示例#1
0
        public void SecondSelfSign_Should_ThrowException()
        {
            //STC-8
            var rawSignedModel = faker.PredefinedRawSignedModel(null, true, false, false);
            var crypto         = new VirgilCrypto();
            var keyPair        = crypto.GenerateKeys();
            var signer         = new ModelSigner(new VirgilCardCrypto());

            Assert.Throws <VirgilException>(
                () => signer.SelfSign(rawSignedModel, keyPair.PrivateKey)
                );
        }
示例#2
0
        /// <summary>
        /// Generates a new <see cref="RawSignedModel"/> in order to apply for a card registration.
        /// </summary>
        /// <param name="cardParams">The instance of <see cref="CardParams"/> class.
        /// It should has mandatory parameters: identity, public key, private key</param>
        /// <returns>A new self signed instance of <see cref="RawSignedModel"/> class.</returns>
        public RawSignedModel GenerateRawCard(CardParams cardParams)
        {
            ValidateCardParams(cardParams, true);
            var timeNow = DateTime.UtcNow;

            //to truncate milliseconds and microseconds
            timeNow = timeNow.AddTicks(-timeNow.Ticks % TimeSpan.TicksPerSecond);
            var model = RawSignedModelUtils.Generate(CardCrypto, cardParams, timeNow);

            ModelSigner.SelfSign(model, cardParams.PrivateKey, cardParams.ExtraFields);
            return(model);
        }
示例#3
0
        public static RawSignedModel PredefinedRawSignedModel(this Faker faker,
                                                              string previousCardId   = null,
                                                              bool addSelfSignature   = false,
                                                              bool addVirgilSignature = false,
                                                              bool addExtraSignature  = false
                                                              )
        {
            var crypto         = new VirgilCrypto();
            var keyPair        = faker.PredefinedKeyPair();
            var dateTime       = DateTimeOffset.FromUnixTimeSeconds(Int64.Parse("1515686245")).DateTime;
            var rawCardContent = new RawCardContent()
            {
                CreatedAt      = dateTime,
                Identity       = "test",
                PublicKey      = crypto.ExportPublicKey(keyPair.PublicKey),
                Version        = "5.0",
                PreviousCardId = previousCardId
            };
            var model = new RawSignedModel()
            {
                ContentSnapshot = SnapshotUtils.TakeSnapshot(rawCardContent)
            };

            var signer = new ModelSigner(new VirgilCardCrypto());

            if (addSelfSignature)
            {
                signer.SelfSign(model, keyPair.PrivateKey);
            }

            if (addVirgilSignature)
            {
                signer.Sign(model, new SignParams()
                {
                    Signer           = ModelSigner.VirgilSigner,
                    SignerPrivateKey = faker.PredefinedVirgilKeyPair().PrivateKey
                });
            }

            if (addExtraSignature)
            {
                signer.Sign(model, new SignParams()
                {
                    Signer           = "extra",
                    SignerPrivateKey = crypto.GenerateKeys().PrivateKey
                });
            }
            return(model);
        }
示例#4
0
        private RawSignedModel GenerateRawSignedModel(string identity)
        {
            var crypto         = new VirgilCrypto();
            var keyPair        = faker.PredefinedKeyPair();
            var rawCardContent = new RawCardContent()
            {
                CreatedAt = DateTime.UtcNow,
                Identity  = identity,
                PublicKey = crypto.ExportPublicKey(keyPair.PublicKey),
                Version   = "5.0"
            };
            var model = new RawSignedModel()
            {
                ContentSnapshot = SnapshotUtils.TakeSnapshot(rawCardContent)
            };

            var signer = new ModelSigner(new VirgilCardCrypto());

            signer.SelfSign(model, keyPair.PrivateKey);
            return(model);
        }
示例#5
0
        public void SelfSign_Should_AddValidSignature()
        {
            //STC-8
            var rawSignedModel = faker.PredefinedRawSignedModel(null, false, false, false);
            var crypto         = new VirgilCrypto();
            var signer         = new ModelSigner(new VirgilCardCrypto());

            Assert.AreEqual(rawSignedModel.Signatures.Count, 0);

            signer.SelfSign(rawSignedModel, faker.PredefinedKeyPair().PrivateKey);
            Assert.AreEqual(rawSignedModel.Signatures.Count, 1);
            var selfSignature = rawSignedModel.Signatures.First();
            var cardId        = CardUtils.GenerateCardId(new VirgilCardCrypto(), rawSignedModel.ContentSnapshot);

            Assert.AreEqual(selfSignature.Signer, ModelSigner.SelfSigner);
            Assert.AreEqual(selfSignature.Snapshot, null);
            Assert.True(crypto.VerifySignature(
                            selfSignature.Signature,
                            rawSignedModel.ContentSnapshot,
                            faker.PredefinedKeyPair().PublicKey)
                        );
        }
示例#6
0
        public void SelfSignWithSignatureSnapshot_Should_AddValidSignature()
        {
            //STC-9
            var rawSignedModel = faker.PredefinedRawSignedModel(null, false, false, false);
            var crypto         = new VirgilCrypto();
            var signer         = new ModelSigner(new VirgilCardCrypto());

            Assert.AreEqual(rawSignedModel.Signatures.Count, 0);
            var signatureSnapshot = faker.Random.Bytes(32);

            signer.SelfSign(rawSignedModel, faker.PredefinedKeyPair().PrivateKey, signatureSnapshot);
            var selfSignature = rawSignedModel.Signatures.First();

            Assert.AreEqual(selfSignature.Signer, ModelSigner.SelfSigner);
            Assert.AreEqual(selfSignature.Snapshot, signatureSnapshot);

            var extendedSnapshot = Bytes.Combine(rawSignedModel.ContentSnapshot, signatureSnapshot);

            Assert.True(crypto.VerifySignature(
                            selfSignature.Signature,
                            extendedSnapshot,
                            faker.PredefinedKeyPair().PublicKey)
                        );
        }
        public async System.Threading.Tasks.Task Prepair_TestDataAsync()
        {
            var model     = faker.PredefinedRawSignedModel();
            var fullModel = faker.PredefinedRawSignedModel(
                "a666318071274adb738af3f67b8c7ec29d954de2cabfd71a942e6ea38e59fff9",
                true, true, true);
            var data = new Dictionary <string, string>
            {
                { "STC-1.as_string", model.ExportAsString() },
                { "STC-1.as_json", model.ExportAsJson() },
                { "STC-2.as_string", fullModel.ExportAsString() },
                { "STC-2.as_json", fullModel.ExportAsJson() }
            };

            var cardManager = faker.CardManager();
            var card        = cardManager.ImportCardFromString(model.ExportAsString());
            var crypto      = new VirgilCrypto();

            data.Add("STC-3.as_string", cardManager.ExportCardAsString(card));
            data.Add("STC-3.as_json", cardManager.ExportCardAsJson(card));
            data.Add("STC-3.card_id", card.Id);
            data.Add("STC-3.public_key_base64", Bytes.ToString(crypto.ExportPublicKey(card.PublicKey), StringEncoding.BASE64));

            fullModel = faker.PredefinedRawSignedModel(null, true, true, true);
            var fullCard = cardManager.ImportCardFromString(fullModel.ExportAsString());

            data.Add("STC-4.as_string", cardManager.ExportCardAsString(fullCard));
            data.Add("STC-4.as_json", cardManager.ExportCardAsJson(fullCard));
            data.Add("STC-4.card_id", fullCard.Id);
            data.Add("STC-4.public_key_base64", Bytes.ToString(crypto.ExportPublicKey(fullCard.PublicKey),
                                                               StringEncoding.BASE64));
            foreach (var signature in fullCard.Signatures)
            {
                data.Add($"STC-4.signature_{signature.Signer}_base64", Bytes.ToString(signature.Signature,
                                                                                      StringEncoding.BASE64));
            }

            string apiPublicKeyId;
            string apiPublicKeyBase64;

            var(token, jwtGenerator) = faker.PredefinedToken(
                new VirgilAccessTokenSigner(),
                TimeSpan.FromMinutes(10),
                out apiPublicKeyId,
                out apiPublicKeyBase64);

            data.Add("STC-22.jwt", token.ToString());
            data.Add("STC-22.api_public_key_base64", apiPublicKeyBase64);
            data.Add("STC-22.api_key_id", apiPublicKeyId);


            data.Add("STC-23.api_public_key_base64", apiPublicKeyBase64);
            data.Add("STC-23.api_key_id", apiPublicKeyId);
            data.Add("STC-23.app_id", jwtGenerator.AppId);

            data.Add("STC-23.api_private_key_base64", Bytes.ToString(
                         crypto.ExportPrivateKey(jwtGenerator.ApiKey), StringEncoding.BASE64));

            // STC-10
            var cardKeyPair     = crypto.GenerateKeys();
            var cardIdentity    = faker.Random.AlphaNumeric(10);
            var rawCardContent1 = new RawCardContent()
            {
                CreatedAt = DateTime.UtcNow,
                Identity  = cardIdentity,
                PublicKey = crypto.ExportPublicKey(cardKeyPair.PublicKey),
                Version   = "5.0",
            };
            var rawSignedModel = new RawSignedModel()
            {
                ContentSnapshot = SnapshotUtils.TakeSnapshot(rawCardContent1)
            };

            var signer = new ModelSigner(new VirgilCardCrypto());

            signer.SelfSign(rawSignedModel, cardKeyPair.PrivateKey);


            var keyPair = crypto.GenerateKeys();

            signer.Sign(rawSignedModel, new SignParams()
            {
                SignerPrivateKey = keyPair.PrivateKey,
                Signer           = "extra"
            });
            data.Add("STC-10.private_key1_base64", Bytes.ToString(
                         crypto.ExportPrivateKey(keyPair.PrivateKey), StringEncoding.BASE64));

            var accessTokenGenerator = new JwtGenerator(
                AppSettings.AppId,
                IntegrationHelper.ApiPrivateKey(),
                AppSettings.ApiPublicKeyId,
                TimeSpan.FromMinutes(10),
                new VirgilAccessTokenSigner()
                );
            var accessTokenProvider = Substitute.For <IAccessTokenProvider>();

            accessTokenProvider.GetTokenAsync(Arg.Any <TokenContext>()).Returns(
                accessTokenGenerator.GenerateToken(cardIdentity)
                );
            var validator = new VirgilCardVerifier(new VirgilCardCrypto())
            {
                VerifySelfSignature = true, VerifyVirgilSignature = true
            };

            validator.ChangeServiceCreds(AppSettings.ServicePublicKeyDerBase64);
            var manager = new CardManager(new CardManagerParams()
            {
                CardCrypto          = new VirgilCardCrypto(),
                AccessTokenProvider = accessTokenProvider,
                ApiUrl   = AppSettings.CardsServiceAddress,
                Verifier = validator
            });

            card = await manager.PublishCardAsync(rawSignedModel);

            data.Add("STC-10.as_string", manager.ExportCardAsString(card));


            // STC - 11
            rawSignedModel = faker.PredefinedRawSignedModel(null, false, false, false);
            data.Add("STC-11.as_string", rawSignedModel.ExportAsString());

            // STC - 12
            rawSignedModel = faker.PredefinedRawSignedModel(null, true, false, false);
            data.Add("STC-12.as_string", rawSignedModel.ExportAsString());

            // STC - 14
            rawSignedModel = faker.PredefinedRawSignedModel(null, false, true, false);
            data.Add("STC-14.as_string", rawSignedModel.ExportAsString());

            // STC - 15
            rawSignedModel = faker.PredefinedRawSignedModel(null, false, false, false);
            keyPair        = crypto.GenerateKeys();
            signer.Sign(rawSignedModel, new SignParams()
            {
                SignerPrivateKey = keyPair.PrivateKey,
                Signer           = "self"
            });
            data.Add("STC-15.as_string", rawSignedModel.ExportAsString());

            // STC - 16
            rawSignedModel = faker.PredefinedRawSignedModel(null, true, true, false);
            keyPair        = crypto.GenerateKeys();
            signer.Sign(rawSignedModel, new SignParams()
            {
                SignerPrivateKey = keyPair.PrivateKey,
                Signer           = "extra"
            });
            data.Add("STC-16.as_string", rawSignedModel.ExportAsString());
            data.Add("STC-16.public_key1_base64", Bytes.ToString(
                         crypto.ExportPublicKey(keyPair.PublicKey), StringEncoding.BASE64));

            // STC - 28
            (token, jwtGenerator) = faker.PredefinedToken(
                new VirgilAccessTokenSigner(),
                TimeSpan.FromMinutes(2),
                out apiPublicKeyId,
                out apiPublicKeyBase64);
            data.Add("STC-28.jwt", token.ToString());
            data.Add("STC-28.jwt_identity", token.BodyContent.Identity);
            data.Add("STC-28.jwt_app_id", token.BodyContent.AppId);
            data.Add("STC-28.jw_issuer", token.BodyContent.Issuer);
            data.Add("STC-28.jwt_subject", token.BodyContent.Subject);
            data.Add("STC-28.jwt_additional_data", Configuration.Serializer.Serialize(token.BodyContent.AdditionalData));
            data.Add("STC-28.jwt_expires_at", Configuration.Serializer.Serialize(token.BodyContent.ExpiresAt));
            data.Add("STC-28.jwt_issued_at", Configuration.Serializer.Serialize(token.BodyContent.IssuedAt));
            data.Add("STC-28.jwt_algorithm", token.HeaderContent.Algorithm);
            data.Add("STC-28.jwt_api_key_id", token.HeaderContent.KeyId);
            data.Add("STC-28.jwt_content_type", token.HeaderContent.ContentType);
            data.Add("STC-28.jwt_type", token.HeaderContent.Type);
            data.Add("STC-28.jwt_signature_base64", Bytes.ToString(token.SignatureData, StringEncoding.BASE64));


            // STC - 29
            (token, jwtGenerator) = faker.PredefinedToken(
                new VirgilAccessTokenSigner(),
                TimeSpan.FromDays(365),
                out apiPublicKeyId,
                out apiPublicKeyBase64);
            data.Add("STC-29.jwt", token.ToString());
            data.Add("STC-29.jwt_identity", token.BodyContent.Identity);
            data.Add("STC-29.jwt_app_id", token.BodyContent.AppId);
            data.Add("STC-29.jw_issuer", token.BodyContent.Issuer);
            data.Add("STC-29.jwt_subject", token.BodyContent.Subject);
            data.Add("STC-29.jwt_additional_data", Configuration.Serializer.Serialize(token.BodyContent.AdditionalData));
            data.Add("STC-29.jwt_expires_at", Configuration.Serializer.Serialize(token.BodyContent.ExpiresAt));
            data.Add("STC-29.jwt_issued_at", Configuration.Serializer.Serialize(token.BodyContent.IssuedAt));
            data.Add("STC-29.jwt_algorithm", token.HeaderContent.Algorithm);
            data.Add("STC-29.jwt_api_key_id", token.HeaderContent.KeyId);
            data.Add("STC-29.jwt_content_type", token.HeaderContent.ContentType);
            data.Add("STC-29.jwt_type", token.HeaderContent.Type);
            data.Add("STC-29.jwt_signature_base64", Bytes.ToString(token.SignatureData, StringEncoding.BASE64));


            // STC - 34
            keyPair = crypto.GenerateKeys();
            var rawCardContent = new RawCardContent()
            {
                CreatedAt = DateTime.UtcNow,
                Identity  = "test",
                PublicKey = crypto.ExportPublicKey(keyPair.PublicKey),
                Version   = "5.0"
            };

            model = new RawSignedModel()
            {
                ContentSnapshot = SnapshotUtils.TakeSnapshot(rawCardContent)
            };

            signer.SelfSign(
                model, keyPair.PrivateKey, new Dictionary <string, string>()
            {
                { "info", "some_additional_info" }
            }
                );

            data.Add("STC-34.private_key_base64", Bytes.ToString(
                         crypto.ExportPrivateKey(keyPair.PrivateKey), StringEncoding.BASE64));
            data.Add("STC-34.public_key_base64", Bytes.ToString(
                         crypto.ExportPublicKey(keyPair.PublicKey), StringEncoding.BASE64));
            data.Add("STC-34.self_signature_snapshot_base64",
                     Bytes.ToString(model.Signatures.First().Snapshot, StringEncoding.BASE64));
            data.Add("STC-34.content_snapshot_base64",
                     Bytes.ToString(
                         SnapshotUtils.TakeSnapshot(rawCardContent), StringEncoding.BASE64));
            data.Add("STC-34.as_string", model.ExportAsString());

            System.IO.File.WriteAllText(AppSettings.OutputTestDataPath,
                                        Configuration.Serializer.Serialize(data));
        }
示例#8
0
        public void CardManager_Should_RaiseExceptionIfGetsCardWithDifferentId()
        {
            // STC-34
            var verifier = Substitute.For <ICardVerifier>();

            verifier.VerifyCard(Arg.Any <Card>()).Returns(true);
            var crypto         = new VirgilCrypto();
            var keyPair        = faker.PredefinedKeyPair();
            var rawCardContent = new RawCardContent()
            {
                CreatedAt = DateTime.UtcNow,
                Identity  = "test",
                PublicKey = crypto.ExportPublicKey(keyPair.PublicKey),
                Version   = "5.0"
            };
            var model = new RawSignedModel()
            {
                ContentSnapshot = SnapshotUtils.TakeSnapshot(rawCardContent)
            };

            var signer = new ModelSigner(new VirgilCardCrypto());

            signer.SelfSign(
                model, keyPair.PrivateKey, new Dictionary <string, string>()
            {
                { "info", "some_additional_info" }
            }
                );
            var signCallBack = Substitute.For <Func <RawSignedModel, Task <RawSignedModel> > >();

            signCallBack.Invoke(Arg.Any <RawSignedModel>()).Returns(args => (RawSignedModel)args[0]);
            var jwtGenerator = new JwtGenerator(
                AppSettings.AppId,
                IntegrationHelper.ApiPrivateKey(),
                AppSettings.ApiPublicKeyId,
                TimeSpan.FromMinutes(10),
                new VirgilAccessTokenSigner()
                );
            var accessTokenProvider = Substitute.For <IAccessTokenProvider>();
            var identity            = faker.Random.AlphaNumeric(20);
            var token = jwtGenerator.GenerateToken(identity);

            accessTokenProvider.GetTokenAsync(Arg.Any <TokenContext>()).Returns(
                token
                );
            var cardId = faker.CardId();
            var client = Substitute.For <ICardClient>();
            Func <Task <Tuple <RawSignedModel, bool> > > stub = async() =>
            {
                return(new Tuple <RawSignedModel, bool>(model, false));
            };

            client.GetCardAsync(Arg.Any <string>(), Arg.Any <string>()).Returns(stub.Invoke());

            var manager = new CardManager(new CardManagerParams()
            {
                CardCrypto          = new VirgilCardCrypto(),
                AccessTokenProvider = accessTokenProvider,
                SignCallBack        = signCallBack,
                Verifier            = verifier,
                ApiUrl = AppSettings.CardsServiceAddress
            }
                                          )
            {
                Client = client
            };

            Assert.ThrowsAsync <CardVerificationException>(async() => await manager.GetCardAsync(cardId));
        }