public void Protect_Unprotect_RoundTripsProperly() { // Arrange byte[] plaintext = new byte[] { 0x10, 0x20, 0x30, 0x40, 0x50 }; Key key = new Key(Guid.NewGuid(), DateTimeOffset.Now, DateTimeOffset.Now, DateTimeOffset.Now, new AuthenticatedEncryptorConfiguration(new AuthenticatedEncryptionOptions()).CreateNewDescriptor()); var keyRing = new KeyRing(key, new[] { key }); var mockKeyRingProvider = new Mock <IKeyRingProvider>(); mockKeyRingProvider.Setup(o => o.GetCurrentKeyRing()).Returns(keyRing); var protector = new KeyRingBasedDataProtector( keyRingProvider: mockKeyRingProvider.Object, logger: null, originalPurposes: null, newPurpose: "purpose"); // Act - protect byte[] protectedData = protector.Protect(plaintext); Assert.NotNull(protectedData); Assert.NotEqual(plaintext, protectedData); // Act - unprotect byte[] roundTrippedPlaintext = protector.Unprotect(protectedData); Assert.Equal(plaintext, roundTrippedPlaintext); }
public void Protect_NullPlaintext_Throws() { // Arrange IDataProtector protector = new KeyRingBasedDataProtector( keyRingProvider: new Mock <IKeyRingProvider>().Object, logger: null, originalPurposes: null, newPurpose: "purpose"); // Act & assert ExceptionAssert2.ThrowsArgumentNull(() => protector.Protect(plaintext: null), "plaintext"); }
public void Protect_NullPlaintext_Throws() { // Arrange IDataProtector protector = new KeyRingBasedDataProtector( keyRingProvider: new Mock<IKeyRingProvider>().Object, logger: null, originalPurposes: null, newPurpose: "purpose"); // Act & assert ExceptionAssert2.ThrowsArgumentNull(() => protector.Protect(plaintext: null), "plaintext"); }
public void Protect_HomogenizesExceptionsToCryptographicException() { // Arrange IDataProtector protector = new KeyRingBasedDataProtector( keyRingProvider: new Mock <IKeyRingProvider>(MockBehavior.Strict).Object, logger: null, originalPurposes: null, newPurpose: "purpose"); // Act & assert var ex = ExceptionAssert2.ThrowsCryptographicException(() => protector.Protect(new byte[0])); Assert.IsAssignableFrom(typeof(MockException), ex.InnerException); }
public void Protect_EncryptsToDefaultProtector_SinglePurpose() { // Arrange Guid defaultKey = new Guid("ba73c9ce-d322-4e45-af90-341307e11c38"); byte[] expectedPlaintext = new byte[] { 0x03, 0x05, 0x07, 0x11, 0x13, 0x17, 0x19 }; byte[] expectedAad = BuildAadFromPurposeStrings(defaultKey, "single purpose"); byte[] expectedProtectedData = BuildProtectedDataFromCiphertext(defaultKey, new byte[] { 0x23, 0x29, 0x31, 0x37 }); var mockEncryptor = new Mock <IAuthenticatedEncryptor>(); mockEncryptor .Setup(o => o.Encrypt(It.IsAny <ArraySegment <byte> >(), It.IsAny <ArraySegment <byte> >())) .Returns <ArraySegment <byte>, ArraySegment <byte> >((actualPlaintext, actualAad) => { Assert.Equal(expectedPlaintext, actualPlaintext); Assert.Equal(expectedAad, actualAad); return(new byte[] { 0x23, 0x29, 0x31, 0x37 }); // ciphertext + tag }); var mockKeyRing = new Mock <IKeyRing>(MockBehavior.Strict); mockKeyRing.Setup(o => o.DefaultKeyId).Returns(defaultKey); mockKeyRing.Setup(o => o.DefaultAuthenticatedEncryptor).Returns(mockEncryptor.Object); var mockKeyRingProvider = new Mock <IKeyRingProvider>(); mockKeyRingProvider.Setup(o => o.GetCurrentKeyRing()).Returns(mockKeyRing.Object); IDataProtector protector = new KeyRingBasedDataProtector( keyRingProvider: mockKeyRingProvider.Object, logger: null, originalPurposes: new string[0], newPurpose: "single purpose"); // Act byte[] retVal = protector.Protect(expectedPlaintext); // Assert Assert.Equal(expectedProtectedData, retVal); }
public void Protect_EncryptsToDefaultProtector_MultiplePurposes() { // Arrange Guid defaultKey = new Guid("ba73c9ce-d322-4e45-af90-341307e11c38"); byte[] expectedPlaintext = new byte[] { 0x03, 0x05, 0x07, 0x11, 0x13, 0x17, 0x19 }; byte[] expectedAad = BuildAadFromPurposeStrings(defaultKey, "purpose1", "purpose2", "yet another purpose"); byte[] expectedProtectedData = BuildProtectedDataFromCiphertext(defaultKey, new byte[] { 0x23, 0x29, 0x31, 0x37 }); var mockEncryptor = new Mock<IAuthenticatedEncryptor>(); mockEncryptor .Setup(o => o.Encrypt(It.IsAny<ArraySegment<byte>>(), It.IsAny<ArraySegment<byte>>())) .Returns<ArraySegment<byte>, ArraySegment<byte>>((actualPlaintext, actualAad) => { Assert.Equal(expectedPlaintext, actualPlaintext); Assert.Equal(expectedAad, actualAad); return new byte[] { 0x23, 0x29, 0x31, 0x37 }; // ciphertext + tag }); var mockKeyRing = new Mock<IKeyRing>(MockBehavior.Strict); mockKeyRing.Setup(o => o.DefaultKeyId).Returns(defaultKey); mockKeyRing.Setup(o => o.DefaultAuthenticatedEncryptor).Returns(mockEncryptor.Object); var mockKeyRingProvider = new Mock<IKeyRingProvider>(); mockKeyRingProvider.Setup(o => o.GetCurrentKeyRing()).Returns(mockKeyRing.Object); IDataProtector protector = new KeyRingBasedDataProtector( keyRingProvider: mockKeyRingProvider.Object, logger: null, originalPurposes: new[] { "purpose1", "purpose2" }, newPurpose: "yet another purpose"); // Act byte[] retVal = protector.Protect(expectedPlaintext); // Assert Assert.Equal(expectedProtectedData, retVal); }
public void Protect_Unprotect_RoundTripsProperly() { // Arrange byte[] plaintext = new byte[] { 0x10, 0x20, 0x30, 0x40, 0x50 }; Key key = new Key(Guid.NewGuid(), DateTimeOffset.Now, DateTimeOffset.Now, DateTimeOffset.Now, new AuthenticatedEncryptorConfiguration(new AuthenticatedEncryptionOptions()).CreateNewDescriptor()); var keyRing = new KeyRing(key, new[] { key }); var mockKeyRingProvider = new Mock<IKeyRingProvider>(); mockKeyRingProvider.Setup(o => o.GetCurrentKeyRing()).Returns(keyRing); var protector = new KeyRingBasedDataProtector( keyRingProvider: mockKeyRingProvider.Object, logger: null, originalPurposes: null, newPurpose: "purpose"); // Act - protect byte[] protectedData = protector.Protect(plaintext); Assert.NotNull(protectedData); Assert.NotEqual(plaintext, protectedData); // Act - unprotect byte[] roundTrippedPlaintext = protector.Unprotect(protectedData); Assert.Equal(plaintext, roundTrippedPlaintext); }
public void Protect_HomogenizesExceptionsToCryptographicException() { // Arrange IDataProtector protector = new KeyRingBasedDataProtector( keyRingProvider: new Mock<IKeyRingProvider>(MockBehavior.Strict).Object, logger: null, originalPurposes: null, newPurpose: "purpose"); // Act & assert var ex = ExceptionAssert2.ThrowsCryptographicException(() => protector.Protect(new byte[0])); Assert.IsAssignableFrom(typeof(MockException), ex.InnerException); }