Exemplo n.º 1
0
            public async Task EncryptsHMACSecretInDatabase()
            {
                var hmac   = new HMACSignatureAlgorithm("s3cr3t", HashAlgorithmName.SHA384);
                var client = new Client(
                    "c1",
                    "app one",
                    hmac,
                    TimeSpan.FromMinutes(1),
                    TimeSpan.FromMinutes(2),
                    RequestTargetEscaping.RFC2396,
                    new Claim("company", "Dalion"),
                    new Claim("scope", "HttpMessageSigning"));
                await _sut.Register(client);

                var collection = Database.GetCollection <ClientDataRecordV2>(_collectionName);
                var findResult = await collection.FindAsync <ClientDataRecordV2>(new ExpressionFilterDefinition <ClientDataRecordV2>(r => r.Id == client.Id));

                var loaded = await findResult.SingleAsync();

                loaded.SignatureAlgorithm.Parameter.Should().NotBeNullOrEmpty();
                var unencryptedKey = Encoding.UTF8.GetString(hmac.Key);
                var encryptedKey   = new FakeStringProtector().Protect(unencryptedKey);

                loaded.SignatureAlgorithm.Parameter.Should().Be(encryptedKey);
                loaded.SignatureAlgorithm.IsParameterEncrypted.Should().BeTrue();
            }
Exemplo n.º 2
0
        public SignatureAlgorithmDataRecordConverterTests()
        {
            FakeFactory.Create(out _stringProtectorFactory);
            _sut = new SignatureAlgorithmDataRecordConverter(_stringProtectorFactory);

            _stringProtector = new FakeStringProtector();
            A.CallTo(() => _stringProtectorFactory.CreateSymmetric(A <string> ._))
            .Returns(_stringProtector);
        }
Exemplo n.º 3
0
 public void GivenHMACAlgorithm_ReturnsExpectedDataRecord()
 {
     using (var hmac = SignatureAlgorithm.CreateForVerification(_unencryptedKey, HashAlgorithmName.SHA384)) {
         var actual       = _sut.FromSignatureAlgorithm(hmac, _encryptionKey);
         var encryptedKey = new FakeStringProtector().Protect(_unencryptedKey);
         var expected     = new SignatureAlgorithmDataRecordV2 {
             Type                 = "HMAC",
             HashAlgorithm        = HashAlgorithmName.SHA384.Name,
             IsParameterEncrypted = true,
             Parameter            = encryptedKey
         };
         actual.Should().BeEquivalentTo(expected);
     }
 }