public void CanCreateBinaryDataFromBytes()
{
byte[] payload = Encoding.UTF8.GetBytes("some data");
BinaryData data = BinaryData.FromBytes(payload);
Assert.Equal(payload, data.ToArray());
MemoryMarshal.TryGetArray <byte>(payload, out ArraySegment <byte> array);
Assert.Same(payload, array.Array);
// using implicit conversion
ReadOnlyMemory <byte> bytes = data;
Assert.Equal(payload, bytes.ToArray());
// using implicit conversion
ReadOnlySpan <byte> span = data;
Assert.Equal(payload, span.ToArray());
// using implicit conversion from null
BinaryData nullData = null;
ReadOnlyMemory <byte> emptyBytes = nullData;
Assert.True(emptyBytes.IsEmpty);
// using implicit conversion from null
ReadOnlySpan <byte> emptySpan = nullData;
Assert.True(emptySpan.IsEmpty);
}
public async Task DownloadStreamingRange(int offset, int length)
{
await using DisposingContainer test = await BlobsClientBuilder.GetTestContainerAsync();
// Arrange
const int size = 8 * Constants.KB;
var data = GetRandomBuffer(size);
TestProgress progress = new TestProgress();
var client = test.Container.GetBlobClient(BlobsClientBuilder.GetNewBlobName());
await client.UploadAsync(BinaryData.FromBytes(data));
// Act
var result = await client.DownloadStreamingAsync(
progressHandler : progress,
range : new HttpRange(offset, length));
var downloadedData = new byte[result.Value.Details.ContentLength];
using (Stream ms = new MemoryStream(downloadedData))
{
await result.Value.Content.CopyToAsync(ms);
}
// Assert
Assert.AreNotEqual(0, progress.List.Count);
Assert.AreEqual(length, progress.List.Max());
Assert.IsTrue(new ReadOnlySpan <byte>(data, offset, length).SequenceEqual(downloadedData));
}
public async Task AttestOpenEnclaveShared()
{
byte[] binaryReport = Base64Url.Decode(_openEnclaveReport);
byte[] binaryRuntimeData = Base64Url.Decode(_runtimeData);
var client = TestEnvironment.GetSharedAttestationClient(this);
IReadOnlyList <AttestationSigner> signingCertificates = (await client.GetSigningCertificatesAsync()).Value;
{
// Collect quote and enclave held data from an SGX enclave.
var attestationResult = await client.AttestOpenEnclaveAsync(
new AttestationRequest
{
Evidence = BinaryData.FromBytes(binaryReport),
RuntimeData = new AttestationData(BinaryData.FromBytes(binaryRuntimeData), false),
});
// Confirm that the attestation token contains the enclave held data we specified.
CollectionAssert.AreEqual(binaryRuntimeData, attestationResult.Value.EnclaveHeldData.ToArray());
// VERIFY ATTESTATIONRESULT.
// Encrypt Data using DeprecatedEnclaveHeldData
// Send to enclave.
}
}
[TestCase(256 * Constants.KB)] // multi-report case
public async Task DownloadStreaming(int size)
{
await using DisposingContainer test = await BlobsClientBuilder.GetTestContainerAsync();
// Arrange
var data = GetRandomBuffer(size);
TestProgress progress = new TestProgress();
var client = test.Container.GetBlobClient(BlobsClientBuilder.GetNewBlobName());
await client.UploadAsync(BinaryData.FromBytes(data));
// Act
var result = await client.DownloadStreamingAsync(
progressHandler : progress);
var downloadedData = new byte[result.Value.Details.ContentLength];
using (Stream ms = new MemoryStream(downloadedData))
{
await result.Value.Content.CopyToAsync(ms);
}
// Assert
Assert.AreNotEqual(0, progress.List.Count);
Assert.AreEqual(size, progress.List.Max());
}
[TestCase(Constants.MB, 100 * Constants.KB, 10)] // multi-report per-partition case
public async Task DownloadTo(int dataLength, int?partitionSize, int?parallelism)
{
await using DisposingContainer test = await BlobsClientBuilder.GetTestContainerAsync();
// Arrange
var data = GetRandomBuffer(dataLength);
TestProgress progress = new TestProgress();
var client = test.Container.GetBlobClient(BlobsClientBuilder.GetNewBlobName());
await client.UploadAsync(BinaryData.FromBytes(data));
// Act
var downloadedData = new MemoryStream();
await client.DownloadToAsync(downloadedData, new BlobDownloadToOptions
{
ProgressHandler = progress,
TransferOptions = new StorageTransferOptions
{
InitialTransferSize = partitionSize,
MaximumTransferSize = partitionSize,
MaximumConcurrency = parallelism
}
});
// Assert
Assert.AreNotEqual(0, progress.List.Count);
Assert.AreEqual(downloadedData.Length, progress.List.Max());
Assert.AreEqual(data.Length, downloadedData.Length);
Assert.IsTrue(Enumerable.SequenceEqual(data, downloadedData.ToArray()));
}
public async Task AttestOpenEnclaveSharedCallbackRejects()
{
byte[] binaryReport = Base64Url.Decode(_openEnclaveReport);
byte[] binaryRuntimeData = Base64Url.Decode(_runtimeData);
bool callbackInvoked = false;
AttestationTokenValidationOptions tokenValidationOptions = new AttestationTokenValidationOptions
{
ValidateExpirationTime = TestEnvironment.IsTalkingToLiveServer,
};
tokenValidationOptions.TokenValidated += (args) =>
{
callbackInvoked = true;
args.IsValid = false;
return(Task.CompletedTask);
};
var client = TestEnvironment.GetSharedAttestationClient(this, tokenValidationOptions);
IReadOnlyList <AttestationSigner> signingCertificates = (await client.GetSigningCertificatesAsync()).Value;
{
// Collect quote and enclave held data from an SGX enclave.
Assert.ThrowsAsync(typeof(AttestationTokenValidationFailedException), async() => await client.AttestOpenEnclaveAsync(
new AttestationRequest
{
Evidence = BinaryData.FromBytes(binaryReport),
RuntimeData = new AttestationData(BinaryData.FromBytes(binaryRuntimeData), false),
}));
Assert.IsTrue(callbackInvoked);
}
}
/// <summary>
/// Retrieves the body of an <see cref="AmqpAnnotatedMessage" /> in the form
/// needed by the <see cref="EventData.EventBody" /> accessor.
/// </summary>
///
/// <param name="instance">The instance that this method was invoked on.</param>
///
/// <returns>The body of the <paramref name="instance"/>, in the appropriate form for use by an <see cref="EventData" /> instance.</returns>
///
/// <exception cref="NotSupportedException">The body of the <paramref name="instance" /> cannot be used directly by <see cref="EventData" />.</exception>
///
public static BinaryData GetEventBody(this AmqpAnnotatedMessage instance)
{
if (instance.Body.TryGetData(out IEnumerable <ReadOnlyMemory <byte> > dataBody))
{
return(BinaryData.FromBytes(MessageBody.FromReadOnlyMemorySegments(dataBody)));
}
throw new NotSupportedException(string.Format(CultureInfo.InvariantCulture, Resources.RawAmqpBodyTypeMask, nameof(EventData), nameof(EventData.EventBody), instance.Body.BodyType, nameof(EventData.GetRawAmqpMessage)));
}
public static IList <BinaryData> GetDataViaDataBody(this AmqpMessage message)
{
IList <BinaryData> dataList = new List <BinaryData>();
foreach (Data data in (message.DataBody ?? Enumerable.Empty <Data>()))
{
dataList.Add(BinaryData.FromBytes(data.GetByteArray()));
}
return(dataList);
}
public void CreateThrowsOnNullArray()
{
byte[] payload = null;
var ex = Assert.Throws <ArgumentNullException>(() => new BinaryData(payload));
Assert.Contains("data", ex.Message);
ex = Assert.Throws <ArgumentNullException>(() => BinaryData.FromBytes(null));
Assert.Contains("data", ex.Message);
}
public async Task <BlobClient[]> CreateBlobsAsync(BlobContainerClient container, int count)
{
BlobClient[] blobs = new BlobClient[count];
for (int i = 0; i < count; i++)
{
blobs[i] = _test.InstrumentClient(container.GetBlobClient("blob" + (++_blobId)));
await blobs[i].UploadAsync(BinaryData.FromBytes(_test.GetRandomBuffer(Constants.KB)));
}
return(blobs);
}
public static IList <ReadOnlyMemory <byte> > GetDataViaDataBody(AmqpMessage message)
{
IList <ReadOnlyMemory <byte> > dataList = new List <ReadOnlyMemory <byte> >();
foreach (Data data in (message.DataBody ?? Enumerable.Empty <Data>()))
{
dataList.Add(BinaryData.FromBytes(GetByteArrayCopy(data)));
}
return(dataList);
}
public async Task ToStreamRespectsArraySegmentBoundaries()
{
var payload = "pre payload post";
var bytes = Encoding.UTF8.GetBytes(payload);
var segment = new ArraySegment <byte>(bytes, 4, 7);
var data = BinaryData.FromBytes((ReadOnlyMemory <byte>)segment);
var stream = data.ToStream();
var sr = new StreamReader(stream);
Assert.AreEqual("payload", await sr.ReadToEndAsync());
}
public async Task ToStreamIsMutatedWhenCustomerOwnsBuffer()
{
byte[] buffer = Encoding.UTF8.GetBytes("some data");
BinaryData data = BinaryData.FromBytes(buffer);
Stream stream = data.ToStream();
buffer[0] = (byte)'z';
StreamReader sr = new StreamReader(stream);
Assert.Equal("zome data", await sr.ReadToEndAsync());
}
public async Task AttestOpenEnclaveSharedValidateCallback()
{
byte[] binaryReport = Base64Url.Decode(_openEnclaveReport);
byte[] binaryRuntimeData = Base64Url.Decode(_runtimeData);
bool callbackInvoked = false;
AttestationTokenValidationOptions tokenValidationOptions = new AttestationTokenValidationOptions
{
ValidateExpirationTime = TestEnvironment.IsTalkingToLiveServer,
};
tokenValidationOptions.TokenValidated += (args) =>
{
// Verify that the callback can access the enclave held data field.
CollectionAssert.AreEqual(binaryRuntimeData, args.Token.GetBody <AttestationResult>().EnclaveHeldData.ToArray());
// The MAA service always sends a Key ID for the signer.
args.IsValid =
null != args.Signer.CertificateKeyId &&
1 == args.Signer.SigningCertificates.Count &&
null != args.Signer.SigningCertificates[0] &&
TestEnvironment.SharedAttestationUrl == args.Token.Issuer;
callbackInvoked = true;
return(Task.CompletedTask);
};
var client = TestEnvironment.GetSharedAttestationClient(this, tokenValidationOptions);
IReadOnlyList <AttestationSigner> signingCertificates = (await client.GetSigningCertificatesAsync()).Value;
{
// Collect quote and enclave held data from an SGX enclave.
var attestationResult = await client.AttestOpenEnclaveAsync(
new AttestationRequest
{
Evidence = BinaryData.FromBytes(binaryReport),
RuntimeData = new AttestationData(BinaryData.FromBytes(binaryRuntimeData), false),
});
// Confirm that the attestation token contains the enclave held data we specified.
CollectionAssert.AreEqual(binaryRuntimeData, attestationResult.Value.EnclaveHeldData.ToArray());
#pragma warning disable CS0618 // Type or member is obsolete
Assert.IsNotNull(attestationResult.Value.DeprecatedEnclaveHeldData);
CollectionAssert.AreEqual(binaryRuntimeData, attestationResult.Value.DeprecatedEnclaveHeldData.ToArray());
Assert.IsNotNull(attestationResult.Value.DeprecatedEnclaveHeldData2);
CollectionAssert.AreEqual(binaryRuntimeData, attestationResult.Value.DeprecatedEnclaveHeldData2.ToArray());
#pragma warning restore CS0618 // Type or member is obsolete
// VERIFY ATTESTATIONRESULT.
// Encrypt Data using DeprecatedEnclaveHeldData
// Send to enclave.
Assert.IsTrue(callbackInvoked);
}
}
public async Task ToStreamRespectsArraySegmentBoundaries()
{
string payload = "pre payload post";
byte[] bytes = Encoding.UTF8.GetBytes(payload);
ArraySegment <byte> segment = new ArraySegment <byte>(bytes, 4, 7);
BinaryData data = BinaryData.FromBytes(segment);
Stream stream = data.ToStream();
StreamReader sr = new StreamReader(stream);
Assert.Equal("payload", await sr.ReadToEndAsync());
}
public void ToStringRespectsArraySegmentBoundaries()
{
string payload = "pre payload post";
byte[] bytes = Encoding.UTF8.GetBytes(payload);
ArraySegment <byte> segment = new ArraySegment <byte>(bytes, 4, 7);
BinaryData data = BinaryData.FromBytes(segment);
Assert.Equal("payload", data.ToString());
data = BinaryData.FromBytes(segment.Array);
Assert.Equal("pre payload post", data.ToString());
}
public void EqualsRespectsReferenceEquality()
{
var payload = Encoding.UTF8.GetBytes("some data");
var a = BinaryData.FromBytes(payload);
var b = BinaryData.FromBytes(payload);
Assert.AreEqual(a, b);
var c = BinaryData.FromBytes(Encoding.UTF8.GetBytes("some data"));
Assert.AreNotEqual(a, c);
Assert.AreNotEqual(a, "string data");
}
public void EqualsRespectsReferenceEquality()
{
byte[] payload = "some data" u8.ToArray();
BinaryData a = BinaryData.FromBytes(payload);
BinaryData b = BinaryData.FromBytes(payload);
Assert.NotEqual(a, b);
BinaryData c = BinaryData.FromBytes("some data" u8.ToArray());
Assert.NotEqual(a, c);
Assert.False(a.Equals("string data"));
}
public void EqualsRespectsReferenceEquality()
{
byte[] payload = Encoding.UTF8.GetBytes("some data");
BinaryData a = BinaryData.FromBytes(payload);
BinaryData b = BinaryData.FromBytes(payload);
Assert.NotEqual(a, b);
BinaryData c = BinaryData.FromBytes(Encoding.UTF8.GetBytes("some data"));
Assert.NotEqual(a, c);
Assert.False(a.Equals("string data"));
}
private async Task TestBindToBinaryData(byte[] expectedContent)
{
// Arrange
var queue = await CreateQueue(queueServiceClient, QueueName);
await queue.SendMessageAsync(BinaryData.FromBytes(expectedContent));
// Act
BinaryData result = await RunTriggerAsync <BinaryData>(typeof(BindToBinaryDataProgram),
(s) => BindToBinaryDataProgram.TaskSource = s);
// Assert
Assert.AreEqual(expectedContent, result.ToArray());
}
public async Task AttestSgxEnclaveSharedValidateCallback()
{
// An SGX Quote is an OpenEnclave report with the first 16 bytes stripped from it.
var report = Base64Url.Decode(_openEnclaveReport);
var quoteList = report.ToList();
quoteList.RemoveRange(0, 0x10);
byte[] binaryQuote = quoteList.ToArray();
byte[] binaryRuntimeData = Base64Url.Decode(_runtimeData);
bool callbackInvoked = false;
var tokenValidationOptions = new AttestationTokenValidationOptions
{
ValidateExpirationTime = TestEnvironment.IsTalkingToLiveServer,
};
tokenValidationOptions.TokenValidated += (AttestationTokenValidationEventArgs args) =>
{
// Verify that the callback can access the enclave held data field.
CollectionAssert.AreEqual(binaryRuntimeData, args.Token.GetBody <AttestationResult>().EnclaveHeldData.ToArray());
// The MAA service always sends a Key ID for the signer.
Assert.IsNotNull(args.Signer.CertificateKeyId);
Assert.AreEqual(TestEnvironment.SharedAttestationUrl, args.Token.Issuer);
callbackInvoked = true;
return(Task.CompletedTask);
};
var client = TestEnvironment.GetSharedAttestationClient(this, tokenValidationOptions);
IReadOnlyList <AttestationSigner> signingCertificates = (await client.GetSigningCertificatesAsync()).Value;
{
// Collect quote and enclave held data from an SGX enclave.
var attestationResult = await client.AttestSgxEnclaveAsync(
new AttestationRequest
{
Evidence = BinaryData.FromBytes(binaryQuote),
RuntimeData = new AttestationData(BinaryData.FromBytes(binaryRuntimeData), false),
});
// Confirm that the attestation token contains the enclave held data we specified.
CollectionAssert.AreEqual(binaryRuntimeData, attestationResult.Value.EnclaveHeldData.ToArray());
// VERIFY ATTESTATIONRESULT.
// Encrypt Data using DeprecatedEnclaveHeldData
// Send to enclave.
Assert.IsTrue(callbackInvoked);
}
}
public void CanCreateBinaryDataFromBytes()
{
byte[] payload = Encoding.UTF8.GetBytes("some data");
BinaryData data = BinaryData.FromBytes(payload);
Assert.AreEqual(payload, data.Bytes.ToArray());
MemoryMarshal.TryGetArray <byte>(payload, out var array);
Assert.AreSame(payload, array.Array);
// using implicit conversion
ReadOnlyMemory <byte> bytes = data;
Assert.AreEqual(payload, bytes.ToArray());
}
public void ToStringRespectsArraySegmentBoundaries()
{
var payload = "pre payload post";
var bytes = Encoding.UTF8.GetBytes(payload);
var segment = new ArraySegment <byte>(bytes, 4, 7);
var data = BinaryData.FromBytes((ReadOnlyMemory <byte>)segment);
Assert.AreEqual("payload", data.ToString());
data = BinaryData.FromBytes((ReadOnlySpan <byte>)segment);
Assert.AreEqual("payload", data.ToString());
data = BinaryData.FromBytes(segment.Array);
Assert.AreEqual("pre payload post", data.ToString());
}
/// <summary>
/// Reads the data body of an AMQP message, transforming it for use
/// as the body of an <see cref="EventData" /> instance.
/// </summary>
///
/// <param name="body">The body data set of an AMQP message.</param>
///
/// <returns>A <see cref="BinaryData" /> representation of the <paramref name="body"/>.</returns>
///
private static BinaryData ReadAmqpDataBody(IEnumerable <Data> body)
{
var writer = new ArrayBufferWriter <byte>();
foreach (var data in body)
{
var dataBytes = GetDataBytes(data);
dataBytes.CopyTo(writer.GetMemory(dataBytes.Length));
writer.Advance(dataBytes.Length);
}
return((writer.WrittenCount > 0)
? BinaryData.FromBytes(writer.WrittenMemory)
: new BinaryData(Array.Empty <byte>()));
}
public async Task AttestSgxEnclaveShared()
{
// An SGX Quote is an OpenEnclave report with the first 16 bytes stripped from it.
var report = Base64Url.Decode(_openEnclaveReport);
var quoteList = report.ToList();
quoteList.RemoveRange(0, 0x10);
byte[] binaryQuote = quoteList.ToArray();
byte[] binaryRuntimeData = Base64Url.Decode(_runtimeData);
var client = TestEnvironment.GetSharedAttestationClient(this);
IReadOnlyList <AttestationSigner> signingCertificates = (await client.GetSigningCertificatesAsync()).Value;
{
// Collect quote and enclave held data from an SGX enclave.
var attestationResult = await client.AttestSgxEnclaveAsync(
new AttestationRequest
{
Evidence = BinaryData.FromBytes(binaryQuote),
RuntimeData = new AttestationData(BinaryData.FromBytes(binaryRuntimeData), false),
});
// Confirm that the attestation token contains the enclave held data we specified.
CollectionAssert.AreEqual(binaryRuntimeData, attestationResult.Value.EnclaveHeldData.ToArray());
// VERIFY ATTESTATIONRESULT.
// Encrypt Data using DeprecatedEnclaveHeldData
// Send to enclave.
}
{
// Collect quote and enclave held data from an SGX enclave.
var attestationResult = await client.AttestSgxEnclaveAsync(
new AttestationRequest
{
Evidence = BinaryData.FromBytes(binaryQuote),
RuntimeData = new AttestationData(BinaryData.FromBytes(binaryRuntimeData), true),
});
// Confirm that the attestation token contains the enclave held data we specified.
Assert.IsNull(attestationResult.Value.EnclaveHeldData);
// VERIFY ATTESTATIONRESULT.
// Encrypt Data using DeprecatedEnclaveHeldData
// Send to enclave.
}
}
public async Task RunAsync()
{
// Fetch file
var enclaveInfo = await EnclaveInfo.CreateFromFileAsync(this.fileName);
// Send to service for attestation
string endpoint = "https://" + this.attestDnsName;
// Send to service for attestation
var options = new AttestationClientOptions(tokenOptions: new AttestationTokenValidationOptions
{
ExpectedIssuer = endpoint,
ValidateIssuer = true,
}
);
options.TokenOptions.TokenValidated += (args) =>
{
// Analyze results
Logger.WriteBanner("IN VALIDATION CALLBACK, VALIDATING MAA JWT TOKEN - BASICS");
JwtValidationHelper.ValidateMaaJwt(attestDnsName, args.Token, args.Signer, this.includeDetails);
args.IsValid = true;
return(Task.CompletedTask);
};
var maaService = new AttestationClient(new Uri(endpoint), new DefaultAzureCredential(), options);
BinaryData openEnclaveReport = BinaryData.FromBytes(HexHelper.ConvertHexToByteArray(enclaveInfo.QuoteHex));
BinaryData runtimeData = BinaryData.FromBytes(HexHelper.ConvertHexToByteArray(enclaveInfo.EnclaveHeldDataHex));
var serviceResponse = await maaService.AttestOpenEnclaveAsync(
new AttestationRequest
{
Evidence = openEnclaveReport,
RuntimeData = new AttestationData(runtimeData, false),
});
var serviceJwtToken = serviceResponse.Token.ToString();
Logger.WriteBanner("VALIDATING MAA JWT TOKEN - MATCHES CLIENT ENCLAVE INFO");
enclaveInfo.CompareToMaaServiceJwtToken(serviceResponse.Value, this.includeDetails);
}
public async Task QueueTrigger_IfMessageIsUtf8ByteArray_ProvidesQueueTriggerBindingData()
{
// Arrange
const string expectedQueueTrigger = "abc";
byte[] content = Encoding.UTF8.GetBytes(expectedQueueTrigger);
var queue = await CreateQueue(queueServiceClient, QueueName);
await queue.SendMessageAsync(BinaryData.FromBytes(content));
// Act
string result = await RunTriggerAsync <string>(typeof(BindToQueueTriggerBindingDataProgram),
(s) => BindToQueueTriggerBindingDataProgram.TaskSource = s);
// Assert
Assert.AreEqual(expectedQueueTrigger, result);
}
// Returns via the out parameter the flattened collection of bytes.
// A majority of the time, data will only contain 1 element.
// The method is optimized for this situation to return the pre-existing array.
public static BinaryData ConvertAndFlattenData(this IEnumerable <ReadOnlyMemory <byte> > dataList)
{
var writer = new ArrayBufferWriter <byte>();
Memory <byte> memory;
foreach (ReadOnlyMemory <byte> data in dataList)
{
memory = writer.GetMemory(data.Length);
data.CopyTo(memory);
writer.Advance(data.Length);
}
if (writer.WrittenCount == 0)
{
return(new BinaryData(Array.Empty <byte>()));
}
return(BinaryData.FromBytes(writer.WrittenMemory));
}
// Returns via the out parameter the flattened collection of bytes.
// A majority of the time, data will only contain 1 element.
// The method is optimized for this situation to return the pre-existing array.
public static BinaryData ConvertAndFlattenData(this IEnumerable <BinaryData> dataList)
{
var writer = new ArrayBufferWriter <byte>();
Memory <byte> memory;
foreach (BinaryData data in dataList)
{
ReadOnlyMemory <byte> bytes = data.ToBytes();
memory = writer.GetMemory(bytes.Length);
bytes.CopyTo(memory);
writer.Advance(bytes.Length);
}
if (writer.WrittenCount == 0)
{
return(new BinaryData());
}
return(BinaryData.FromBytes(writer.WrittenMemory));
}
public void ToFromBytes()
{
#region Snippet:BinaryDataToFromBytes
var bytes = Encoding.UTF8.GetBytes("some data");
// when using the ReadOnlySpan constructor the underlying data is copied.
var data = new BinaryData(new ReadOnlySpan <byte>(bytes));
// when using the static factory method, the data is wrapped
data = BinaryData.FromBytes(bytes);
// there is an implicit cast defined for ReadOnlyMemory<byte>
ReadOnlyMemory <byte> rom = data;
// there is also a Bytes property that holds the data
rom = data.Bytes;
#endregion
}
