public void RoundTrip_PopulatedObject_WithIV_Success()
{
var settings = new ProjectSettingsProviderEnv();
var IV = "C0FFEEC0FFEEC0FFEEC0FFEEC0FFEEC0";
IDictionary <string, object> filter = new ExpandoObject();
filter.Add("property_name", "account_id");
filter.Add("operator", "eq");
filter.Add("property_value", 123);
dynamic secOpsIn = new ExpandoObject();
secOpsIn.filters = new List <object>()
{
filter
};
secOpsIn.allowed_operations = new List <string>()
{
"read"
};
Assert.DoesNotThrow(() =>
{
var scopedKey = ScopedKey.Encrypt(settings.MasterKey, (object)secOpsIn, IV);
var decrypted = ScopedKey.Decrypt(settings.MasterKey, scopedKey);
var secOpsOut = JObject.Parse(decrypted);
Assert.True(secOpsIn.allowed_operations[0] == (string)(secOpsOut["allowed_operations"].First()));
});
}
public void Roundtrip_RndIV_Success()
{
const string vendorGuid = "abc";
const bool isRead = false;
var str = "{\"filters\": [{\"property_name\": \"vendor_id\",\"operator\": \"eq\",\"property_value\": \"VENDOR_GUID\"}],\"allowed_operations\": [ \"READ_OR_WRITE\" ]}";
str = str.Replace("VENDOR_GUID", vendorGuid);
str = str.Replace("READ_OR_WRITE", isRead ? "read" : "write");
var rnd = new System.Security.Cryptography.RNGCryptoServiceProvider();
var bytes = new byte[16];
rnd.GetBytes(bytes);
var iv = String.Concat(bytes.Select(b => b.ToString("X2"))); Trace.WriteLine("IV: " + iv);
Trace.WriteLine("plaintext: " + str);
var scopedKey = ScopedKey.EncryptString(SettingsEnv.MasterKey, str, iv);
Trace.WriteLine("encrypted: " + scopedKey);
var decrypted = ScopedKey.Decrypt(SettingsEnv.MasterKey, scopedKey);
Trace.WriteLine("decrypted: " + decrypted);
// Make sure the input string exactly matches the decrypted string. This input isn't of
// a length that is a multiple of block size or key size, so this would have required
// manual padding in the past. The decrypted string shouldn't have any padding now.
Assert.AreEqual(str, decrypted);
}
public void Roundtrip_RndIV_Success()
{
const string vendor_guid = "abc";
const bool isRead = false;
var str = "{\"filters\": [{\"property_name\": \"vendor_id\",\"operator\": \"eq\",\"property_value\": \"VENDOR_GUID\"}],\"allowed_operations\": [ \"READ_OR_WRITE\" ]}";
str = str.Replace("VENDOR_GUID", vendor_guid);
if (isRead)
{
str = str.Replace("READ_OR_WRITE", "read");
}
else
{
str = str.Replace("READ_OR_WRITE", "write");
}
var rnd = new System.Security.Cryptography.RNGCryptoServiceProvider();
byte[] bytes = new byte[16];
rnd.GetBytes(bytes);
var IV = String.Concat(bytes.Select(b => b.ToString("X2"))); Trace.WriteLine("IV: " + IV);
var scopedKey = ScopedKey.EncryptString(SettingsEnv.MasterKey, str, IV); //System.Text.Encoding.Default.GetString(bytes));
var decrypted = ScopedKey.Decrypt(SettingsEnv.MasterKey, scopedKey);
Trace.WriteLine("decrypted: " + decrypted);
var settings = new ProjectSettingsProvider(SettingsEnv.ProjectId, writeKey: scopedKey);
var client = new KeenClient(settings);
client.AddEvent("X", new { vendor_id = "abc", X = "123" });
}
public void AddEvent_ScopedKeyWrite_Success()
{
const string scope = "{\"timestamp\": \"2014-02-25T22:09:27.320082\", \"allowed_operations\": [\"write\"]}";
var scopedKey = ScopedKey.EncryptString(SettingsEnv.MasterKey, scope);
var settings = new ProjectSettingsProvider(masterKey: SettingsEnv.MasterKey, projectId: SettingsEnv.ProjectId, writeKey: scopedKey);
var client = new KeenClient(settings);
if (UseMocks)
{
client.EventCollection = new EventCollectionMock(settings,
addEvent: (c, e, p) =>
{
var key = JObject.Parse(ScopedKey.Decrypt(p.MasterKey, p.WriteKey));
if ((key["allowed_operations"].Values <string>().First() == "write") && (p == settings) && (c == "AddEventTest") && (e["AProperty"].Value <string>() == "CustomKey"))
{
return;
}
throw new Exception("Unexpected value");
});
}
Assert.DoesNotThrow(() => client.AddEvent("AddEventTest", new { AProperty = "CustomKey" }));
}
public void Roundtrip_RndIV_Success()
{
const string vendorGuid = "abc";
const bool isRead = false;
var str = "{\"filters\": [{\"property_name\": \"vendor_id\",\"operator\": \"eq\",\"property_value\": \"VENDOR_GUID\"}],\"allowed_operations\": [ \"READ_OR_WRITE\" ]}";
str = str.Replace("VENDOR_GUID", vendorGuid);
str = str.Replace("READ_OR_WRITE", isRead ? "read" : "write");
var rnd = new System.Security.Cryptography.RNGCryptoServiceProvider();
var bytes = new byte[16];
rnd.GetBytes(bytes);
var iv = String.Concat(bytes.Select(b => b.ToString("X2"))); Trace.WriteLine("IV: " + iv);
Trace.WriteLine("plaintext: " + str);
var scopedKey = ScopedKey.EncryptString(SettingsEnv.MasterKey, str, iv);
Trace.WriteLine("encrypted: " + scopedKey);
var decrypted = ScopedKey.Decrypt(SettingsEnv.MasterKey, scopedKey);
Trace.WriteLine("decrypted: " + decrypted);
}
public void Encrypt_64CharKeyWithFilter_Success()
{
var settings = new ProjectSettingsProvider("projId", "0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef");
IDictionary <string, object> filter = new ExpandoObject();
filter.Add("property_name", "account_id");
filter.Add("operator", "eq");
filter.Add("property_value", 123);
dynamic secOpsIn = new ExpandoObject();
secOpsIn.filters = new List <object>()
{
filter
};
secOpsIn.allowed_operations = new List <string>()
{
"read"
};
Assert.DoesNotThrow(() =>
{
var scopedKey = ScopedKey.Encrypt(settings.MasterKey, (object)secOpsIn);
var decrypted = ScopedKey.Decrypt(settings.MasterKey, scopedKey);
var secOpsOut = JObject.Parse(decrypted);
Assert.True(secOpsIn.allowed_operations[0] == (string)(secOpsOut["allowed_operations"].First()));
});
}
public void Encrypt_PopulatedObject_Success()
{
Assert.DoesNotThrow(() =>
{
var settings = new ProjectSettingsProviderEnv();
const string str = "{\"filters\": [{\"property_name\": \"account_id\",\"operator\": \"eq\",\"property_value\": 123}],\"allowed_operations\": [ \"read\" ]}";
var secOps = JObject.Parse(str);
var scopedKey = ScopedKey.Encrypt(settings.MasterKey, secOps);
});
}
public void Decrypt_WriteKey_Success()
{
// if mocking is turned on, the write key will be fake and not decryptable, so skip the test
if (UseMocks)
{
return;
}
var settings = new ProjectSettingsProviderEnv();
Assert.DoesNotThrow(() => ScopedKey.Decrypt(settings.MasterKey, settings.WriteKey));
}
public void RoundTrip_PopulatedObject_WithIV_Success()
{
var settings = new ProjectSettingsProviderEnv();
const string IV = "C0FFEEC0FFEEC0FFEEC0FFEEC0FFEEC0";
const string str = "{\"filters\": [{\"property_name\": \"account_id\",\"operator\": \"eq\",\"property_value\": 123}],\"allowed_operations\": [ \"read\" ]}";
var secOps = JObject.Parse(str);
Assert.DoesNotThrow(() =>
{
var scopedKey = ScopedKey.Encrypt(settings.MasterKey, secOps, IV);
var decrypted = ScopedKey.Decrypt(settings.MasterKey, scopedKey);
var secOpsOut = JObject.Parse(decrypted);
Assert.True((string)secOps["allowed_operations"].First() == (string)(secOpsOut["allowed_operations"].First()));
});
}
public void Encrypt_PopulatedObject_Success()
{
Assert.DoesNotThrow(() =>
{
var settings = new ProjectSettingsProviderEnv();
dynamic secOps = new ExpandoObject();
IDictionary <string, object> filter = new ExpandoObject();
filter.Add("property_name", "account_id");
filter.Add("operator", "eq");
filter.Add("property_value", 123);
secOps.filters = new List <object>()
{
filter
};
secOps.allowed_operations = new List <string>()
{
"read"
};
var scopedKey = ScopedKey.Encrypt(settings.MasterKey, (object)secOps);
});
}
public void Decrypt_WriteKey_Success()
{
const string plainText = "{\"filters\": [{\"property_name\": \"vendor_id\",\"operator\": \"eq\",\"property_value\": \"abc\"}],\"allowed_operations\": [ \"write\" ]}";
var testKey = SettingsEnv.MasterKey;
var cryptText = SettingsEnv.ReadKey;
if (UseMocks)
{
cryptText =
"BAA51D1D03D49C1159E7298762AAC26493B20F579988E1EDA4613305F08E01CB702886F0FCB5312E5E18C6315A8049700816CA35BD952C75EB694AAA4A95535EE13CD9D5D8C97A215B4790638EA1DA3DB9484A0133D5289E2A22D5C2952E1F708540722EA832B093E147495A70ADF534242E961FDE3F0275E20D58F22B23F4BAE2A61518CB943818ABEF547DD68F68FE";
testKey = "0123456789ABCDEF0123456789ABCDEF"; // ensure the key matches what cryptText was encrypted with
}
var decrypted = ScopedKey.Decrypt(testKey, cryptText);
if (UseMocks)
{
Assert.True(decrypted.Equals(plainText));
}
else
{
Assert.That(decrypted.IndexOf("timestamp") > 0);
}
}
public void Encrypt_64CharKey_Success()
{
Assert.DoesNotThrow(() => ScopedKey.Encrypt("0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef", null));
}
public void Encrypt_BlankKey_Throws()
{
Assert.Throws <KeenException>(() => ScopedKey.Encrypt("", new { X = "X" }));
}
public void Encrypt_NullObject_Success()
{
Assert.DoesNotThrow(() => ScopedKey.Encrypt("abc", null));
}
public void Decrypt_WriteKey()
{
var decrypted = ScopedKey.Decrypt(SettingsEnv.MasterKey, SettingsEnv.ReadKey);
Trace.WriteLine(decrypted);
}
public void Encrypt_NullKey_Success()
{
Assert.DoesNotThrow(() => ScopedKey.Encrypt(null, new { X = "X" }));
}
public void Encrypt_NullObject_Success()
{
Assert.DoesNotThrow(() => ScopedKey.Encrypt("0123456789ABCDEF0123456789ABCDEF", null));
}
public void Encrypt_BlankKey_Success()
{
Assert.DoesNotThrow(() => ScopedKey.Encrypt("", new { X = "X" }));
}
public void Encrypt_NullKey_Throws()
{
Assert.Throws <Keen.Core.KeenException>(() => ScopedKey.Encrypt(null, new { X = "X" }));
}
internal override byte[] GenerateBytes()
{
var builder = new FlatBufferBuilder(1);
// create version
var version = GetTxVersionSerialization();
var signatureVector = MetadataTransactionBuffer.CreateSignatureVector(builder, new byte[64]);
var signerVector = MetadataTransactionBuffer.CreateSignerVector(builder, GetSigner());
var feeVector = MetadataTransactionBuffer.CreateMaxFeeVector(builder, MaxFee?.ToUInt8Array());
var deadlineVector = MetadataTransactionBuffer.CreateDeadlineVector(builder, Deadline.Ticks.ToUInt8Array());
var TargetIdVector = MetadataTransactionBuffer.CreateTargetIdVector(builder, TargetId.Id.ToUInt8Array());
var targetKeyVector = MetadataTransactionBuffer.CreateTargetKeyVector(builder, TargetPublicKey.PublicKey.DecodeHexString());
var scopedMetadataKeyVector = MetadataTransactionBuffer.CreateScopedMetadataKeyVector(builder, ScopedKey.ToUInt8Array());
var valueVector = MetadataTransactionBuffer.CreateValueVector(builder, valueDifference_Bytes);
// add size of stuff with constant size and size of metadata id
var totalSize = GetSerializedSize();
MetadataTransactionBuffer.StartMetadataTransactionBuffer(builder);
MetadataTransactionBuffer.AddSize(builder, (uint)totalSize);
MetadataTransactionBuffer.AddSignature(builder, signatureVector);
MetadataTransactionBuffer.AddSigner(builder, signerVector);
MetadataTransactionBuffer.AddVersion(builder, (uint)version);
MetadataTransactionBuffer.AddType(builder, TransactionType.GetValue());
MetadataTransactionBuffer.AddMaxFee(builder, feeVector);
MetadataTransactionBuffer.AddDeadline(builder, deadlineVector);
MetadataTransactionBuffer.AddTargetKey(builder, targetKeyVector);
MetadataTransactionBuffer.AddScopedMetadataKey(builder, scopedMetadataKeyVector);
MetadataTransactionBuffer.AddTargetId(builder, TargetIdVector);
MetadataTransactionBuffer.AddValueSizeDelta(builder, ValueSizeDelta);
MetadataTransactionBuffer.AddValueSize(builder, ValueSize);
MetadataTransactionBuffer.AddValue(builder, valueVector);
// end build
var codedTransfer = MetadataTransactionBuffer.EndMetadataTransactionBuffer(builder);
builder.Finish(codedTransfer.Value);
var output = new MetadataTransactionSchema().Serialize(builder.SizedByteArray());
if (output.Length != totalSize)
{
throw new SerializationException("Serialized form has incorrect length");
}
return(output);
}
