public async Task CreateNewVirgilCard_SignatureValidation_ShouldPassValidation()
{
var crypto = new VirgilCrypto();
var client = IntegrationHelper.GetVirgilClient();
// CREATING A VIRGIL CARD
var appKey = crypto.ImportPrivateKey(IntegrationHelper.AppKey, IntegrationHelper.AppKeyPassword);
var aliceKeys = crypto.GenerateKeys();
var exportedPublicKey = crypto.ExportPublicKey(aliceKeys.PublicKey);
var aliceIdentity = "alice-" + Guid.NewGuid();
var request = new PublishCardRequest(aliceIdentity, "member", exportedPublicKey);
var requestSigner = new RequestSigner(crypto);
requestSigner.SelfSign(request, aliceKeys.PrivateKey);
requestSigner.AuthoritySign(request, IntegrationHelper.AppID, appKey);
var aliceCard = await client.PublishCardAsync(request);
// VALIDATING A VIRGIL CARD
var appPublicKey = crypto.ExtractPublicKey(appKey);
var exportedAppPublicKey = crypto.ExportPublicKey(appPublicKey);
var validator = new CardValidator(crypto);
validator.AddVerifier(IntegrationHelper.AppID, exportedAppPublicKey);
validator.Validate(aliceCard).Should().BeTrue();
await IntegrationHelper.RevokeCard(aliceCard.Id);
}
public static Tuple <Jwt, JwtGenerator> PredefinedToken(
this Faker faker,
VirgilAccessTokenSigner signer,
TimeSpan lifeTime,
out string apiPublicKeyId,
out string apiPublicKeyBase64)
{
var crypto = new VirgilCrypto();
var apiKeyPair = crypto.GenerateKeys();
var fingerprint = crypto.GenerateHash(crypto.ExportPublicKey(apiKeyPair.PublicKey));
apiPublicKeyId = Bytes.ToString(fingerprint, StringEncoding.HEX);
apiPublicKeyBase64 = Bytes.ToString(
crypto.ExportPublicKey(apiKeyPair.PublicKey), StringEncoding.BASE64);
var jwtGenerator = new JwtGenerator(
faker.AppId(),
apiKeyPair.PrivateKey,
apiPublicKeyId,
lifeTime,
signer);
var additionalData = new Dictionary <string, string>
{
{ "username", "some_username" }
};
var dict = additionalData.ToDictionary(entry => (object)entry.Key, entry => (object)entry.Value);
var token = jwtGenerator.GenerateToken("some_identity", dict);
return(new Tuple <Jwt, JwtGenerator>(token, jwtGenerator));
}
public async Task AddOrDeleteRelationWithoutAuthoritySign_ExceptionShouldOccur()
{
const string identityType = "member";
var crypto = new VirgilCrypto();
var client = PredefinedClient(crypto);
var requestSigner = new RequestSigner(crypto);
var aliceKeys = crypto.GenerateKeys();
var aliceExportedPublicKey = crypto.ExportPublicKey(aliceKeys.PublicKey);
var aliceRequest = new PublishCardRequest("alice", identityType, aliceExportedPublicKey);
var bobKeys = crypto.GenerateKeys();
var bobExportedPublicKey = crypto.ExportPublicKey(bobKeys.PublicKey);
var bobRequest = new PublishCardRequest("bob", identityType, bobExportedPublicKey);
var appId = ConfigurationManager.AppSettings["virgil:AppID"];
var appKey = crypto.ImportPrivateKey(
VirgilBuffer.FromFile(ConfigurationManager.AppSettings["virgil:AppKeyPath"]).GetBytes(),
ConfigurationManager.AppSettings["virgil:AppKeyPassword"]);
// publish cards
requestSigner.SelfSign(aliceRequest, aliceKeys.PrivateKey);
requestSigner.AuthoritySign(aliceRequest, appId, appKey);
var aliceCardModel = await client
.PublishCardAsync(aliceRequest).ConfigureAwait(false);
requestSigner.SelfSign(bobRequest, bobKeys.PrivateKey);
requestSigner.AuthoritySign(bobRequest, appId, appKey);
var bobCardModel = await client
.PublishCardAsync(bobRequest).ConfigureAwait(false);
aliceCardModel.Meta.Relations.Count.ShouldBeEquivalentTo(0);
// add Bob's card to Alice's relations
var addRelationRequest = new AddRelationRequest(bobCardModel.SnapshotModel);
Assert.ThrowsAsync <Exceptions.RelationException>(() => client.AddRelationAsync(addRelationRequest));
// Delete Bob's card from Alice's relations
var deleteRelationRequest = new DeleteRelationRequest(bobCardModel.Id, RevocationReason.Unspecified);
Assert.ThrowsAsync <Exceptions.RelationException>(() => client.DeleteRelationAsync(deleteRelationRequest));
// delete cards
var revokeBobRequest = new RevokeCardRequest(bobCardModel.Id, RevocationReason.Unspecified);
requestSigner.AuthoritySign(revokeBobRequest, appId, appKey);
await client.RevokeCardAsync(revokeBobRequest);
var revokeAliceRequest = new RevokeCardRequest(aliceCardModel.Id, RevocationReason.Unspecified);
requestSigner.AuthoritySign(revokeAliceRequest, appId, appKey);
await client.RevokeCardAsync(revokeAliceRequest);
}
public async Task SearchForTheVirgilCards_MultipleIdentitiesGiven_ShouldReturnVirgilCards()
{
// Initialization
var crypto = new VirgilCrypto();
var client = IntegrationHelper.GetVirgilClient();
var requestSigner = new RequestSigner(crypto);
var appKey = crypto.ImportPrivateKey(IntegrationHelper.AppKey, IntegrationHelper.AppKeyPassword);
// Prepare Requests
var aliceIdentity = "alice-" + Guid.NewGuid();
var aliceKeys = crypto.GenerateKeys();
var alicePublicKey = crypto.ExportPublicKey(aliceKeys.PublicKey);
var bobIdentity = "bob-" + Guid.NewGuid();
var bobKeys = crypto.GenerateKeys();
var bobPublicKey = crypto.ExportPublicKey(bobKeys.PublicKey);
var aliceRequest = new PublishCardRequest(aliceIdentity, "member", alicePublicKey);
var bobRequest = new PublishCardRequest(bobIdentity, "member", bobPublicKey);
requestSigner.SelfSign(aliceRequest, aliceKeys.PrivateKey);
requestSigner.AuthoritySign(aliceRequest, IntegrationHelper.AppID, appKey);
requestSigner.SelfSign(bobRequest, bobKeys.PrivateKey);
requestSigner.AuthoritySign(bobRequest, IntegrationHelper.AppID, appKey);
// Publish Virgil Cards
var aliceCard = await client.PublishCardAsync(aliceRequest);
var bobCard = await client.PublishCardAsync(bobRequest);
// Search for the Virgil Cards
var foundCards = await client.SearchCardsAsync(new SearchCriteria
{
Identities = new[] { bobIdentity, aliceIdentity }
});
// Assertions
foundCards.Should().HaveCount(2);
foundCards.Single(it => it.Id == aliceCard.Id).ShouldBeEquivalentTo(aliceCard);
foundCards.Single(it => it.Id == bobCard.Id).ShouldBeEquivalentTo(bobCard);
await IntegrationHelper.RevokeCard(aliceCard.Id);
await IntegrationHelper.RevokeCard(bobCard.Id);
}
public async Task CreateNewVirgilCard_IdentityAndPublicKeyGiven_ShouldBeFoundByIdentity()
{
var crypto = new VirgilCrypto();
var client = IntegrationHelper.GetVirgilClient();
var appKey = crypto.ImportPrivateKey(IntegrationHelper.AppKey, IntegrationHelper.AppKeyPassword);
var aliceKeys = crypto.GenerateKeys();
var exportedPublicKey = crypto.ExportPublicKey(aliceKeys.PublicKey);
var aliceIdentity = "alice-" + Guid.NewGuid();
var request = new PublishCardRequest(aliceIdentity, "member", exportedPublicKey);
var requestSigner = new RequestSigner(crypto);
requestSigner.SelfSign(request, aliceKeys.PrivateKey);
requestSigner.AuthoritySign(request, IntegrationHelper.AppID, appKey);
var newCard = await client.PublishCardAsync(request);
var cards = await client.SearchCardsAsync(new SearchCriteria { Identities = new[] { aliceIdentity } });
cards.Should().HaveCount(1);
var foundCard = cards.Single();
newCard.ShouldBeEquivalentTo(foundCard);
}
public void Export_WithoutParameters_ShouldBeEquivalentToImportedRequest()
{
var crypto = new VirgilCrypto();
var aliceKeys = crypto.GenerateKeys();
var exportedPublicKey = crypto.ExportPublicKey(aliceKeys.PublicKey);
const string identity = "alice";
const string identityType = "member";
var request = new PublishCardRequest(
identity: identity,
identityType: identityType,
publicKeyData: exportedPublicKey,
customFields: new Dictionary <string, string>
{
["key1"] = "value1",
["key2"] = "value2"
},
info: new CardInfoModel
{
Device = "Device",
DeviceName = "DeviceName"
});
var requestSigner = new RequestSigner(crypto);
requestSigner.SelfSign(request, aliceKeys.PrivateKey);
var exportedRequest = request.Export();
var importedRequest = new PublishCardRequest(exportedRequest);
request.ShouldBeEquivalentTo(importedRequest);
}
public async Task SearchForVirgilCards_ValidationWithServiceKey_ShouldPassValidation()
{
var crypto = new VirgilCrypto();
var client = IntegrationHelper.GetVirgilClient();
client.SetCardValidator(new CardValidator(crypto));
// CREATING A VIRGIL CARD
var appKey = crypto.ImportPrivateKey(IntegrationHelper.AppKey, IntegrationHelper.AppKeyPassword);
var aliceKeys = crypto.GenerateKeys();
var exportedPublicKey = crypto.ExportPublicKey(aliceKeys.PublicKey);
var aliceIdentity = "alice-" + Guid.NewGuid();
var request = new PublishCardRequest(aliceIdentity, "member", exportedPublicKey);
var requestSigner = new RequestSigner(crypto);
requestSigner.SelfSign(request, aliceKeys.PrivateKey);
requestSigner.AuthoritySign(request, IntegrationHelper.AppID, appKey);
var aliceCard = await client.PublishCardAsync(request);
// VALIDATING A VIRGIL CARD
var cards = await client.SearchCardsAsync(SearchCriteria.ByIdentity(aliceIdentity));
aliceCard.ShouldBeEquivalentTo(cards.Single());
await IntegrationHelper.RevokeCard(aliceCard.Id);
}
public async Task GetSignleVirgilCard_ByGivenId_ShouldReturnVirgilCard()
{
var crypto = new VirgilCrypto();
var client = IntegrationHelper.GetVirgilClient();
var requestSigner = new RequestSigner(crypto);
var appKey = crypto.ImportPrivateKey(IntegrationHelper.AppKey, IntegrationHelper.AppKeyPassword);
// Prepare Requests
var aliceIdentity = "alice-" + Guid.NewGuid();
var aliceKeys = crypto.GenerateKeys();
var alicePublicKey = crypto.ExportPublicKey(aliceKeys.PublicKey);
var aliceRequest = new PublishCardRequest(aliceIdentity, "member", alicePublicKey);
requestSigner.SelfSign(aliceRequest, aliceKeys.PrivateKey);
requestSigner.AuthoritySign(aliceRequest, IntegrationHelper.AppID, appKey);
var aliceCard = await client.PublishCardAsync(aliceRequest);
var foundAliceCard = await client.GetCardAsync(aliceCard.Id);
aliceCard.ShouldBeEquivalentTo(foundAliceCard);
await IntegrationHelper.RevokeCard(aliceCard.Id);
}
public void Validate_Should_ValidateByAppSign()
{
var crypto = new VirgilCrypto();
var validator = new VirgilCardVerifier(new VirgilCardCrypto());
var vrigilPublicKeyBytes = crypto.ExportPublicKey(faker.PredefinedVirgilKeyPair().PublicKey);
validator.ChangeServiceCreds(
Bytes.ToString(vrigilPublicKeyBytes, StringEncoding.BASE64)
);
var appKeyPair = crypto.GenerateKeys();
var appPublicKey = Bytes.ToString(crypto.ExportPublicKey(crypto.ExtractPublicKey(appKeyPair.PrivateKey)),
StringEncoding.BASE64);
var list = new List <VerifierCredentials>
{
new VerifierCredentials()
{
Signer = "my_app", PublicKeyBase64 = appPublicKey
}
};
//validator.Whitelist = list;
var keypair = crypto.GenerateKeys();
var cardCrypto = new VirgilCardCrypto();
/* var csr = CSR.Generate(cardCrypto, new CardParams
* {
* Identity = "some_identity",
* PublicKey = crypto.ExtractPublicKey(keypair.PrivateKey),
* PrivateKey = keypair.PrivateKey
* });
*
*
* csr.Sign(cardCrypto, new ExtendedSignParams
* {
* SignerId = "",
* SignerType = SignerType.App.ToLowerString(),
* SignerPrivateKey = appKeyPair.PrivateKey
* });
*
* var card = CardUtils.Parse(cardCrypto, csr.RawSignedModel);
*
* var result = validator.VerifyCard(card);
* result.Should().BeTrue();*/
}
public void ImportExportedPublicKey_Should_ReturnEquivalentKey()
{
var crypto = new VirgilCrypto();
var keyPair = crypto.GenerateKeys();
var exportedKey = crypto.ExportPublicKey(keyPair.PublicKey);
var importedKey = (PublicKey)crypto.ImportPublicKey(exportedKey);
Assert.IsTrue(importedKey.Id.SequenceEqual(keyPair.PublicKey.Id));
Assert.IsTrue(importedKey.RawKey.SequenceEqual(keyPair.PublicKey.RawKey));
}
public void ExportPublicKey_Should_ReturnDerFormat()
{
var crypto = new VirgilCrypto();
var publicKey = crypto.ImportPublicKey(
Convert.FromBase64String(AppSettings.PublicKeySTC32));
var exportedPublicKey1Bytes = crypto.ExportPublicKey(publicKey);
var privateKeyToDer = VirgilKeyPair.PublicKeyToDER(((PublicKey)publicKey).RawKey);
Assert.IsTrue(privateKeyToDer.SequenceEqual(exportedPublicKey1Bytes));
}
public static RawSignedModel PredefinedRawSignedModel(this Faker faker,
string previousCardId = null,
bool addSelfSignature = false,
bool addVirgilSignature = false,
bool addExtraSignature = false
)
{
var crypto = new VirgilCrypto();
var keyPair = faker.PredefinedKeyPair();
var dateTime = DateTimeOffset.FromUnixTimeSeconds(Int64.Parse("1515686245")).DateTime;
var rawCardContent = new RawCardContent()
{
CreatedAt = dateTime,
Identity = "test",
PublicKey = crypto.ExportPublicKey(keyPair.PublicKey),
Version = "5.0",
PreviousCardId = previousCardId
};
var model = new RawSignedModel()
{
ContentSnapshot = SnapshotUtils.TakeSnapshot(rawCardContent)
};
var signer = new ModelSigner(new VirgilCardCrypto());
if (addSelfSignature)
{
signer.SelfSign(model, keyPair.PrivateKey);
}
if (addVirgilSignature)
{
signer.Sign(model, new SignParams()
{
Signer = ModelSigner.VirgilSigner,
SignerPrivateKey = faker.PredefinedVirgilKeyPair().PrivateKey
});
}
if (addExtraSignature)
{
signer.Sign(model, new SignParams()
{
Signer = "extra",
SignerPrivateKey = crypto.GenerateKeys().PrivateKey
});
}
return(model);
}
public static Tuple <VerifierCredentials, RawSignature> VerifierCredentialAndSignature(this Faker faker, string signer)
{
var crypto = new VirgilCrypto();
var keypair = crypto.GenerateKeys();
return(new Tuple <VerifierCredentials, RawSignature>(
new VerifierCredentials {
Signer = signer,
PublicKeyBase64 = Bytes.ToString(crypto.ExportPublicKey(keypair.PublicKey), StringEncoding.BASE64)
},
new RawSignature()
{
Signer = signer, Signature = faker.Random.Bytes(64)
}));
}
public void Verifier_Should_VerifyCard_IfCardHasAtLeastOneSignatureFromWhitelist()
{
//STC-10
var rawSignedModel = faker.PredefinedRawSignedModel(null, true, true, false);
var signer = new ModelSigner(new VirgilCardCrypto());
var crypto = new VirgilCrypto();
var keyPair = crypto.GenerateKeys();
signer.Sign(rawSignedModel, new SignParams()
{
SignerPrivateKey = keyPair.PrivateKey,
Signer = "extra"
});
var creds = new VerifierCredentials()
{
PublicKeyBase64 = Bytes.ToString(crypto.ExportPublicKey(keyPair.PublicKey),
StringEncoding.BASE64), Signer = "extra"
};
var cardManager = faker.CardManager();
var card = cardManager.ImportCardFromJson(rawSignedModel.ExportAsJson());
var verifier = new VirgilCardVerifier(new VirgilCardCrypto())
{
VerifySelfSignature = true,
VerifyVirgilSignature = true,
};
var vrigilPublicKeyBytes = new VirgilCrypto().ExportPublicKey(faker.PredefinedVirgilKeyPair().PublicKey);
verifier.ChangeServiceCreds(
Bytes.ToString(vrigilPublicKeyBytes, StringEncoding.BASE64)
);
var whiteList = new Whitelist()
{
VerifiersCredentials = new List <VerifierCredentials>()
{
creds,
faker.VerifierCredentialAndSignature("extra").Item1
}
};
verifier.Whitelists = new List <Whitelist>()
{
whiteList
};
Assert.IsTrue(verifier.VerifyCard(card));
}
public void Ctor_NullAsParameterGiven_ShouldSnapshotBeEquivalentToSerializedDetails()
{
var crypto = new VirgilCrypto();
var keyPair = crypto.GenerateKeys();
var exportedPublicKey = crypto.ExportPublicKey(keyPair.PublicKey);
const string identity = "alice";
const string identityType = "member";
var request = new CreateCardRequest(identity, identityType, exportedPublicKey);
var requestJson = Encoding.UTF8.GetString(request.Snapshot);
var requestModel = JsonConvert.DeserializeObject <CreateCardModel>(requestJson);
requestModel.Identity.ShouldBeEquivalentTo(identity);
requestModel.IdentityType.ShouldBeEquivalentTo(identityType);
requestModel.PublicKey.ShouldBeEquivalentTo(exportedPublicKey);
}
private RawSignedModel GenerateRawSignedModel(string identity)
{
var crypto = new VirgilCrypto();
var keyPair = faker.PredefinedKeyPair();
var rawCardContent = new RawCardContent()
{
CreatedAt = DateTime.UtcNow,
Identity = identity,
PublicKey = crypto.ExportPublicKey(keyPair.PublicKey),
Version = "5.0"
};
var model = new RawSignedModel()
{
ContentSnapshot = SnapshotUtils.TakeSnapshot(rawCardContent)
};
var signer = new ModelSigner(new VirgilCardCrypto());
signer.SelfSign(model, keyPair.PrivateKey);
return(model);
}
public async Task CreateNewVirgilCard_DuplicateCardCreation_ShouldThrowException()
{
var crypto = new VirgilCrypto();
var client = IntegrationHelper.GetVirgilClient();
var appKey = crypto.ImportPrivateKey(IntegrationHelper.AppKey, IntegrationHelper.AppKeyPassword);
var aliceKeys = crypto.GenerateKeys();
var exportedPublicKey = crypto.ExportPublicKey(aliceKeys.PublicKey);
var aliceIdentity = "alice-" + Guid.NewGuid();
var request = new PublishCardRequest(aliceIdentity, "member", exportedPublicKey);
var requestSigner = new RequestSigner(crypto);
requestSigner.SelfSign(request, aliceKeys.PrivateKey);
requestSigner.AuthoritySign(request, IntegrationHelper.AppID, appKey);
var virgilCard = await client.PublishCardAsync(request);
Assert.ThrowsAsync <VirgilClientException>(async() => await client.PublishCardAsync(request));
}
public void Export_WithoutParameters_ShouldBeEquivalentToImportedRequest()
{
var crypto = new VirgilCrypto();
var aliceKeys = crypto.GenerateKeys();
var exportedPublicKey = crypto.ExportPublicKey(aliceKeys.PublicKey);
const string identity = "alice";
const string identityType = "member";
var request = new CreateCardRequest
(
identity,
identityType,
exportedPublicKey,
new Dictionary <string, string>
{
["key1"] = "value1",
["key2"] = "value2"
},
new DeviceInfo
{
Device = "Device",
DeviceName = "DeviceName"
}
);
var requestSigner = new RequestSigner(crypto);
requestSigner.SelfSign(request, aliceKeys.PrivateKey);
var exportedRequest = request.Export();
var importedRequest = SignableRequest.Import <CreateCardRequest>(exportedRequest);
request.ShouldBeEquivalentTo(importedRequest);
}
public void Export_WithoutParameters_ShouldReturnStringRepresentationOfRequest()
{
var crypto = new VirgilCrypto();
var requestSigner = new RequestSigner(crypto);
var aliceKeys = crypto.GenerateKeys();
var exportedPublicKey = crypto.ExportPublicKey(aliceKeys.PublicKey);
const string identity = "alice";
const string identityType = "member";
var request = new CreateCardRequest(identity, identityType, exportedPublicKey);
requestSigner.SelfSign(request, aliceKeys.PrivateKey);
var exportedRequest = request.Export();
var jsonData = Convert.FromBase64String(exportedRequest);
var json = Encoding.UTF8.GetString(jsonData);
var model = JsonConvert.DeserializeObject <SignedRequestModel>(json);
model.ContentSnapshot.ShouldBeEquivalentTo(request.Snapshot);
model.Meta.Signatures.ShouldAllBeEquivalentTo(request.Signatures);
}
public void Crossplatform_Compatibility_Test()
{
var crypto = new VirgilCrypto();
dynamic testData = new ExpandoObject();
// Encrypt for single recipient
{
var kp = crypto.GenerateKeys();
var prkey = crypto.ExportPrivateKey(kp.PrivateKey);
var data = Encoding.UTF8.GetBytes("Lorem ipsum dolor sit amet, consectetur adipiscing elit.");
testData.encrypt_single_recipient = new
{
private_key = prkey,
original_data = data,
cipher_data = crypto.Encrypt(data, kp.PublicKey)
};
}
// Encrypt for multiple recipients
{
var kps = new int[new Random().Next(5, 10)].Select(it => crypto.GenerateKeys()).ToList();
var prkeys = kps.Select(kp => crypto.ExportPrivateKey(kp.PrivateKey)).ToArray();
var data = Encoding.UTF8.GetBytes("Lorem ipsum dolor sit amet, consectetur adipiscing elit.");
testData.encrypt_multiple_recipients = new
{
private_keys = prkeys,
original_data = data,
cipher_data = crypto.Encrypt(data, kps.Select(kp => kp.PublicKey).ToArray())
};
}
// Sign and Encrypt for single recipient
{
var kp = crypto.GenerateKeys();
var prkey = crypto.ExportPrivateKey(kp.PrivateKey);
var data = Encoding.UTF8.GetBytes("Lorem ipsum dolor sit amet, consectetur adipiscing elit.");
testData.sign_then_encrypt_single_recipient = new
{
private_key = prkey,
original_data = data,
cipher_data = crypto.SignThenEncrypt(data, kp.PrivateKey, kp.PublicKey)
};
}
// Sign and encrypt for multiple recipients
{
var kps = new int[new Random().Next(5, 10)].Select(it => crypto.GenerateKeys()).ToList();
var prkeys = kps.Select(kp => crypto.ExportPrivateKey(kp.PrivateKey)).ToArray();
var data = Encoding.UTF8.GetBytes("Lorem ipsum dolor sit amet, consectetur adipiscing elit.");
testData.sign_then_encrypt_multiple_recipients = new
{
private_keys = prkeys,
original_data = data,
cipher_data = crypto.SignThenEncrypt(data, kps[0].PrivateKey, kps.Select(kp => kp.PublicKey).ToArray())
};
}
// Generate Signature
{
var kp = crypto.GenerateKeys();
var prkey = crypto.ExportPrivateKey(kp.PrivateKey);
var data = Encoding.UTF8.GetBytes("Suspendisse elit purus, laoreet ut nibh nec.");
testData.generate_signature = new
{
private_key = prkey,
original_data = data,
signature = crypto.Sign(data, kp.PrivateKey)
};
}
// Export and Import SignableRequest
{
var kp = crypto.GenerateKeys();
var prkey = crypto.ExportPrivateKey(kp.PrivateKey);
var req = new CreateCardRequest
(
"alice",
"member",
crypto.ExportPublicKey(kp.PublicKey),
new Dictionary <string, string>
{
["Key1"] = "Value1",
["Key2"] = "Value2"
},
new DeviceInfo
{
Device = "iPhone 7",
DeviceName = "My precious"
}
);
var reqSigner = new RequestSigner(crypto);
reqSigner.SelfSign(req, kp.PrivateKey);
testData.export_signable_request = new
{
private_key = prkey,
exported_request = req.Export()
};
}
var testJson = JsonConvert.SerializeObject(testData, Formatting.Indented);
}
public void CardManager_Should_RaiseExceptionIfGetsCardWithDifferentId()
{
// STC-34
var verifier = Substitute.For <ICardVerifier>();
verifier.VerifyCard(Arg.Any <Card>()).Returns(true);
var crypto = new VirgilCrypto();
var keyPair = faker.PredefinedKeyPair();
var rawCardContent = new RawCardContent()
{
CreatedAt = DateTime.UtcNow,
Identity = "test",
PublicKey = crypto.ExportPublicKey(keyPair.PublicKey),
Version = "5.0"
};
var model = new RawSignedModel()
{
ContentSnapshot = SnapshotUtils.TakeSnapshot(rawCardContent)
};
var signer = new ModelSigner(new VirgilCardCrypto());
signer.SelfSign(
model, keyPair.PrivateKey, new Dictionary <string, string>()
{
{ "info", "some_additional_info" }
}
);
var signCallBack = Substitute.For <Func <RawSignedModel, Task <RawSignedModel> > >();
signCallBack.Invoke(Arg.Any <RawSignedModel>()).Returns(args => (RawSignedModel)args[0]);
var jwtGenerator = new JwtGenerator(
AppSettings.AppId,
IntegrationHelper.ApiPrivateKey(),
AppSettings.ApiPublicKeyId,
TimeSpan.FromMinutes(10),
new VirgilAccessTokenSigner()
);
var accessTokenProvider = Substitute.For <IAccessTokenProvider>();
var identity = faker.Random.AlphaNumeric(20);
var token = jwtGenerator.GenerateToken(identity);
accessTokenProvider.GetTokenAsync(Arg.Any <TokenContext>()).Returns(
token
);
var cardId = faker.CardId();
var client = Substitute.For <ICardClient>();
Func <Task <Tuple <RawSignedModel, bool> > > stub = async() =>
{
return(new Tuple <RawSignedModel, bool>(model, false));
};
client.GetCardAsync(Arg.Any <string>(), Arg.Any <string>()).Returns(stub.Invoke());
var manager = new CardManager(new CardManagerParams()
{
CardCrypto = new VirgilCardCrypto(),
AccessTokenProvider = accessTokenProvider,
SignCallBack = signCallBack,
Verifier = verifier,
ApiUrl = AppSettings.CardsServiceAddress
}
)
{
Client = client
};
Assert.ThrowsAsync <CardVerificationException>(async() => await manager.GetCardAsync(cardId));
}
public async System.Threading.Tasks.Task Prepair_TestDataAsync()
{
var model = faker.PredefinedRawSignedModel();
var fullModel = faker.PredefinedRawSignedModel(
"a666318071274adb738af3f67b8c7ec29d954de2cabfd71a942e6ea38e59fff9",
true, true, true);
var data = new Dictionary <string, string>
{
{ "STC-1.as_string", model.ExportAsString() },
{ "STC-1.as_json", model.ExportAsJson() },
{ "STC-2.as_string", fullModel.ExportAsString() },
{ "STC-2.as_json", fullModel.ExportAsJson() }
};
var cardManager = faker.CardManager();
var card = cardManager.ImportCardFromString(model.ExportAsString());
var crypto = new VirgilCrypto();
data.Add("STC-3.as_string", cardManager.ExportCardAsString(card));
data.Add("STC-3.as_json", cardManager.ExportCardAsJson(card));
data.Add("STC-3.card_id", card.Id);
data.Add("STC-3.public_key_base64", Bytes.ToString(crypto.ExportPublicKey(card.PublicKey), StringEncoding.BASE64));
fullModel = faker.PredefinedRawSignedModel(null, true, true, true);
var fullCard = cardManager.ImportCardFromString(fullModel.ExportAsString());
data.Add("STC-4.as_string", cardManager.ExportCardAsString(fullCard));
data.Add("STC-4.as_json", cardManager.ExportCardAsJson(fullCard));
data.Add("STC-4.card_id", fullCard.Id);
data.Add("STC-4.public_key_base64", Bytes.ToString(crypto.ExportPublicKey(fullCard.PublicKey),
StringEncoding.BASE64));
foreach (var signature in fullCard.Signatures)
{
data.Add($"STC-4.signature_{signature.Signer}_base64", Bytes.ToString(signature.Signature,
StringEncoding.BASE64));
}
string apiPublicKeyId;
string apiPublicKeyBase64;
var(token, jwtGenerator) = faker.PredefinedToken(
new VirgilAccessTokenSigner(),
TimeSpan.FromMinutes(10),
out apiPublicKeyId,
out apiPublicKeyBase64);
data.Add("STC-22.jwt", token.ToString());
data.Add("STC-22.api_public_key_base64", apiPublicKeyBase64);
data.Add("STC-22.api_key_id", apiPublicKeyId);
data.Add("STC-23.api_public_key_base64", apiPublicKeyBase64);
data.Add("STC-23.api_key_id", apiPublicKeyId);
data.Add("STC-23.app_id", jwtGenerator.AppId);
data.Add("STC-23.api_private_key_base64", Bytes.ToString(
crypto.ExportPrivateKey(jwtGenerator.ApiKey), StringEncoding.BASE64));
// STC-10
var cardKeyPair = crypto.GenerateKeys();
var cardIdentity = faker.Random.AlphaNumeric(10);
var rawCardContent1 = new RawCardContent()
{
CreatedAt = DateTime.UtcNow,
Identity = cardIdentity,
PublicKey = crypto.ExportPublicKey(cardKeyPair.PublicKey),
Version = "5.0",
};
var rawSignedModel = new RawSignedModel()
{
ContentSnapshot = SnapshotUtils.TakeSnapshot(rawCardContent1)
};
var signer = new ModelSigner(new VirgilCardCrypto());
signer.SelfSign(rawSignedModel, cardKeyPair.PrivateKey);
var keyPair = crypto.GenerateKeys();
signer.Sign(rawSignedModel, new SignParams()
{
SignerPrivateKey = keyPair.PrivateKey,
Signer = "extra"
});
data.Add("STC-10.private_key1_base64", Bytes.ToString(
crypto.ExportPrivateKey(keyPair.PrivateKey), StringEncoding.BASE64));
var accessTokenGenerator = new JwtGenerator(
AppSettings.AppId,
IntegrationHelper.ApiPrivateKey(),
AppSettings.ApiPublicKeyId,
TimeSpan.FromMinutes(10),
new VirgilAccessTokenSigner()
);
var accessTokenProvider = Substitute.For <IAccessTokenProvider>();
accessTokenProvider.GetTokenAsync(Arg.Any <TokenContext>()).Returns(
accessTokenGenerator.GenerateToken(cardIdentity)
);
var validator = new VirgilCardVerifier(new VirgilCardCrypto())
{
VerifySelfSignature = true, VerifyVirgilSignature = true
};
validator.ChangeServiceCreds(AppSettings.ServicePublicKeyDerBase64);
var manager = new CardManager(new CardManagerParams()
{
CardCrypto = new VirgilCardCrypto(),
AccessTokenProvider = accessTokenProvider,
ApiUrl = AppSettings.CardsServiceAddress,
Verifier = validator
});
card = await manager.PublishCardAsync(rawSignedModel);
data.Add("STC-10.as_string", manager.ExportCardAsString(card));
// STC - 11
rawSignedModel = faker.PredefinedRawSignedModel(null, false, false, false);
data.Add("STC-11.as_string", rawSignedModel.ExportAsString());
// STC - 12
rawSignedModel = faker.PredefinedRawSignedModel(null, true, false, false);
data.Add("STC-12.as_string", rawSignedModel.ExportAsString());
// STC - 14
rawSignedModel = faker.PredefinedRawSignedModel(null, false, true, false);
data.Add("STC-14.as_string", rawSignedModel.ExportAsString());
// STC - 15
rawSignedModel = faker.PredefinedRawSignedModel(null, false, false, false);
keyPair = crypto.GenerateKeys();
signer.Sign(rawSignedModel, new SignParams()
{
SignerPrivateKey = keyPair.PrivateKey,
Signer = "self"
});
data.Add("STC-15.as_string", rawSignedModel.ExportAsString());
// STC - 16
rawSignedModel = faker.PredefinedRawSignedModel(null, true, true, false);
keyPair = crypto.GenerateKeys();
signer.Sign(rawSignedModel, new SignParams()
{
SignerPrivateKey = keyPair.PrivateKey,
Signer = "extra"
});
data.Add("STC-16.as_string", rawSignedModel.ExportAsString());
data.Add("STC-16.public_key1_base64", Bytes.ToString(
crypto.ExportPublicKey(keyPair.PublicKey), StringEncoding.BASE64));
// STC - 28
(token, jwtGenerator) = faker.PredefinedToken(
new VirgilAccessTokenSigner(),
TimeSpan.FromMinutes(2),
out apiPublicKeyId,
out apiPublicKeyBase64);
data.Add("STC-28.jwt", token.ToString());
data.Add("STC-28.jwt_identity", token.BodyContent.Identity);
data.Add("STC-28.jwt_app_id", token.BodyContent.AppId);
data.Add("STC-28.jw_issuer", token.BodyContent.Issuer);
data.Add("STC-28.jwt_subject", token.BodyContent.Subject);
data.Add("STC-28.jwt_additional_data", Configuration.Serializer.Serialize(token.BodyContent.AdditionalData));
data.Add("STC-28.jwt_expires_at", Configuration.Serializer.Serialize(token.BodyContent.ExpiresAt));
data.Add("STC-28.jwt_issued_at", Configuration.Serializer.Serialize(token.BodyContent.IssuedAt));
data.Add("STC-28.jwt_algorithm", token.HeaderContent.Algorithm);
data.Add("STC-28.jwt_api_key_id", token.HeaderContent.KeyId);
data.Add("STC-28.jwt_content_type", token.HeaderContent.ContentType);
data.Add("STC-28.jwt_type", token.HeaderContent.Type);
data.Add("STC-28.jwt_signature_base64", Bytes.ToString(token.SignatureData, StringEncoding.BASE64));
// STC - 29
(token, jwtGenerator) = faker.PredefinedToken(
new VirgilAccessTokenSigner(),
TimeSpan.FromDays(365),
out apiPublicKeyId,
out apiPublicKeyBase64);
data.Add("STC-29.jwt", token.ToString());
data.Add("STC-29.jwt_identity", token.BodyContent.Identity);
data.Add("STC-29.jwt_app_id", token.BodyContent.AppId);
data.Add("STC-29.jw_issuer", token.BodyContent.Issuer);
data.Add("STC-29.jwt_subject", token.BodyContent.Subject);
data.Add("STC-29.jwt_additional_data", Configuration.Serializer.Serialize(token.BodyContent.AdditionalData));
data.Add("STC-29.jwt_expires_at", Configuration.Serializer.Serialize(token.BodyContent.ExpiresAt));
data.Add("STC-29.jwt_issued_at", Configuration.Serializer.Serialize(token.BodyContent.IssuedAt));
data.Add("STC-29.jwt_algorithm", token.HeaderContent.Algorithm);
data.Add("STC-29.jwt_api_key_id", token.HeaderContent.KeyId);
data.Add("STC-29.jwt_content_type", token.HeaderContent.ContentType);
data.Add("STC-29.jwt_type", token.HeaderContent.Type);
data.Add("STC-29.jwt_signature_base64", Bytes.ToString(token.SignatureData, StringEncoding.BASE64));
// STC - 34
keyPair = crypto.GenerateKeys();
var rawCardContent = new RawCardContent()
{
CreatedAt = DateTime.UtcNow,
Identity = "test",
PublicKey = crypto.ExportPublicKey(keyPair.PublicKey),
Version = "5.0"
};
model = new RawSignedModel()
{
ContentSnapshot = SnapshotUtils.TakeSnapshot(rawCardContent)
};
signer.SelfSign(
model, keyPair.PrivateKey, new Dictionary <string, string>()
{
{ "info", "some_additional_info" }
}
);
data.Add("STC-34.private_key_base64", Bytes.ToString(
crypto.ExportPrivateKey(keyPair.PrivateKey), StringEncoding.BASE64));
data.Add("STC-34.public_key_base64", Bytes.ToString(
crypto.ExportPublicKey(keyPair.PublicKey), StringEncoding.BASE64));
data.Add("STC-34.self_signature_snapshot_base64",
Bytes.ToString(model.Signatures.First().Snapshot, StringEncoding.BASE64));
data.Add("STC-34.content_snapshot_base64",
Bytes.ToString(
SnapshotUtils.TakeSnapshot(rawCardContent), StringEncoding.BASE64));
data.Add("STC-34.as_string", model.ExportAsString());
System.IO.File.WriteAllText(AppSettings.OutputTestDataPath,
Configuration.Serializer.Serialize(data));
}