public async Task CreateBreachProofPassword_Should_ThrowAnException_IfProofIsNotValid()
{
var password = "******";
var crypto = Substitute.For <IPythiaCrypto>();
crypto.Blind(password).Returns(Builder <BlindingResult> .CreateNew().Build());
crypto.GenerateSalt().Returns(GetRandom.Bytes());
crypto.Verify(Arg.Any <PythiaProofParams>()).Returns(false);
var accessToken = Substitute.For <IAccessToken>();
var provider = Substitute.For <IAccessTokenProvider>();
provider.GetTokenAsync(null).Returns(Task.FromResult(accessToken));
var client = Substitute.For <IPythiaClient>();
var model = Builder <TransformResultModel> .CreateNew()
.With(it => it.Proof = Builder <ProofModel> .CreateNew().Build())
.Build();
client.TransformPasswordAsync(Arg.Any <TransformModel>(), Arg.Any <string>()).Returns(Task.FromResult(model));
var proofKeys = new[] { "PK.1.AgwhFXaYR7EWiTxeCCj269+cZKcRiT7x2Ifbyi4HrMnpSCapaoUzoK8rIJSNJC++jA==" };
var protocol = new PythiaProtocol(client, crypto, provider, proofKeys);
var result = await protocol.CreateBreachProofPasswordAsync(password);
}
public async Task CreateBreachProofPassword_Should_SelectProofKeyWithLatestVersion()
{
var password = "******";
var crypto = Substitute.For <IPythiaCrypto>();
crypto.Blind(password).Returns(Builder <BlindingResult> .CreateNew().Build());
crypto.GenerateSalt().Returns(GetRandom.Bytes());
crypto.Verify(Arg.Any <PythiaProofParams>()).Returns(true);
var accessToken = Substitute.For <IAccessToken>();
var provider = Substitute.For <IAccessTokenProvider>();
provider.GetTokenAsync(null).Returns(Task.FromResult(accessToken));
var client = Substitute.For <IPythiaClient>();
var model = Builder <TransformResultModel> .CreateNew()
.With(it => it.Proof = Builder <ProofModel> .CreateNew().Build())
.Build();
client.TransformPasswordAsync(Arg.Any <TransformModel>(), Arg.Any <string>()).Returns(Task.FromResult(model));
var proofKeys = AppSettings.Get.ProtocolTestData.ProofKeys;
var protocol = new PythiaProtocol(client, crypto, provider, proofKeys);
var result = await protocol.CreateBreachProofPasswordAsync(password);
var tm = (TransformModel)client.ReceivedCalls().Single().GetArguments().First();
tm.Version.Should().Be(5);
}
public async Task CreateBreachProofPassword_Should_AlwaysRequestProofFromService()
{
var password = "******";
var crypto = Substitute.For <IPythiaCrypto>();
crypto.Blind(password).Returns(Builder <BlindingResult> .CreateNew().Build());
crypto.GenerateSalt().Returns(GetRandom.Bytes());
crypto.Verify(Arg.Any <PythiaProofParams>()).Returns(true);
var accessToken = Substitute.For <IAccessToken>();
var provider = Substitute.For <IAccessTokenProvider>();
provider.GetTokenAsync(null).Returns(Task.FromResult(accessToken));
var client = Substitute.For <IPythiaClient>();
var model = Builder <TransformResultModel> .CreateNew()
.With(it => it.Proof = Builder <ProofModel> .CreateNew().Build())
.Build();
client.TransformPasswordAsync(Arg.Any <TransformModel>(), Arg.Any <string>()).Returns(Task.FromResult(model));
var proofKeys = new[] { "PK.1.AgwhFXaYR7EWiTxeCCj269+cZKcRiT7x2Ifbyi4HrMnpSCapaoUzoK8rIJSNJC++jA==" };
var protocol = new PythiaProtocol(client, crypto, provider, proofKeys);
var result = await protocol.CreateBreachProofPasswordAsync(password);
var tm = (TransformModel)client.ReceivedCalls().Single().GetArguments().First();
tm.IncludeProof.Should().BeTrue();
}
public async Task YTC13()
{
var config = new PythiaProtocolConfig
{
AppId = AppSettings.Get.AppId,
ApiKey = AppSettings.Get.ApiKey,
ApiKeyId = AppSettings.Get.ApiKeyId,
ProofKeys = new[] { AppSettings.Get.ProofKeys[0] }
};
var protocol = PythiaProtocol.Initialize(config);
var bpp1 = await protocol.CreateBreachProofPasswordAsync("some password");
await Task.Delay(TimeSpan.FromSeconds(1));
var bpp2 = await protocol.CreateBreachProofPasswordAsync("some password");
await Task.Delay(TimeSpan.FromSeconds(1));
bpp1.Salt.Should().HaveCount(32);
bpp2.Salt.Should().HaveCount(32);
bpp1.DeblindedPassword.Should().HaveCountGreaterThan(300);
bpp2.DeblindedPassword.Should().HaveCountGreaterThan(300);
bpp1.Version.Should().Be(1);
bpp2.Version.Should().Be(1);
bpp1.Salt.Should().NotBeEquivalentTo(bpp2.Salt);
bpp1.DeblindedPassword.Should().NotBeEquivalentTo(bpp2.DeblindedPassword);
}
public async Task YTC17()
{
var config1 = new PythiaProtocolConfig
{
AppId = AppSettings.Get.AppId,
ApiKey = AppSettings.Get.ApiKey,
ApiKeyId = AppSettings.Get.ApiKeyId,
ProofKeys = AppSettings.Get.ProofKeys.Take(2)
};
var protocol1 = PythiaProtocol.Initialize(config1);
var config2 = new PythiaProtocolConfig
{
AppId = AppSettings.Get.AppId,
ApiKey = AppSettings.Get.ApiKey,
ApiKeyId = AppSettings.Get.ApiKeyId,
ProofKeys = AppSettings.Get.ProofKeys
};
var protocol2 = PythiaProtocol.Initialize(config2);
var bpp1 = await protocol1.CreateBreachProofPasswordAsync("some password");
var bpp2 = protocol2.UpdateBreachProofPassword(AppSettings.Get.UpdateToken, bpp1);
bpp1.Version.Should().Be(2);
bpp2.Salt.Should().BeEquivalentTo(bpp1.Salt);
bpp2.DeblindedPassword.Should().NotBeEquivalentTo(bpp1.DeblindedPassword);
bpp2.Version.Should().Be(3);
}
public async Task CreateBreachProofPassword_Should_ThrowAnException_IfGivenPasswordIsNullOrEmpty()
{
var client = Substitute.For <IPythiaClient>();
var crypto = Substitute.For <IPythiaCrypto>();
var provider = Substitute.For <IAccessTokenProvider>();
var proofKeys = new[] { "PK.1.AgwhFXaYR7EWiTxeCCj269+cZKcRiT7x2Ifbyi4HrMnpSCapaoUzoK8rIJSNJC++jA==" };
var protocol = new PythiaProtocol(client, crypto, provider, proofKeys);
var result = await protocol.CreateBreachProofPasswordAsync("");
}
public void Initialize_Should_ThrowAnException_IfProofKeysAreEmpty()
{
var config = new PythiaProtocolConfig
{
AppId = "cc420fcbe7ec442359f7a9f37dd84ea3",
ApiKeyId = "4cb31d32a58899fc968ac12573229789",
ApiKey = "MC4CAQAwBQYDK2VwBCIEIOBZP2yyDaGzHnZB5+PWtsshs0goN2RCSSNEuBtlg2DN",
ProofKeys = new string[] { }
};
PythiaProtocol.Initialize(config);
}
public async Task YTC16()
{
var correnctPassword = "******";
var wrongPassword = "******";
var crypto = Substitute.For <IPythiaCrypto>();
crypto.Blind(correnctPassword).Returns(new PythiaCrypto().Blind(correnctPassword));
crypto.Blind(wrongPassword).Returns(new PythiaCrypto().Blind(wrongPassword));
crypto.Deblind(Arg.Any <byte[]>(), Arg.Any <byte[]>())
.Returns((arg) => new PythiaCrypto().Deblind((byte[])arg[0], (byte[])arg[1]));
crypto.GenerateSalt().Returns(new PythiaCrypto().GenerateSalt());
crypto.Verify(Arg.Any <PythiaProofParams>()).Returns(true, false, false, false, false);
var virgilCrypto = new VirgilCrypto();
var signer = new VirgilAccessTokenSigner();
var apiKey = virgilCrypto.ImportPrivateKey(Bytes.FromString(AppSettings.Get.ApiKey, StringEncoding.BASE64));
var generator = new JwtGenerator(AppSettings.Get.AppId, apiKey, AppSettings.Get.ApiKeyId, TimeSpan.FromDays(1), signer);
var jwt = generator.GenerateToken("PYTHIA-CLIENT");
var connection = new ServiceConnection(AppSettings.Get.ApiURL);
var tokenProvider = new ConstAccessTokenProvider(jwt);
var client = new PythiaClient(connection, new NewtonsoftJsonSerializer());
var protocol = new PythiaProtocol(client, crypto, tokenProvider, AppSettings.Get.ProofKeys.Skip(1));
var bpp = await protocol.CreateBreachProofPasswordAsync(correnctPassword);
await Task.Delay(TimeSpan.FromSeconds(2));
var verifyResult1 = await protocol.VerifyBreachProofPasswordAsync(correnctPassword, bpp, false);
verifyResult1.Should().BeTrue();
await Task.Delay(TimeSpan.FromSeconds(2));
Func <Task> verifyResult2 = async() => { await protocol.VerifyBreachProofPasswordAsync(correnctPassword, bpp, true); };
verifyResult2.Should().Throw <Exception>();
await Task.Delay(TimeSpan.FromSeconds(2));
var verifyResult3 = await protocol.VerifyBreachProofPasswordAsync(wrongPassword, bpp, false);
verifyResult3.Should().BeFalse();
await Task.Delay(TimeSpan.FromSeconds(2));
Func <Task> verifyResult4 = async() => { await protocol.VerifyBreachProofPasswordAsync(wrongPassword, bpp, true); };
verifyResult4.Should().Throw <Exception>();
await Task.Delay(TimeSpan.FromSeconds(2));
}
public void Initialize_Should_ThrowAnException_IfProofKeyHasNotThreeSeporatingDots()
{
var config = new PythiaProtocolConfig
{
AppId = "cc420fcbe7ec442359f7a9f37dd84ea3",
ApiKeyId = "4cb31d32a58899fc968ac12573229789",
ApiKey = "MC4CAQAwBQYDK2VwBCIEIOBZP2yyDaGzHnZB5+PWtsshs0goN2RCSSNEuBtlg2DN",
ProofKeys = new[] {
"PK.1.test.AgwhFXaYR7EWiTxeCCj269+cZKcRiT7x2Ifbyi4HrMnpSCapaoUzoK8rIJSNJC++jA=="
}
};
PythiaProtocol.Initialize(config);
}
public void Initialize_Should_ThrowAnException_IfApiKeyIsNullOrEmpty()
{
var config = new PythiaProtocolConfig
{
AppId = "cc420fcbe7ec442359f7a9f37dd84ea3",
ApiKeyId = "4cb31d32a58899fc968ac12573229789",
ApiKey = string.Empty,
ProofKeys = new string[] {
"PK.1.AgY1HeqcosokoAiZQ/vO28cubQej3BChFg51FkVXe3vGdCEAMiEUVhO0jPIE0bUGGA=="
}
};
PythiaProtocol.Initialize(config);
}
public void Initialize_Should_ThrowAnException_IfApiKeyIdIsNullOrEmpty()
{
var config = new PythiaProtocolConfig
{
AppId = "cc420fcbe7ec442359f7a9f37dd84ea3",
ApiKeyId = string.Empty,
ApiKey = "MC4CAQAwBQYDK2VwBCIEIOBZP2yyDaGzHnZB5+PWtsshs0goN2RCSSNEuBtlg2DN",
ProofKeys = new string[] {
"PK.1.AgY1HeqcosokoAiZQ/vO28cubQej3BChFg51FkVXe3vGdCEAMiEUVhO0jPIE0bUGGA=="
}
};
PythiaProtocol.Initialize(config);
}
public async Task YTC14()
{
var config = new PythiaProtocolConfig
{
AppId = AppSettings.Get.AppId,
ApiKey = AppSettings.Get.ApiKey,
ApiKeyId = AppSettings.Get.ApiKeyId,
ProofKeys = AppSettings.Get.ProofKeys
};
var protocol = PythiaProtocol.Initialize(config);
var bpp = await protocol.CreateBreachProofPasswordAsync("some password");
await Task.Delay(TimeSpan.FromSeconds(1));
bpp.Version.Should().Be(3);
}
public async Task YTC18()
{
var config = new PythiaProtocolConfig
{
AppId = AppSettings.Get.AppId,
ApiKey = AppSettings.Get.ApiKey,
ApiKeyId = AppSettings.Get.ApiKeyId,
ProofKeys = AppSettings.Get.ProofKeys.Take(3)
};
var protocol = PythiaProtocol.Initialize(config);
var bpp1 = await protocol.CreateBreachProofPasswordAsync("some password");
Action result = () => protocol.UpdateBreachProofPassword(AppSettings.Get.UpdateToken, bpp1);
result.Should().Throw <Exception>();
}
public async Task YTC15()
{
var config = new PythiaProtocolConfig
{
AppId = AppSettings.Get.AppId,
ApiKey = AppSettings.Get.ApiKey,
ApiKeyId = AppSettings.Get.ApiKeyId,
ProofKeys = AppSettings.Get.ProofKeys.Skip(1)
};
var protocol = PythiaProtocol.Initialize(config);
var bpp = await protocol.CreateBreachProofPasswordAsync("some password");
await Task.Delay(TimeSpan.FromSeconds(2));
var verifyResult1 = await protocol.VerifyBreachProofPasswordAsync("some password", bpp, false);
await Task.Delay(TimeSpan.FromSeconds(2));
var verifyResult2 = await protocol.VerifyBreachProofPasswordAsync("some password", bpp, true);
await Task.Delay(TimeSpan.FromSeconds(2));
var verifyResult3 = await protocol.VerifyBreachProofPasswordAsync("other password", bpp, false);
await Task.Delay(TimeSpan.FromSeconds(2));
var verifyResult4 = await protocol.VerifyBreachProofPasswordAsync("other password", bpp, true);
await Task.Delay(TimeSpan.FromSeconds(2));
verifyResult1.Should().BeTrue();
verifyResult2.Should().BeTrue();
verifyResult3.Should().BeFalse();
verifyResult4.Should().BeFalse();
}
