Slot == state.Slot) { proposerIndex = beaconStateAccessor.GetBeaconProposerIndex(state); } else { Epoch stateEpoch = beaconChainUtility.ComputeEpochAtSlot(state.Slot); if (stateEpoch + 1 > blockEpoch) { Console.WriteLine("WARNING: Block slot far away, and no proposer index manually given." + " Signing block is slow due to transition for proposer index calculation."); } // use stub state to get proposer index of future slot BeaconState stubState = BeaconState.Clone(state); beaconStateTransition.ProcessSlots(stubState, block.Slot); proposerIndex = beaconStateAccessor.GetBeaconProposerIndex(stubState); } } byte[][] privateKeys = TestKeys.PrivateKeys(timeParameters).ToArray(); byte[] privateKey = privateKeys[(int)(ulong)proposerIndex]; Root blockHashTreeRoot = cryptographyService.HashTreeRoot(block); Domain proposerDomain = beaconStateAccessor.GetDomain(state, signatureDomains.BeaconProposer, blockEpoch); Root signingRoot = beaconChainUtility.ComputeSigningRoot(blockHashTreeRoot, proposerDomain); BlsSignature signature = TestSecurity.BlsSign(signingRoot, privateKey); return(new SignedBeaconBlock(block, signature)); }
public void ChecksAccessControlModificationRange () { bool modifiedRet, modifiedOut; TestSecurity security = new TestSecurity (); SecurityIdentifier sid = new SecurityIdentifier ("WD"); TestAccessRule rule = new TestAccessRule (sid, 1, false, InheritanceFlags.None, PropagationFlags.None, Guid.Empty, Guid.Empty, AccessControlType.Allow); modifiedRet = security.ModifyAccessRule ((AccessControlModification)43210, rule, out modifiedOut); }
public void ChecksAccessControlModificationRange() { bool modifiedRet, modifiedOut; TestSecurity security = new TestSecurity(); SecurityIdentifier sid = new SecurityIdentifier("WD"); TestAccessRule rule = new TestAccessRule (sid, 1, false, InheritanceFlags.None, PropagationFlags.None, Guid.Empty, Guid.Empty, AccessControlType.Allow); modifiedRet = security.ModifyAccessRule((AccessControlModification)43210, rule, out modifiedOut); }
public static BlsSignature GetAttestationSignature(IServiceProvider testServiceProvider, BeaconState state, AttestationData attestationData, byte[] privateKey) { SignatureDomains signatureDomains = testServiceProvider.GetService <IOptions <SignatureDomains> >().Value; BeaconChainUtility beaconChainUtility = testServiceProvider.GetService <BeaconChainUtility>(); BeaconStateAccessor beaconStateAccessor = testServiceProvider.GetService <BeaconStateAccessor>(); Root attestationDataRoot = attestationData.HashTreeRoot(); Domain domain = beaconStateAccessor.GetDomain(state, signatureDomains.BeaconAttester, attestationData.Target.Epoch); Root signingRoot = beaconChainUtility.ComputeSigningRoot(attestationDataRoot, domain); BlsSignature signature = TestSecurity.BlsSign(signingRoot, privateKey); return(signature); }
public void IgnoresResetOnAuditAndReturnsTrue () { bool modifiedRet, modifiedOut; TestSecurity security = new TestSecurity (); SecurityIdentifier sid = new SecurityIdentifier ("WD"); TestAuditRule rule = new TestAuditRule (sid, 1, false, InheritanceFlags.None, PropagationFlags.None, Guid.Empty, Guid.Empty, AuditFlags.Success); modifiedRet = security.ModifyAuditRule (AccessControlModification.Reset, rule, out modifiedOut); Assert.IsTrue (modifiedRet); }
public static SignedBeaconBlockHeader SignBlockHeader(IServiceProvider testServiceProvider, BeaconState state, BeaconBlockHeader header, byte[] privateKey) { SignatureDomains signatureDomains = testServiceProvider.GetService <IOptions <SignatureDomains> >().Value; IBeaconChainUtility beaconChainUtility = testServiceProvider.GetService <IBeaconChainUtility>(); BeaconStateAccessor beaconStateAccessor = testServiceProvider.GetService <BeaconStateAccessor>(); ICryptographyService cryptographyService = testServiceProvider.GetService <ICryptographyService>(); Root headerRoot = cryptographyService.HashTreeRoot(header); Domain domain = beaconStateAccessor.GetDomain(state, signatureDomains.BeaconProposer, Epoch.None); Root signingRoot = beaconChainUtility.ComputeSigningRoot(headerRoot, domain); BlsSignature signature = TestSecurity.BlsSign(signingRoot, privateKey); return(new SignedBeaconBlockHeader(header, signature)); }
public static SignedVoluntaryExit SignVoluntaryExit(IServiceProvider testServiceProvider, BeaconState state, VoluntaryExit voluntaryExit, byte[] privateKey) { var signatureDomains = testServiceProvider.GetService <IOptions <SignatureDomains> >().Value; BeaconChainUtility beaconChainUtility = testServiceProvider.GetService <BeaconChainUtility>(); var beaconStateAccessor = testServiceProvider.GetService <BeaconStateAccessor>(); ICryptographyService cryptographyService = testServiceProvider.GetService <ICryptographyService>(); var voluntaryExitRoot = cryptographyService.HashTreeRoot(voluntaryExit); var domain = beaconStateAccessor.GetDomain(state, signatureDomains.VoluntaryExit, voluntaryExit.Epoch); var signingRoot = beaconChainUtility.ComputeSigningRoot(voluntaryExitRoot, domain); var signature = TestSecurity.BlsSign(signingRoot, privateKey); return(new SignedVoluntaryExit(voluntaryExit, signature)); }
public void IgnoresResetOnAuditAndReturnsTrue() { bool modifiedRet, modifiedOut; TestSecurity security = new TestSecurity(); SecurityIdentifier sid = new SecurityIdentifier("WD"); TestAuditRule rule = new TestAuditRule (sid, 1, false, InheritanceFlags.None, PropagationFlags.None, Guid.Empty, Guid.Empty, AuditFlags.Success); modifiedRet = security.ModifyAuditRule(AccessControlModification.Reset, rule, out modifiedOut); Assert.IsTrue(modifiedRet); }
public void SetSddlForm() { TestSecurity security = new TestSecurity(); SecurityIdentifier groupSid = new SecurityIdentifier("WD"); SecurityIdentifier userSid = new SecurityIdentifier("SY"); security.SetGroup(groupSid); security.SetOwner(userSid); Assert.AreEqual("G:WD", security.GetSecurityDescriptorSddlForm(AccessControlSections.Group)); Assert.AreEqual("O:SY", security.GetSecurityDescriptorSddlForm(AccessControlSections.Owner)); security.SetSecurityDescriptorSddlForm("O:BG", AccessControlSections.Owner); Assert.AreEqual("O:BG", security.GetSecurityDescriptorSddlForm(AccessControlSections.Owner)); Assert.AreEqual(new SecurityIdentifier("BG"), security.GetOwner(typeof(SecurityIdentifier))); }
public void SetSddlForm () { TestSecurity security = new TestSecurity (); SecurityIdentifier groupSid = new SecurityIdentifier ("WD"); SecurityIdentifier userSid = new SecurityIdentifier ("SY"); security.SetGroup (groupSid); security.SetOwner (userSid); Assert.AreEqual ("G:WD", security.GetSecurityDescriptorSddlForm (AccessControlSections.Group)); Assert.AreEqual ("O:SY", security.GetSecurityDescriptorSddlForm (AccessControlSections.Owner)); security.SetSecurityDescriptorSddlForm ("O:BG", AccessControlSections.Owner); Assert.AreEqual ("O:BG", security.GetSecurityDescriptorSddlForm (AccessControlSections.Owner)); Assert.AreEqual (new SecurityIdentifier ("BG"), security.GetOwner (typeof (SecurityIdentifier))); }
public static BlsSignature SignAggregateAttestation(IServiceProvider testServiceProvider, BeaconState state, AttestationData attestationData, IEnumerable <ValidatorIndex> participants) { var timeParameters = testServiceProvider.GetService <IOptions <TimeParameters> >().Value; var privateKeys = TestKeys.PrivateKeys(timeParameters).ToList(); var signatures = new List <BlsSignature>(); foreach (var validatorIndex in participants) { var privateKey = privateKeys[(int)(ulong)validatorIndex]; var signature = GetAttestationSignature(testServiceProvider, state, attestationData, privateKey, custodyBit: false); signatures.Add(signature); } return(TestSecurity.BlsAggregateSignatures(signatures)); }
public void ObjectSecurityJustWrapsCommonSecurityDescriptor () { CommonSecurityDescriptor descriptor = new CommonSecurityDescriptor (false, false, ControlFlags.None, null, null, null, null); TestSecurity security = new TestSecurity (descriptor); Assert.IsNull (security.GetOwner (typeof(SecurityIdentifier))); SecurityIdentifier sid = new SecurityIdentifier ("WD"); descriptor.Owner = sid; // Not virtual, so the conclusion in the test's title. Assert.IsFalse (security.OwnerModifiedTest); Assert.AreSame (sid, security.GetOwner (typeof(SecurityIdentifier))); security.SetOwner (sid); Assert.IsTrue (security.OwnerModifiedTest); Assert.AreSame (sid, security.GetOwner (typeof(SecurityIdentifier))); }
TestSecurity FactoryCallTest(bool objectAce) { SecurityIdentifier sid = new SecurityIdentifier("WD"); DiscretionaryAcl dacl = new DiscretionaryAcl(true, true, 1); dacl.AddAccess(AccessControlType.Allow, sid, 1, InheritanceFlags.None, PropagationFlags.None, objectAce ? ObjectAceFlags.ObjectAceTypePresent : ObjectAceFlags.None, Guid.NewGuid(), Guid.Empty); CommonSecurityDescriptor descriptor = new CommonSecurityDescriptor (true, true, ControlFlags.None, null, null, null, dacl); TestSecurity security = new TestSecurity(descriptor); security.GetAccessRules(true, true, typeof(SecurityIdentifier)); return(security); }
[Category("NotWorking")] // Mono does not have a working CustomAce implementation yet. public void ObjectSecurityRemovesWhatItCannotCreate() { RawAcl acl = new RawAcl(GenericAcl.AclRevision, 1); acl.InsertAce(0, new CustomAce((AceType)255, AceFlags.None, new byte[4])); DiscretionaryAcl dacl = new DiscretionaryAcl(true, true, acl); Assert.AreEqual(1, dacl.Count); CommonSecurityDescriptor descriptor = new CommonSecurityDescriptor (true, true, ControlFlags.None, null, null, null, dacl); TestSecurity security = new TestSecurity(descriptor); AuthorizationRuleCollection rules = security.GetAccessRules(true, true, typeof(SecurityIdentifier)); Assert.AreEqual(0, rules.Count); }
public void ObjectSecurityJustWrapsCommonSecurityDescriptor() { CommonSecurityDescriptor descriptor = new CommonSecurityDescriptor (false, false, ControlFlags.None, null, null, null, null); TestSecurity security = new TestSecurity(descriptor); Assert.IsNull(security.GetOwner(typeof(SecurityIdentifier))); SecurityIdentifier sid = new SecurityIdentifier("WD"); descriptor.Owner = sid; // Not virtual, so the conclusion in the test's title. Assert.IsFalse(security.OwnerModifiedTest); Assert.AreSame(sid, security.GetOwner(typeof(SecurityIdentifier))); security.SetOwner(sid); Assert.IsTrue(security.OwnerModifiedTest); Assert.AreSame(sid, security.GetOwner(typeof(SecurityIdentifier))); }
public void AllTypesAcceptedOnGetGroupOwnerUntilTheyAreSet () { TestSecurity security = new TestSecurity (); Assert.IsNull (security.GetGroup (typeof (void))); Assert.IsNull (security.GetOwner (typeof (int))); SecurityIdentifier everyoneSid = new SecurityIdentifier ("WD"); security.SetOwner (everyoneSid); bool throwsOnInt = false; try { security.GetOwner (typeof (int)); } catch (ArgumentException) { throwsOnInt = true; } Assert.IsTrue (throwsOnInt); bool throwsOnSuperclass = false; try { security.GetOwner (typeof (IdentityReference)); } catch (ArgumentException) { throwsOnSuperclass = true; } Assert.IsTrue (throwsOnSuperclass); Assert.IsNull (security.GetGroup (typeof (void))); Assert.IsInstanceOfType (typeof (SecurityIdentifier), security.GetOwner (typeof (SecurityIdentifier))); }
public void ModifyAccessRuleAllowsDerivedTypeAndCallsModifyAccessButNothingChanges () { bool modifiedRet, modifiedOut; SecurityIdentifier everyoneSid = new SecurityIdentifier ("WD"); TestSecurity security = new TestSecurity (); DerivedAccessRule rule = new DerivedAccessRule (everyoneSid, TestRights.One, AccessControlType.Allow); modifiedRet = security.ModifyAccessRule (AccessControlModification.Add, rule, out modifiedOut); Assert.AreEqual (modifiedRet, modifiedOut); Assert.IsTrue (modifiedRet); Assert.IsTrue (security.modify_access_called); Assert.AreEqual ("D:", security.GetSecurityDescriptorSddlForm (AccessControlSections.All)); // (1) There is no external abstract/virtual 'get collection', // (2) The overrides in this test call this base class, which does not change it, and // (3) There are methods based on the collection value such as GetSecurityDescriptorSddlForm. // Conclusion: Collection is internal and manipulated by derived classes. }
public void ModifyAccessRuleThrowsOnWrongType () { bool modified; SecurityIdentifier everyoneSid = new SecurityIdentifier ("WD"); TestSecurity security = new TestSecurity (); FileSystemAccessRule rule = new FileSystemAccessRule (everyoneSid, FileSystemRights.FullControl, AccessControlType.Allow); security.ModifyAccessRule (AccessControlModification.Add, rule, out modified); }
public void Defaults () { TestSecurity security = new TestSecurity (); Assert.IsTrue (security.IsContainerTest); Assert.IsTrue (security.IsDSTest); }
public void Reset () { bool modifiedRet, modifiedOut; SecurityIdentifier everyoneSid = new SecurityIdentifier ("WD"); TestSecurity security = new TestSecurity (); TestAccessRule rule = new TestAccessRule (everyoneSid, TestRights.One, AccessControlType.Allow); modifiedRet = security.ModifyAccessRule (AccessControlModification.Reset, rule, out modifiedOut); }
public void Protection () { TestSecurity security = new TestSecurity (); security.SetAccessRuleProtection (true, true); Assert.IsTrue (security.AreAccessRulesProtected); Assert.IsFalse (security.AreAuditRulesProtected); security.SetAuditRuleProtection (true, false); Assert.IsTrue (security.AreAccessRulesProtected); Assert.IsTrue (security.AreAuditRulesProtected); security.SetAccessRuleProtection (false, false); Assert.IsFalse (security.AreAccessRulesProtected); Assert.IsTrue (security.AreAuditRulesProtected); security.SetAuditRuleProtection (false, true); Assert.IsFalse (security.AreAccessRulesProtected); Assert.IsFalse (security.AreAuditRulesProtected); }
TestSecurity FactoryCallTest (bool objectAce) { SecurityIdentifier sid = new SecurityIdentifier ("WD"); DiscretionaryAcl dacl = new DiscretionaryAcl (true, true, 1); dacl.AddAccess (AccessControlType.Allow, sid, 1, InheritanceFlags.None, PropagationFlags.None, objectAce ? ObjectAceFlags.ObjectAceTypePresent : ObjectAceFlags.None, Guid.NewGuid (), Guid.Empty); CommonSecurityDescriptor descriptor = new CommonSecurityDescriptor (true, true, ControlFlags.None, null, null, null, dacl); TestSecurity security = new TestSecurity (descriptor); security.GetAccessRules (true, true, typeof (SecurityIdentifier)); return security; }
public void SetGroupThrowsOnNull () { TestSecurity security = new TestSecurity (); security.SetGroup (null); }
public void SetOwnerThrowsOnNull () { TestSecurity security = new TestSecurity (); security.SetOwner (null); }
public void LocksAreEnforced () { TestSecurity security = new TestSecurity (); bool value = security.OwnerModifiedTestWithoutLock; }
public void PurgeThrowsOnNull () { TestSecurity security = new TestSecurity (); security.PurgeAccessRules (null); }
public void DefaultsForSddlAndBinary () { TestSecurity security = new TestSecurity (); Assert.AreEqual ("D:", security.GetSecurityDescriptorSddlForm (AccessControlSections.All)); Assert.AreEqual (28, security.GetSecurityDescriptorBinaryForm ().Length); }
[Category ("NotWorking")] // Mono does not have a working CustomAce implementation yet. public void ObjectSecurityRemovesWhatItCannotCreate () { RawAcl acl = new RawAcl (GenericAcl.AclRevision, 1); acl.InsertAce (0, new CustomAce ((AceType)255, AceFlags.None, new byte[4])); DiscretionaryAcl dacl = new DiscretionaryAcl (true, true, acl); Assert.AreEqual (1, dacl.Count); CommonSecurityDescriptor descriptor = new CommonSecurityDescriptor (true, true, ControlFlags.None, null, null, null, dacl); TestSecurity security = new TestSecurity (descriptor); AuthorizationRuleCollection rules = security.GetAccessRules (true, true, typeof (SecurityIdentifier)); Assert.AreEqual (0, rules.Count); }