public void Should_upgrade_the_secret_with_the_new_hash() { var config = _configProvider.GetHashConfiguration(); A.CallTo(() => _securePackedHashProvider.ComputePackedHashString(Secret, config.GetAlgorithmHashCode(), config.Iterations, config.GetSaltSizeInBytes())).MustHaveHappened(); }
/// <summary> /// Generates a new Secret for the given ApiClient object; the new Secret is hashed, and the pre-hash plain text is returned /// </summary> /// <param name="apiClient">ApiClient entity for which a new secure secret should be generated</param> /// <param name="securePackedHashProvider">Hash provider service</param> /// <param name="hashConfigurationProvider">Hash configuration settings provider</param> /// <returns>Plain text value of Secret, before hasing algorithm has been applied</returns> public static string GenerateSecureClientSecret(this ApiClient apiClient, ISecurePackedHashProvider securePackedHashProvider, IHashConfigurationProvider hashConfigurationProvider) { var hashConfiguration = hashConfigurationProvider.GetHashConfiguration(); var plainTextSecret = apiClient.GenerateSecret(); var hashedSecret = securePackedHashProvider.ComputePackedHashString( plainTextSecret, hashConfiguration.GetAlgorithmHashCode(), hashConfiguration.Iterations, hashConfiguration.GetSaltSizeInBytes()); apiClient.Secret = hashedSecret; apiClient.SecretIsHashed = true; return(plainTextSecret); }
public bool VerifySecret(string key, string presentedSecret, ApiClientSecret actualSecret) { if (!_next.VerifySecret(key, presentedSecret, actualSecret)) { _logger.Warn( $"Unable to decode the secret for vendor \"{key}\" using the secret verifier \"{_next.GetType().Name}\". You may need to reset the secret for this vendor."); return(false); } var hashAlgorithm = _hashConfiguration.GetAlgorithmHashCode(); if (actualSecret.IsHashed) { var packedHash = _packedHashConverter.GetPackedHash(actualSecret.Secret); if (packedHash.HashAlgorithm == hashAlgorithm && packedHash.Iterations == _hashConfiguration.Iterations && packedHash.Salt.Length == _hashConfiguration.GetSaltSizeInBytes()) { return(true); } } actualSecret.Secret = _securePackedHashProvider.ComputePackedHashString( presentedSecret, hashAlgorithm, _hashConfiguration.Iterations, _hashConfiguration.GetSaltSizeInBytes()); actualSecret.IsHashed = true; _apiClientSecretProvider.SetSecret(key, actualSecret); return(true); }
protected override void Act() { _actualResponse = _securePackedHashProvider.ComputePackedHashString("MySecret", 123, 321, 3); }