public void ReturnsTrueForCloseEnoughTimestamps(DateTimeOffset now) { var path = "/ls"; var plaintext = $"{now:O}{path}"; var key = new byte[64]; System.Security.Cryptography.RandomNumberGenerator.Create().GetNonZeroBytes(key); var hmac = HMAC.Create(AlgorithmName); hmac.Key = key; var hash = hmac.ComputeHash(Encoding.UTF8.GetBytes(plaintext)); var target = new HmacVerification(AlgorithmName, Convert.ToBase64String(key), 60); Assert.True(target.Verify(now.ToString("O"), path, Convert.ToBase64String(hash))); }
public void ReturnsFalseForInvalidHash() { var now = DateTimeOffset.UtcNow; var path = "/ls"; var plaintext = $"{now:O}{path}"; var key = new byte[64]; System.Security.Cryptography.RandomNumberGenerator.Create().GetNonZeroBytes(key); var hmac = HMAC.Create(AlgorithmName); hmac.Key = key; var hash = hmac.ComputeHash(Encoding.UTF8.GetBytes(plaintext)); hash[0] = (byte)(hash[0] > 0 ? hash[0] - (byte)1 : (byte)255); var target = new HmacVerification(AlgorithmName, Convert.ToBase64String(key), 60); Assert.False(target.Verify(now.ToString("O"), path, Convert.ToBase64String(hash))); }