Home Explore Help
Sign In
dotnet
/
aspnetcore
mirror of https://github.com/dotnet/aspnetcore.git
2
0
Fork 0
Files Issues 0 Wiki
Tree: 6aca37fe5e
Branches Tags
aspnetcore
/
test
/
Microsoft.AspNetCore.DataProtection.Test
/
XmlEncryption
/
DpapiXmlEncryptionTests.cs

DpapiXmlEncryptionTests.cs 2.7 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657 
  1. // Copyright (c) .NET Foundation. All rights reserved.
    2. 

  2. // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
    3. 

  3. 

  4. using System;
    5. 

  5. using System.Xml.Linq;
    6. 

  6. using Microsoft.AspNetCore.DataProtection.Test.Shared;
    7. 

  7. using Microsoft.AspNetCore.Testing;
    8. 

  8. using Microsoft.AspNetCore.Testing.xunit;
    9. 

  9. using Xunit;
    10. 

  10. 

  11. namespace Microsoft.AspNetCore.DataProtection.XmlEncryption
    12. 

  12. {
    13. 

  13.     public class DpapiXmlEncryptionTests
    14. 

  14.     {
    15. 

  15.         [ConditionalTheory]
    16. 

  16.         [ConditionalRunTestOnlyOnWindows]
    17. 

  17.         [InlineData(true)]
    18. 

  18.         [InlineData(false)]
    19. 

  19.         public void Encrypt_CurrentUserOrLocalMachine_Decrypt_RoundTrips(bool protectToLocalMachine)
    20. 

  20.         {
    21. 

  21.             // Arrange
    22. 

  22.             var originalXml = XElement.Parse(@"<mySecret value='265ee4ea-ade2-43b1-b706-09b259e58b6b' />");
    23. 

  23.             var encryptor = new DpapiXmlEncryptor(protectToLocalMachine);
    24. 

  24.             var decryptor = new DpapiXmlDecryptor();
    25. 

  25. 

  26.             // Act & assert - run through encryptor and make sure we get back an obfuscated element
    27. 

  27.             var encryptedXmlInfo = encryptor.Encrypt(originalXml);
    28. 

  28.             Assert.Equal(typeof(DpapiXmlDecryptor), encryptedXmlInfo.DecryptorType);
    29. 

  29.             Assert.DoesNotContain("265ee4ea-ade2-43b1-b706-09b259e58b6b", encryptedXmlInfo.EncryptedElement.ToString(), StringComparison.OrdinalIgnoreCase);
    30. 

  30. 

  31.             // Act & assert - run through decryptor and make sure we get back the original value
    32. 

  32.             var roundTrippedElement = decryptor.Decrypt(encryptedXmlInfo.EncryptedElement);
    33. 

  33.             XmlAssert.Equal(originalXml, roundTrippedElement);
    34. 

  34.         }
    35. 

  35. 

  36. #if !NETCOREAPP1_0
    37. 

  37.         [ConditionalFact]
    38. 

  38.         [ConditionalRunTestOnlyOnWindows]
    39. 

  39.         public void Encrypt_CurrentUser_Decrypt_ImpersonatedAsAnonymous_Fails()
    40. 

  40.         {
    41. 

  41.             // Arrange
    42. 

  42.             var originalXml = XElement.Parse(@"<mySecret value='265ee4ea-ade2-43b1-b706-09b259e58b6b' />");
    43. 

  43.             var encryptor = new DpapiXmlEncryptor(protectToLocalMachine: false);
    44. 

  44.             var decryptor = new DpapiXmlDecryptor();
    45. 

  45. 

  46.             // Act & assert - run through encryptor and make sure we get back an obfuscated element
    47. 

  47.             var encryptedXmlInfo = encryptor.Encrypt(originalXml);
    48. 

  48.             Assert.Equal(typeof(DpapiXmlDecryptor), encryptedXmlInfo.DecryptorType);
    49. 

  49.             Assert.DoesNotContain("265ee4ea-ade2-43b1-b706-09b259e58b6b", encryptedXmlInfo.EncryptedElement.ToString(), StringComparison.OrdinalIgnoreCase);
    50. 

  50. 

  51.             // Act & assert - run through decryptor (while impersonated as anonymous) and verify failure
    52. 

  52.             ExceptionAssert2.ThrowsCryptographicException(() =>
    53. 

  53.                 AnonymousImpersonation.Run(() => decryptor.Decrypt(encryptedXmlInfo.EncryptedElement)));
    54. 

  54.         }
    55. 

  55. #endif
    56. 

  56.     }
    57. 

  57. }
    58.