public void RoundTrip_ProtectedData() { // Arrange var ephemeralProtector = new EphemeralDataProtectionProvider(NullLoggerFactory.Instance).CreateProtector("my purpose"); var timeLimitedProtector = new TimeLimitedDataProtector(ephemeralProtector); var expectedExpiration = StringToDateTime("2020-01-01 00:00:00Z"); // Act byte[] ephemeralProtectedPayload = ephemeralProtector.Protect(new byte[] { 0x01, 0x02, 0x03, 0x04 }); byte[] timeLimitedProtectedPayload = timeLimitedProtector.Protect(new byte[] { 0x11, 0x22, 0x33, 0x44 }, expectedExpiration); // Assert Assert.Equal( new byte[] { 0x11, 0x22, 0x33, 0x44 }, timeLimitedProtector.UnprotectCore(timeLimitedProtectedPayload, StringToDateTime("2010-01-01 00:00:00Z"), out var actualExpiration)); Assert.Equal(expectedExpiration, actualExpiration); // the two providers shouldn't be able to talk to one another (due to the purpose chaining) Assert.Throws <CryptographicException>(() => ephemeralProtector.Unprotect(timeLimitedProtectedPayload)); Assert.Throws <CryptographicException>(() => timeLimitedProtector.Unprotect(ephemeralProtectedPayload, out actualExpiration)); }
public void Unprotect_PayloadHasExpired_Fails() { // Arrange // 0x08c1220247e44000 is the representation of midnight 2000-01-01 UTC. DateTimeOffset expectedExpiration = StringToDateTime("2000-01-01 00:00:00Z"); DateTimeOffset now = StringToDateTime("2001-01-01 00:00:00Z"); var mockInnerProtector = new Mock <IDataProtector>(); mockInnerProtector.Setup(o => o.CreateProtector(TimeLimitedPurposeString).Unprotect(new byte[] { 0x10, 0x11 })).Returns( new byte[] { 0x08, 0xc1, 0x22, 0x02, 0x47, 0xe4, 0x40, 0x00, /* header */ 0x01, 0x02, 0x03, 0x04, 0x05 /* payload */ }); var timeLimitedProtector = new TimeLimitedDataProtector(mockInnerProtector.Object); // Act & assert var ex = Assert.Throws <CryptographicException>(() => timeLimitedProtector.UnprotectCore(new byte[] { 0x10, 0x11 }, now, out var _)); // Assert Assert.Equal(ExtResources.FormatTimeLimitedDataProtector_PayloadExpired(expectedExpiration), ex.Message); }
public void Unprotect_WithinPayloadValidityPeriod_Success() { // Arrange // 0x08c1220247e44000 is the representation of midnight 2000-01-01 UTC. DateTimeOffset expectedExpiration = StringToDateTime("2000-01-01 00:00:00Z"); DateTimeOffset now = StringToDateTime("1999-01-01 00:00:00Z"); var mockInnerProtector = new Mock <IDataProtector>(); mockInnerProtector.Setup(o => o.CreateProtector(TimeLimitedPurposeString).Unprotect(new byte[] { 0x10, 0x11 })).Returns( new byte[] { 0x08, 0xc1, 0x22, 0x02, 0x47, 0xe4, 0x40, 0x00, /* header */ 0x01, 0x02, 0x03, 0x04, 0x05 /* payload */ }); var timeLimitedProtector = new TimeLimitedDataProtector(mockInnerProtector.Object); // Act var retVal = timeLimitedProtector.UnprotectCore(new byte[] { 0x10, 0x11 }, now, out var actualExpiration); // Assert Assert.Equal(expectedExpiration, actualExpiration); Assert.Equal(new byte[] { 0x01, 0x02, 0x03, 0x04, 0x05 }, retVal); }
public void Unprotect_PayloadHasExpired_Fails() { // Arrange // 0x08c1220247e44000 is the representation of midnight 2000-01-01 UTC. DateTimeOffset expectedExpiration = StringToDateTime("2000-01-01 00:00:00Z"); DateTimeOffset now = StringToDateTime("2001-01-01 00:00:00Z"); var mockInnerProtector = new Mock<IDataProtector>(); mockInnerProtector.Setup(o => o.CreateProtector(TimeLimitedPurposeString).Unprotect(new byte[] { 0x10, 0x11 })).Returns( new byte[] { 0x08, 0xc1, 0x22, 0x02, 0x47, 0xe4, 0x40, 0x00, /* header */ 0x01, 0x02, 0x03, 0x04, 0x05 /* payload */ }); var timeLimitedProtector = new TimeLimitedDataProtector(mockInnerProtector.Object); // Act & assert DateTimeOffset unused; var ex = Assert.Throws<CryptographicException>(() => timeLimitedProtector.UnprotectCore(new byte[] { 0x10, 0x11 }, now, out unused)); // Assert Assert.Equal(Resources.FormatTimeLimitedDataProtector_PayloadExpired(expectedExpiration), ex.Message); }
public void RoundTrip_ProtectedData() { // Arrange var ephemeralProtector = new EphemeralDataProtectionProvider().CreateProtector("my purpose"); var timeLimitedProtector = new TimeLimitedDataProtector(ephemeralProtector); var expectedExpiration = StringToDateTime("2020-01-01 00:00:00Z"); // Act byte[] ephemeralProtectedPayload = ephemeralProtector.Protect(new byte[] { 0x01, 0x02, 0x03, 0x04 }); byte[] timeLimitedProtectedPayload = timeLimitedProtector.Protect(new byte[] { 0x11, 0x22, 0x33, 0x44 }, expectedExpiration); // Assert DateTimeOffset actualExpiration; Assert.Equal(new byte[] { 0x11, 0x22, 0x33, 0x44 }, timeLimitedProtector.UnprotectCore(timeLimitedProtectedPayload, StringToDateTime("2010-01-01 00:00:00Z"), out actualExpiration)); Assert.Equal(expectedExpiration, actualExpiration); // the two providers shouldn't be able to talk to one another (due to the purpose chaining) Assert.Throws<CryptographicException>(() => ephemeralProtector.Unprotect(timeLimitedProtectedPayload)); Assert.Throws<CryptographicException>(() => timeLimitedProtector.Unprotect(ephemeralProtectedPayload, out actualExpiration)); }
public void Unprotect_WithinPayloadValidityPeriod_Success() { // Arrange // 0x08c1220247e44000 is the representation of midnight 2000-01-01 UTC. DateTimeOffset expectedExpiration = StringToDateTime("2000-01-01 00:00:00Z"); DateTimeOffset now = StringToDateTime("1999-01-01 00:00:00Z"); var mockInnerProtector = new Mock<IDataProtector>(); mockInnerProtector.Setup(o => o.CreateProtector(TimeLimitedPurposeString).Unprotect(new byte[] { 0x10, 0x11 })).Returns( new byte[] { 0x08, 0xc1, 0x22, 0x02, 0x47, 0xe4, 0x40, 0x00, /* header */ 0x01, 0x02, 0x03, 0x04, 0x05 /* payload */ }); var timeLimitedProtector = new TimeLimitedDataProtector(mockInnerProtector.Object); // Act DateTimeOffset actualExpiration; var retVal = timeLimitedProtector.UnprotectCore(new byte[] { 0x10, 0x11 }, now, out actualExpiration); // Assert Assert.Equal(expectedExpiration, actualExpiration); Assert.Equal(new byte[] { 0x01, 0x02, 0x03, 0x04, 0x05 }, retVal); }