public void PassingNonBase64EncodedStringToTheStringConstructorCausesGetValueToThrow()
{
var protectedValue = new DPAPIProtectedValue("wtf");
Assert.That(() => protectedValue.GetValue(),
Throws.InstanceOf<DataProtectionException>()
.With.InnerException.InstanceOf<FormatException>());
}
public void PassingNullToTheStringConstructorCausesGetValueToThrow()
{
var protectedValue = new DPAPIProtectedValue((string)null);
Assert.That(() => protectedValue.GetValue(),
Throws.InstanceOf<DataProtectionException>()
.With.InnerException.InstanceOf<ArgumentNullException>());
}
public void PassingBadEncryptedDataToTheByteArrayConstructorCausesGetValueToThrow()
{
var userData = Encoding.UTF8.GetBytes("Hello, world!");
var optionalEntropy = new byte[] { 4, 5, 6 };
var scope = DataProtectionScope.LocalMachine;
var encryptedData = ProtectedData.Protect(userData, optionalEntropy, scope);
encryptedData[0] ^= 0xFF;
var protectedValue = new DPAPIProtectedValue(Convert.ToBase64String(encryptedData), optionalEntropy == null ? null : Convert.ToBase64String(optionalEntropy));
Assert.That(() => protectedValue.GetValue(),
Throws.TypeOf<DataProtectionException>()
.With.InnerException.TypeOf<CryptographicException>());
}
public void PassingInvalidBase64EncodedOptionalEntropyToTheStringConstructorCausesGetValueToThrow()
{
var userData = Encoding.UTF8.GetBytes("Hello, world!");
var validOptionalEntropy = new byte[] { 4, 5, 6 };
var scope = DataProtectionScope.LocalMachine;
var encryptedData = Convert.ToBase64String(
ProtectedData.Protect(userData, validOptionalEntropy, scope));
var invalidOptionalEntropy = "omg!wtf!bbq!";
var protectedValue = new DPAPIProtectedValue(encryptedData, invalidOptionalEntropy);
Assert.That(() => protectedValue.GetValue(),
Throws.TypeOf<DataProtectionException>()
.With.InnerException.TypeOf<FormatException>());
}
public void CanUnprotectDPAPIProtectedValueWhenNoScopeIsProvided()
{
var userData = Encoding.UTF8.GetBytes("Hello, world!");
var optionalEntropy = new byte[] { 4, 5, 6 };
var encryptedData = ProtectedData.Protect(userData, optionalEntropy, DataProtectionScope.CurrentUser);
Assume.That(encryptedData, Is.Not.EqualTo(userData));
var protectedValue = new DPAPIProtectedValue(encryptedData, optionalEntropy);
var unprotectedValue = protectedValue.GetValue();
Assert.That(Encoding.UTF8.GetString(unprotectedValue), Is.EqualTo("Hello, world!"));
}
public void CanUnprotectDPAPIProtectedValueWhenNoOptionalEntropyIsProvided()
{
var userData = Encoding.UTF8.GetBytes("Hello, world!");
var scope = DataProtectionScope.LocalMachine;
var encryptedData = ProtectedData.Protect(userData, null, scope);
Assume.That(encryptedData, Is.Not.EqualTo(userData));
var protectedValue = new DPAPIProtectedValue(encryptedData, scope:scope);
var unprotectedValue = protectedValue.GetValue();
Assert.That(Encoding.UTF8.GetString(unprotectedValue), Is.EqualTo("Hello, world!"));
}