public void TestMessageSigningTwiceFails() { var message = new AuditEntry() { Sequence = 1, CreatedAt = DateTime.Now, Stream = "Test", Action = "Action 1", UserDetails = "User Details", DataPayload = "Data Payload" }; var csp = new RSACryptoServiceProvider(); message.SignAuditMesssage(csp, Crypto.SupportedHashAlgorithm.SHA1); message.SignAuditMesssage(csp, Crypto.SupportedHashAlgorithm.SHA1); }
/// <summary> /// Logs the given data parameters to the given audit stream. /// </summary> /// <param name="auditStream">Stream for the audit event.</param> /// <param name="action">Summary of the action taken.</param> /// <param name="userDetails">Details to identify the user taking the action.</param> /// <param name="dataPayload">Details about the action taken.</param> public void Log(AuditStream auditStream, string action, object userDetails, object dataPayload) { using (var connection = new SqlConnection(_configuration.ConnectionString)) { connection.Open(); var auditEntry = new AuditEntry() { Sequence = Sequence.GetNext(connection, auditStream), CreatedAt = GetDate, Stream = auditStream.ToString(), Action = action, UserDetails = JsonConvert.SerializeObject(userDetails, Formatting.Indented), DataPayload = JsonConvert.SerializeObject(dataPayload, Formatting.Indented) }; var signingProvider = _certificateManager.GetSigningProvider(); auditEntry.SignAuditMesssage(signingProvider, _configuration.HashAlgorithm); using (var command = new SqlCommand()) { command.Connection = connection; command.CommandText = @" INSERT INTO [AuditLogMessages] ([AuditStream],[Sequence],[CreatedAt],[Action],[UserDetails],[DataPayload],[Signature]) VALUES (@AuditStream,@Sequence,@CreatedAt,@Action,@UserDetails,@DataPayload,@Signature)"; command.Parameters.Add(new SqlParameter("@AuditStream", auditEntry.Stream)); command.Parameters.Add(new SqlParameter("@Sequence", auditEntry.Sequence)); command.Parameters.Add(new SqlParameter("@CreatedAt", auditEntry.CreatedAt)); command.Parameters.Add(new SqlParameter("@Action", auditEntry.Action)); command.Parameters.Add(new SqlParameter("@UserDetails", auditEntry.UserDetails)); command.Parameters.Add(new SqlParameter("@DataPayload", auditEntry.DataPayload)); command.Parameters.Add(new SqlParameter("@Signature", auditEntry.Signature)); try { command.ExecuteNonQuery(); } catch (SqlException sqlex) { throw new AuditEventWriteException("Failed to write audit log entry", auditEntry, sqlex); } } } }
public void TestMessageVerificationFailure() { var message = new AuditEntry() { Sequence = 1, CreatedAt = DateTime.Now, Stream = "Test", Action = "Action 1", UserDetails = "User Details", DataPayload = "Data Payload" }; var csp = new RSACryptoServiceProvider(); message.SignAuditMesssage(csp, Crypto.SupportedHashAlgorithm.SHA1); message.Sequence = 2; Assert.IsFalse(message.VerifyAuditMessage(csp, Crypto.SupportedHashAlgorithm.SHA1)); }