public void Unprotect_KeyRevoked_RevocationDisallowed_ThrowsKeyRevoked()
        {
            // Arrange
            Guid keyId = new Guid("654057ab-2491-4471-a72a-b3b114afda38");

            byte[] protectedData = BuildProtectedDataFromCiphertext(
                keyId: keyId,
                ciphertext: new byte[0]);

            var mockDescriptor = new Mock <IAuthenticatedEncryptorDescriptor>();

            mockDescriptor.Setup(o => o.CreateEncryptorInstance()).Returns(new Mock <IAuthenticatedEncryptor>().Object);

            // the keyring has only one key
            Key key = new Key(keyId, DateTimeOffset.Now, DateTimeOffset.Now, DateTimeOffset.Now, mockDescriptor.Object);

            key.SetRevoked();
            var keyRing             = new KeyRing(key, new[] { key });
            var mockKeyRingProvider = new Mock <IKeyRingProvider>();

            mockKeyRingProvider.Setup(o => o.GetCurrentKeyRing()).Returns(keyRing);

            IDataProtector protector = new KeyRingBasedDataProtector(
                keyRingProvider: mockKeyRingProvider.Object,
                logger: null,
                originalPurposes: null,
                newPurpose: "purpose");

            // Act & assert
            var ex = ExceptionAssert2.ThrowsCryptographicException(() => protector.Unprotect(protectedData));

            Assert.Equal(Error.Common_KeyRevoked(keyId).Message, ex.Message);
        }
        public void Protect_Unprotect_RoundTripsProperly()
        {
            // Arrange
            byte[] plaintext           = new byte[] { 0x10, 0x20, 0x30, 0x40, 0x50 };
            Key    key                 = new Key(Guid.NewGuid(), DateTimeOffset.Now, DateTimeOffset.Now, DateTimeOffset.Now, new AuthenticatedEncryptorConfiguration(new AuthenticatedEncryptionOptions()).CreateNewDescriptor());
            var    keyRing             = new KeyRing(key, new[] { key });
            var    mockKeyRingProvider = new Mock <IKeyRingProvider>();

            mockKeyRingProvider.Setup(o => o.GetCurrentKeyRing()).Returns(keyRing);

            var protector = new KeyRingBasedDataProtector(
                keyRingProvider: mockKeyRingProvider.Object,
                logger: null,
                originalPurposes: null,
                newPurpose: "purpose");

            // Act - protect
            byte[] protectedData = protector.Protect(plaintext);
            Assert.NotNull(protectedData);
            Assert.NotEqual(plaintext, protectedData);

            // Act - unprotect
            byte[] roundTrippedPlaintext = protector.Unprotect(protectedData);
            Assert.Equal(plaintext, roundTrippedPlaintext);
        }
        public void Protect_NullPlaintext_Throws()
        {
            // Arrange
            IDataProtector protector = new KeyRingBasedDataProtector(
                keyRingProvider: new Mock <IKeyRingProvider>().Object,
                logger: null,
                originalPurposes: null,
                newPurpose: "purpose");

            // Act & assert
            ExceptionAssert2.ThrowsArgumentNull(() => protector.Protect(plaintext: null), "plaintext");
        }
        public void Protect_NullPlaintext_Throws()
        {
            // Arrange
            IDataProtector protector = new KeyRingBasedDataProtector(
                keyRingProvider: new Mock<IKeyRingProvider>().Object,
                logger: null,
                originalPurposes: null,
                newPurpose: "purpose");

            // Act & assert
            ExceptionAssert2.ThrowsArgumentNull(() => protector.Protect(plaintext: null), "plaintext");
        }
        public void Unprotect_IsNotDefaultKey_Success_RequiresMigration()
        {
            // Arrange
            Guid defaultKeyId  = new Guid("ba73c9ce-d322-4e45-af90-341307e11c38");
            Guid embeddedKeyId = new Guid("9b5d2db3-299f-4eac-89e9-e9067a5c1853");

            byte[] expectedCiphertext = new byte[] { 0x03, 0x05, 0x07, 0x11, 0x13, 0x17, 0x19 };
            byte[] protectedData      = BuildProtectedDataFromCiphertext(embeddedKeyId, expectedCiphertext);
            byte[] expectedAad        = BuildAadFromPurposeStrings(embeddedKeyId, "purpose");
            byte[] expectedPlaintext  = new byte[] { 0x23, 0x29, 0x31, 0x37 };

            var mockEncryptor = new Mock <IAuthenticatedEncryptor>();

            mockEncryptor
            .Setup(o => o.Decrypt(It.IsAny <ArraySegment <byte> >(), It.IsAny <ArraySegment <byte> >()))
            .Returns <ArraySegment <byte>, ArraySegment <byte> >((actualCiphertext, actualAad) =>
            {
                Assert.Equal(expectedCiphertext, actualCiphertext);
                Assert.Equal(expectedAad, actualAad);
                return(expectedPlaintext);
            });
            var mockDescriptor = new Mock <IAuthenticatedEncryptorDescriptor>();

            mockDescriptor.Setup(o => o.CreateEncryptorInstance()).Returns(mockEncryptor.Object);

            Key defaultKey          = new Key(defaultKeyId, DateTimeOffset.Now, DateTimeOffset.Now, DateTimeOffset.Now, new Mock <IAuthenticatedEncryptorDescriptor>().Object);
            Key embeddedKey         = new Key(embeddedKeyId, DateTimeOffset.Now, DateTimeOffset.Now, DateTimeOffset.Now, mockDescriptor.Object);
            var keyRing             = new KeyRing(defaultKey, new[] { defaultKey, embeddedKey });
            var mockKeyRingProvider = new Mock <IKeyRingProvider>();

            mockKeyRingProvider.Setup(o => o.GetCurrentKeyRing()).Returns(keyRing);

            IDataProtector protector = new KeyRingBasedDataProtector(
                keyRingProvider: mockKeyRingProvider.Object,
                logger: null,
                originalPurposes: null,
                newPurpose: "purpose");

            // Act & assert - IDataProtector
            byte[] retVal = protector.Unprotect(protectedData);
            Assert.Equal(expectedPlaintext, retVal);

            // Act & assert - IPersistedDataProtector
            bool requiresMigration, wasRevoked;

            retVal = ((IPersistedDataProtector)protector).DangerousUnprotect(protectedData,
                                                                             ignoreRevocationErrors: false,
                                                                             requiresMigration: out requiresMigration,
                                                                             wasRevoked: out wasRevoked);
            Assert.Equal(expectedPlaintext, retVal);
            Assert.True(requiresMigration);
            Assert.False(wasRevoked);
        }
        public void Protect_HomogenizesExceptionsToCryptographicException()
        {
            // Arrange
            IDataProtector protector = new KeyRingBasedDataProtector(
                keyRingProvider: new Mock <IKeyRingProvider>(MockBehavior.Strict).Object,
                logger: null,
                originalPurposes: null,
                newPurpose: "purpose");

            // Act & assert
            var ex = ExceptionAssert2.ThrowsCryptographicException(() => protector.Protect(new byte[0]));

            Assert.IsAssignableFrom(typeof(MockException), ex.InnerException);
        }
        public void Unprotect_PayloadHasBadMagicHeader_ThrowsBadMagicHeader()
        {
            // Arrange
            IDataProtector protector = new KeyRingBasedDataProtector(
                keyRingProvider: new Mock <IKeyRingProvider>().Object,
                logger: null,
                originalPurposes: null,
                newPurpose: "purpose");

            byte[] badProtectedPayload = BuildProtectedDataFromCiphertext(Guid.NewGuid(), new byte[0]);
            badProtectedPayload[0]++; // corrupt the magic header

            // Act & assert
            var ex = ExceptionAssert2.ThrowsCryptographicException(() => protector.Unprotect(badProtectedPayload));

            Assert.Equal(Resources.ProtectionProvider_BadMagicHeader, ex.Message);
        }
        public void Unprotect_PayloadHasIncorrectVersionMarker_ThrowsNewerVersion()
        {
            // Arrange
            IDataProtector protector = new KeyRingBasedDataProtector(
                keyRingProvider: new Mock <IKeyRingProvider>().Object,
                logger: null,
                originalPurposes: null,
                newPurpose: "purpose");

            byte[] badProtectedPayload = BuildProtectedDataFromCiphertext(Guid.NewGuid(), new byte[0]);
            badProtectedPayload[3]++; // bump the version payload

            // Act & assert
            var ex = ExceptionAssert2.ThrowsCryptographicException(() => protector.Unprotect(badProtectedPayload));

            Assert.Equal(Resources.ProtectionProvider_BadVersion, ex.Message);
        }
        public void Unprotect_PayloadTooShort_ThrowsBadMagicHeader()
        {
            // Arrange
            IDataProtector protector = new KeyRingBasedDataProtector(
                keyRingProvider: new Mock <IKeyRingProvider>().Object,
                logger: null,
                originalPurposes: null,
                newPurpose: "purpose");

            byte[] badProtectedPayload = BuildProtectedDataFromCiphertext(Guid.NewGuid(), new byte[0]);
            badProtectedPayload = badProtectedPayload.Take(badProtectedPayload.Length - 1).ToArray(); // chop off the last byte

            // Act & assert
            var ex = ExceptionAssert2.ThrowsCryptographicException(() => protector.Unprotect(badProtectedPayload));

            Assert.Equal(Resources.ProtectionProvider_BadMagicHeader, ex.Message);
        }
        public void Protect_EncryptsToDefaultProtector_SinglePurpose()
        {
            // Arrange
            Guid defaultKey = new Guid("ba73c9ce-d322-4e45-af90-341307e11c38");

            byte[] expectedPlaintext     = new byte[] { 0x03, 0x05, 0x07, 0x11, 0x13, 0x17, 0x19 };
            byte[] expectedAad           = BuildAadFromPurposeStrings(defaultKey, "single purpose");
            byte[] expectedProtectedData = BuildProtectedDataFromCiphertext(defaultKey, new byte[] { 0x23, 0x29, 0x31, 0x37 });

            var mockEncryptor = new Mock <IAuthenticatedEncryptor>();

            mockEncryptor
            .Setup(o => o.Encrypt(It.IsAny <ArraySegment <byte> >(), It.IsAny <ArraySegment <byte> >()))
            .Returns <ArraySegment <byte>, ArraySegment <byte> >((actualPlaintext, actualAad) =>
            {
                Assert.Equal(expectedPlaintext, actualPlaintext);
                Assert.Equal(expectedAad, actualAad);
                return(new byte[] { 0x23, 0x29, 0x31, 0x37 });    // ciphertext + tag
            });

            var mockKeyRing = new Mock <IKeyRing>(MockBehavior.Strict);

            mockKeyRing.Setup(o => o.DefaultKeyId).Returns(defaultKey);
            mockKeyRing.Setup(o => o.DefaultAuthenticatedEncryptor).Returns(mockEncryptor.Object);
            var mockKeyRingProvider = new Mock <IKeyRingProvider>();

            mockKeyRingProvider.Setup(o => o.GetCurrentKeyRing()).Returns(mockKeyRing.Object);

            IDataProtector protector = new KeyRingBasedDataProtector(
                keyRingProvider: mockKeyRingProvider.Object,
                logger: null,
                originalPurposes: new string[0],
                newPurpose: "single purpose");

            // Act
            byte[] retVal = protector.Protect(expectedPlaintext);

            // Assert
            Assert.Equal(expectedProtectedData, retVal);
        }
        public void Protect_EncryptsToDefaultProtector_MultiplePurposes()
        {
            // Arrange
            Guid defaultKey = new Guid("ba73c9ce-d322-4e45-af90-341307e11c38");
            byte[] expectedPlaintext = new byte[] { 0x03, 0x05, 0x07, 0x11, 0x13, 0x17, 0x19 };
            byte[] expectedAad = BuildAadFromPurposeStrings(defaultKey, "purpose1", "purpose2", "yet another purpose");
            byte[] expectedProtectedData = BuildProtectedDataFromCiphertext(defaultKey, new byte[] { 0x23, 0x29, 0x31, 0x37 });

            var mockEncryptor = new Mock<IAuthenticatedEncryptor>();
            mockEncryptor
                .Setup(o => o.Encrypt(It.IsAny<ArraySegment<byte>>(), It.IsAny<ArraySegment<byte>>()))
                .Returns<ArraySegment<byte>, ArraySegment<byte>>((actualPlaintext, actualAad) =>
                {
                    Assert.Equal(expectedPlaintext, actualPlaintext);
                    Assert.Equal(expectedAad, actualAad);
                    return new byte[] { 0x23, 0x29, 0x31, 0x37 }; // ciphertext + tag
                });

            var mockKeyRing = new Mock<IKeyRing>(MockBehavior.Strict);
            mockKeyRing.Setup(o => o.DefaultKeyId).Returns(defaultKey);
            mockKeyRing.Setup(o => o.DefaultAuthenticatedEncryptor).Returns(mockEncryptor.Object);
            var mockKeyRingProvider = new Mock<IKeyRingProvider>();
            mockKeyRingProvider.Setup(o => o.GetCurrentKeyRing()).Returns(mockKeyRing.Object);

            IDataProtector protector = new KeyRingBasedDataProtector(
                keyRingProvider: mockKeyRingProvider.Object,
                logger: null,
                originalPurposes: new[] { "purpose1", "purpose2" },
                newPurpose: "yet another purpose");

            // Act
            byte[] retVal = protector.Protect(expectedPlaintext);

            // Assert
            Assert.Equal(expectedProtectedData, retVal);
        }
        public void Protect_HomogenizesExceptionsToCryptographicException()
        {
            // Arrange
            IDataProtector protector = new KeyRingBasedDataProtector(
                keyRingProvider: new Mock<IKeyRingProvider>(MockBehavior.Strict).Object,
                logger: null,
                originalPurposes: null,
                newPurpose: "purpose");

            // Act & assert
            var ex = ExceptionAssert2.ThrowsCryptographicException(() => protector.Protect(new byte[0]));
            Assert.IsAssignableFrom(typeof(MockException), ex.InnerException);
        }
        public void Unprotect_PayloadHasBadMagicHeader_ThrowsBadMagicHeader()
        {
            // Arrange
            IDataProtector protector = new KeyRingBasedDataProtector(
                keyRingProvider: new Mock<IKeyRingProvider>().Object,
                logger: null,
                originalPurposes: null,
                newPurpose: "purpose");

            byte[] badProtectedPayload = BuildProtectedDataFromCiphertext(Guid.NewGuid(), new byte[0]);
            badProtectedPayload[0]++; // corrupt the magic header

            // Act & assert
            var ex = ExceptionAssert2.ThrowsCryptographicException(() => protector.Unprotect(badProtectedPayload));
            Assert.Equal(Resources.ProtectionProvider_BadMagicHeader, ex.Message);
        }
        public void Unprotect_PayloadHasIncorrectVersionMarker_ThrowsNewerVersion()
        {
            // Arrange
            IDataProtector protector = new KeyRingBasedDataProtector(
                keyRingProvider: new Mock<IKeyRingProvider>().Object,
                logger: null,
                originalPurposes: null,
                newPurpose: "purpose");

            byte[] badProtectedPayload = BuildProtectedDataFromCiphertext(Guid.NewGuid(), new byte[0]);
            badProtectedPayload[3]++; // bump the version payload

            // Act & assert
            var ex = ExceptionAssert2.ThrowsCryptographicException(() => protector.Unprotect(badProtectedPayload));
            Assert.Equal(Resources.ProtectionProvider_BadVersion, ex.Message);
        }
        public void Unprotect_KeyRevoked_RevocationDisallowed_ThrowsKeyRevoked()
        {
            // Arrange
            Guid keyId = new Guid("654057ab-2491-4471-a72a-b3b114afda38");
            byte[] protectedData = BuildProtectedDataFromCiphertext(
                keyId: keyId,
                ciphertext: new byte[0]);

            var mockDescriptor = new Mock<IAuthenticatedEncryptorDescriptor>();
            mockDescriptor.Setup(o => o.CreateEncryptorInstance()).Returns(new Mock<IAuthenticatedEncryptor>().Object);

            // the keyring has only one key
            Key key = new Key(keyId, DateTimeOffset.Now, DateTimeOffset.Now, DateTimeOffset.Now, mockDescriptor.Object);
            key.SetRevoked();
            var keyRing = new KeyRing(key, new[] { key });
            var mockKeyRingProvider = new Mock<IKeyRingProvider>();
            mockKeyRingProvider.Setup(o => o.GetCurrentKeyRing()).Returns(keyRing);

            IDataProtector protector = new KeyRingBasedDataProtector(
                keyRingProvider: mockKeyRingProvider.Object,
                logger: null,
                originalPurposes: null,
                newPurpose: "purpose");

            // Act & assert
            var ex = ExceptionAssert2.ThrowsCryptographicException(() => protector.Unprotect(protectedData));
            Assert.Equal(Error.Common_KeyRevoked(keyId).Message, ex.Message);
        }
        public void Unprotect_IsNotDefaultKey_Success_RequiresMigration()
        {
            // Arrange
            Guid defaultKeyId = new Guid("ba73c9ce-d322-4e45-af90-341307e11c38");
            Guid embeddedKeyId = new Guid("9b5d2db3-299f-4eac-89e9-e9067a5c1853");
            byte[] expectedCiphertext = new byte[] { 0x03, 0x05, 0x07, 0x11, 0x13, 0x17, 0x19 };
            byte[] protectedData = BuildProtectedDataFromCiphertext(embeddedKeyId, expectedCiphertext);
            byte[] expectedAad = BuildAadFromPurposeStrings(embeddedKeyId, "purpose");
            byte[] expectedPlaintext = new byte[] { 0x23, 0x29, 0x31, 0x37 };

            var mockEncryptor = new Mock<IAuthenticatedEncryptor>();
            mockEncryptor
                .Setup(o => o.Decrypt(It.IsAny<ArraySegment<byte>>(), It.IsAny<ArraySegment<byte>>()))
                .Returns<ArraySegment<byte>, ArraySegment<byte>>((actualCiphertext, actualAad) =>
                {
                    Assert.Equal(expectedCiphertext, actualCiphertext);
                    Assert.Equal(expectedAad, actualAad);
                    return expectedPlaintext;
                });
            var mockDescriptor = new Mock<IAuthenticatedEncryptorDescriptor>();
            mockDescriptor.Setup(o => o.CreateEncryptorInstance()).Returns(mockEncryptor.Object);

            Key defaultKey = new Key(defaultKeyId, DateTimeOffset.Now, DateTimeOffset.Now, DateTimeOffset.Now, new Mock<IAuthenticatedEncryptorDescriptor>().Object);
            Key embeddedKey = new Key(embeddedKeyId, DateTimeOffset.Now, DateTimeOffset.Now, DateTimeOffset.Now, mockDescriptor.Object);
            var keyRing = new KeyRing(defaultKey, new[] { defaultKey, embeddedKey });
            var mockKeyRingProvider = new Mock<IKeyRingProvider>();
            mockKeyRingProvider.Setup(o => o.GetCurrentKeyRing()).Returns(keyRing);

            IDataProtector protector = new KeyRingBasedDataProtector(
                keyRingProvider: mockKeyRingProvider.Object,
                logger: null,
                originalPurposes: null,
                newPurpose: "purpose");

            // Act & assert - IDataProtector
            byte[] retVal = protector.Unprotect(protectedData);
            Assert.Equal(expectedPlaintext, retVal);

            // Act & assert - IPersistedDataProtector
            bool requiresMigration, wasRevoked;
            retVal = ((IPersistedDataProtector)protector).DangerousUnprotect(protectedData,
                ignoreRevocationErrors: false,
                requiresMigration: out requiresMigration,
                wasRevoked: out wasRevoked);
            Assert.Equal(expectedPlaintext, retVal);
            Assert.True(requiresMigration);
            Assert.False(wasRevoked);
        }
        public void Protect_Unprotect_RoundTripsProperly()
        {
            // Arrange
            byte[] plaintext = new byte[] { 0x10, 0x20, 0x30, 0x40, 0x50 };
            Key key = new Key(Guid.NewGuid(), DateTimeOffset.Now, DateTimeOffset.Now, DateTimeOffset.Now, new AuthenticatedEncryptorConfiguration(new AuthenticatedEncryptionOptions()).CreateNewDescriptor());
            var keyRing = new KeyRing(key, new[] { key });
            var mockKeyRingProvider = new Mock<IKeyRingProvider>();
            mockKeyRingProvider.Setup(o => o.GetCurrentKeyRing()).Returns(keyRing);

            var protector = new KeyRingBasedDataProtector(
                keyRingProvider: mockKeyRingProvider.Object,
                logger: null,
                originalPurposes: null,
                newPurpose: "purpose");

            // Act - protect
            byte[] protectedData = protector.Protect(plaintext);
            Assert.NotNull(protectedData);
            Assert.NotEqual(plaintext, protectedData);

            // Act - unprotect
            byte[] roundTrippedPlaintext = protector.Unprotect(protectedData);
            Assert.Equal(plaintext, roundTrippedPlaintext);
        }
        public void Unprotect_PayloadTooShort_ThrowsBadMagicHeader()
        {
            // Arrange
            IDataProtector protector = new KeyRingBasedDataProtector(
                keyRingProvider: new Mock<IKeyRingProvider>().Object,
                logger: null,
                originalPurposes: null,
                newPurpose: "purpose");

            byte[] badProtectedPayload = BuildProtectedDataFromCiphertext(Guid.NewGuid(), new byte[0]);
            badProtectedPayload = badProtectedPayload.Take(badProtectedPayload.Length - 1).ToArray(); // chop off the last byte

            // Act & assert
            var ex = ExceptionAssert2.ThrowsCryptographicException(() => protector.Unprotect(badProtectedPayload));
            Assert.Equal(Resources.ProtectionProvider_BadMagicHeader, ex.Message);
        }