Domů Procházet Nápověda
Přihlásit se
dotnet
/
aspnetcore
zrcadlo https://github.com/dotnet/aspnetcore.git
2
0
Rozštěpit 0
Soubory Úkoly 0 Wiki
Strom: 12c0f10147
Větve Značky
aspnetcore
/
test
/
Microsoft.AspNetCore.DataProtection.Extensions.Test
/
TimeLimitedDataProtectorTests.cs

TimeLimitedDataProtectorTests.cs 8.4 KB
Historie Surový

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178 
  1. // Copyright (c) .NET Foundation. All rights reserved.
    2. 

  2. // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
    3. 

  3. 

  4. using System;
    5. 

  5. using System.Globalization;
    6. 

  6. using System.Security.Cryptography;
    7. 

  7. using Microsoft.AspNetCore.DataProtection.Extensions;
    8. 

  8. using Moq;
    9. 

  9. using Xunit;
    10. 

  10. 

  11. namespace Microsoft.AspNetCore.DataProtection
    12. 

  12. {
    13. 

  13.     public class TimeLimitedDataProtectorTests
    14. 

  14.     {
    15. 

  15.         private const string TimeLimitedPurposeString = "Microsoft.AspNetCore.DataProtection.TimeLimitedDataProtector.v1";
    16. 

  16. 

  17.         [Fact]
    18. 

  18.         public void Protect_LifetimeSpecified()
    19. 

  19.         {
    20. 

  20.             // Arrange
    21. 

  21.             // 0x08c1220247e44000 is the representation of midnight 2000-01-01 UTC.
    22. 

  22.             DateTimeOffset expiration = StringToDateTime("2000-01-01 00:00:00Z");
    23. 

  23.             var mockInnerProtector = new Mock<IDataProtector>();
    24. 

  24.             mockInnerProtector.Setup(o => o.CreateProtector("new purpose").CreateProtector(TimeLimitedPurposeString).Protect(
    25. 

  25.                 new byte[] {
    26. 

  26.                     0x08, 0xc1, 0x22, 0x02, 0x47, 0xe4, 0x40, 0x00, /* header */
    27. 

  27.                     0x01, 0x02, 0x03, 0x04, 0x05 /* payload */
    28. 

  28.                 })).Returns(new byte[] { 0x10, 0x11 });
    29. 

  29. 

  30.             var timeLimitedProtector = new TimeLimitedDataProtector(mockInnerProtector.Object);
    31. 

  31. 

  32.             // Act
    33. 

  33.             var subProtector = timeLimitedProtector.CreateProtector("new purpose");
    34. 

  34.             var protectedPayload = subProtector.Protect(new byte[] { 0x01, 0x02, 0x03, 0x04, 0x05 }, expiration);
    35. 

  35. 

  36.             // Assert
    37. 

  37.             Assert.Equal(new byte[] { 0x10, 0x11 }, protectedPayload);
    38. 

  38.         }
    39. 

  39. 

  40.         [Fact]
    41. 

  41.         public void Protect_LifetimeNotSpecified_UsesInfiniteLifetime()
    42. 

  42.         {
    43. 

  43.             // Arrange
    44. 

  44.             // 0x2bca2875f4373fff is the representation of DateTimeOffset.MaxValue.
    45. 

  45.             DateTimeOffset expiration = StringToDateTime("2000-01-01 00:00:00Z");
    46. 

  46.             var mockInnerProtector = new Mock<IDataProtector>();
    47. 

  47.             mockInnerProtector.Setup(o => o.CreateProtector("new purpose").CreateProtector(TimeLimitedPurposeString).Protect(
    48. 

  48.                 new byte[] {
    49. 

  49.                     0x2b, 0xca, 0x28, 0x75, 0xf4, 0x37, 0x3f, 0xff, /* header */
    50. 

  50.                     0x01, 0x02, 0x03, 0x04, 0x05 /* payload */
    51. 

  51.                 })).Returns(new byte[] { 0x10, 0x11 });
    52. 

  52. 

  53.             var timeLimitedProtector = new TimeLimitedDataProtector(mockInnerProtector.Object);
    54. 

  54. 

  55.             // Act
    56. 

  56.             var subProtector = timeLimitedProtector.CreateProtector("new purpose");
    57. 

  57.             var protectedPayload = subProtector.Protect(new byte[] { 0x01, 0x02, 0x03, 0x04, 0x05 });
    58. 

  58. 

  59.             // Assert
    60. 

  60.             Assert.Equal(new byte[] { 0x10, 0x11 }, protectedPayload);
    61. 

  61.         }
    62. 

  62. 

  63.         [Fact]
    64. 

  64.         public void Unprotect_WithinPayloadValidityPeriod_Success()
    65. 

  65.         {
    66. 

  66.             // Arrange
    67. 

  67.             // 0x08c1220247e44000 is the representation of midnight 2000-01-01 UTC.
    68. 

  68.             DateTimeOffset expectedExpiration = StringToDateTime("2000-01-01 00:00:00Z");
    69. 

  69.             DateTimeOffset now = StringToDateTime("1999-01-01 00:00:00Z");
    70. 

  70.             var mockInnerProtector = new Mock<IDataProtector>();
    71. 

  71.             mockInnerProtector.Setup(o => o.CreateProtector(TimeLimitedPurposeString).Unprotect(new byte[] { 0x10, 0x11 })).Returns(
    72. 

  72.                 new byte[] {
    73. 

  73.                     0x08, 0xc1, 0x22, 0x02, 0x47, 0xe4, 0x40, 0x00, /* header */
    74. 

  74.                     0x01, 0x02, 0x03, 0x04, 0x05 /* payload */
    75. 

  75.                 });
    76. 

  76. 

  77.             var timeLimitedProtector = new TimeLimitedDataProtector(mockInnerProtector.Object);
    78. 

  78. 

  79.             // Act
    80. 

  80.             DateTimeOffset actualExpiration;
    81. 

  81.             var retVal = timeLimitedProtector.UnprotectCore(new byte[] { 0x10, 0x11 }, now, out actualExpiration);
    82. 

  82. 

  83.             // Assert
    84. 

  84.             Assert.Equal(expectedExpiration, actualExpiration);
    85. 

  85.             Assert.Equal(new byte[] { 0x01, 0x02, 0x03, 0x04, 0x05 }, retVal);
    86. 

  86.         }
    87. 

  87. 

  88.         [Fact]
    89. 

  89.         public void Unprotect_PayloadHasExpired_Fails()
    90. 

  90.         {
    91. 

  91.             // Arrange
    92. 

  92.             // 0x08c1220247e44000 is the representation of midnight 2000-01-01 UTC.
    93. 

  93.             DateTimeOffset expectedExpiration = StringToDateTime("2000-01-01 00:00:00Z");
    94. 

  94.             DateTimeOffset now = StringToDateTime("2001-01-01 00:00:00Z");
    95. 

  95.             var mockInnerProtector = new Mock<IDataProtector>();
    96. 

  96.             mockInnerProtector.Setup(o => o.CreateProtector(TimeLimitedPurposeString).Unprotect(new byte[] { 0x10, 0x11 })).Returns(
    97. 

  97.                 new byte[] {
    98. 

  98.                     0x08, 0xc1, 0x22, 0x02, 0x47, 0xe4, 0x40, 0x00, /* header */
    99. 

  99.                     0x01, 0x02, 0x03, 0x04, 0x05 /* payload */
    100. 

  100.                 });
    101. 

  101. 

  102.             var timeLimitedProtector = new TimeLimitedDataProtector(mockInnerProtector.Object);
    103. 

  103. 

  104.             // Act & assert
    105. 

  105.             DateTimeOffset unused;
    106. 

  106.             var ex = Assert.Throws<CryptographicException>(() => timeLimitedProtector.UnprotectCore(new byte[] { 0x10, 0x11 }, now, out unused));
    107. 

  107. 

  108.             // Assert
    109. 

  109.             Assert.Equal(Resources.FormatTimeLimitedDataProtector_PayloadExpired(expectedExpiration), ex.Message);
    110. 

  110.         }
    111. 

  111. 

  112.         [Fact]
    113. 

  113.         public void Unprotect_ProtectedDataMalformed_Fails()
    114. 

  114.         {
    115. 

  115.             // Arrange
    116. 

  116.             // 0x08c1220247e44000 is the representation of midnight 2000-01-01 UTC.
    117. 

  117.             var mockInnerProtector = new Mock<IDataProtector>();
    118. 

  118.             mockInnerProtector.Setup(o => o.CreateProtector(TimeLimitedPurposeString).Unprotect(new byte[] { 0x10, 0x11 })).Returns(
    119. 

  119.                 new byte[] {
    120. 

  120.                     0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06 /* header too short */
    121. 

  121.                 });
    122. 

  122. 

  123.             var timeLimitedProtector = new TimeLimitedDataProtector(mockInnerProtector.Object);
    124. 

  124. 

  125.             // Act & assert
    126. 

  126.             DateTimeOffset unused;
    127. 

  127.             var ex = Assert.Throws<CryptographicException>(() => timeLimitedProtector.Unprotect(new byte[] { 0x10, 0x11 }, out unused));
    128. 

  128. 

  129.             // Assert
    130. 

  130.             Assert.Equal(Resources.TimeLimitedDataProtector_PayloadInvalid, ex.Message);
    131. 

  131.         }
    132. 

  132. 

  133.         [Fact]
    134. 

  134.         public void Unprotect_UnprotectOperationFails_HomogenizesExceptionToCryptographicException()
    135. 

  135.         {
    136. 

  136.             // Arrange
    137. 

  137.             // 0x08c1220247e44000 is the representation of midnight 2000-01-01 UTC.
    138. 

  138.             var mockInnerProtector = new Mock<IDataProtector>();
    139. 

  139.             mockInnerProtector.Setup(o => o.CreateProtector(TimeLimitedPurposeString).Unprotect(new byte[] { 0x10, 0x11 })).Throws(new Exception("How exceptional!"));
    140. 

  140.             var timeLimitedProtector = new TimeLimitedDataProtector(mockInnerProtector.Object);
    141. 

  141. 

  142.             // Act & assert
    143. 

  143.             DateTimeOffset unused;
    144. 

  144.             var ex = Assert.Throws<CryptographicException>(() => timeLimitedProtector.Unprotect(new byte[] { 0x10, 0x11 }, out unused));
    145. 

  145. 

  146.             // Assert
    147. 

  147.             Assert.Equal(Resources.CryptCommon_GenericError, ex.Message);
    148. 

  148.             Assert.Equal("How exceptional!", ex.InnerException.Message);
    149. 

  149.         }
    150. 

  150. 

  151.         [Fact]
    152. 

  152.         public void RoundTrip_ProtectedData()
    153. 

  153.         {
    154. 

  154.             // Arrange
    155. 

  155.             var ephemeralProtector = new EphemeralDataProtectionProvider().CreateProtector("my purpose");
    156. 

  156.             var timeLimitedProtector = new TimeLimitedDataProtector(ephemeralProtector);
    157. 

  157.             var expectedExpiration = StringToDateTime("2020-01-01 00:00:00Z");
    158. 

  158. 

  159.             // Act
    160. 

  160.             byte[] ephemeralProtectedPayload = ephemeralProtector.Protect(new byte[] { 0x01, 0x02, 0x03, 0x04 });
    161. 

  161.             byte[] timeLimitedProtectedPayload = timeLimitedProtector.Protect(new byte[] { 0x11, 0x22, 0x33, 0x44 }, expectedExpiration);
    162. 

  162. 

  163.             // Assert
    164. 

  164.             DateTimeOffset actualExpiration;
    165. 

  165.             Assert.Equal(new byte[] { 0x11, 0x22, 0x33, 0x44 }, timeLimitedProtector.UnprotectCore(timeLimitedProtectedPayload, StringToDateTime("2010-01-01 00:00:00Z"), out actualExpiration));
    166. 

  166.             Assert.Equal(expectedExpiration, actualExpiration);
    167. 

  167. 

  168.             // the two providers shouldn't be able to talk to one another (due to the purpose chaining)
    169. 

  169.             Assert.Throws<CryptographicException>(() => ephemeralProtector.Unprotect(timeLimitedProtectedPayload));
    170. 

  170.             Assert.Throws<CryptographicException>(() => timeLimitedProtector.Unprotect(ephemeralProtectedPayload, out actualExpiration));
    171. 

  171.         }
    172. 

  172. 

  173.         private static DateTime StringToDateTime(string input)
    174. 

  174.         {
    175. 

  175.             return DateTimeOffset.ParseExact(input, "u", CultureInfo.InvariantCulture).UtcDateTime;
    176. 

  176.         }
    177. 

  177.     }
    178. 

  178. }
    179.