1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
|
//-----------------------------------------------------------------------
// <copyright file="AssociationTests.cs" company="Andrew Arnott">
// Copyright (c) Andrew Arnott. All rights reserved.
// </copyright>
//-----------------------------------------------------------------------
namespace DotNetOpenAuth.Test.OpenId {
using System;
using System.Collections.Generic;
using System.Linq;
using System.Security.Cryptography;
using System.Text;
using DotNetOpenAuth.Messaging;
using DotNetOpenAuth.OpenId;
using NUnit.Framework;
[TestFixture]
public class AssociationTests : OpenIdTestBase {
private static readonly TimeSpan deltaDateTime = TimeSpan.FromSeconds(2);
private static readonly HashAlgorithm sha1 = DiffieHellmanUtilities.Lookup(Protocol.Default, Protocol.Default.Args.SessionType.DH_SHA1);
private byte[] sha1Secret;
private byte[] sha1Secret2;
[SetUp]
public override void SetUp() {
base.SetUp();
// just a little something to make it at all interesting.
this.sha1Secret = new byte[sha1.HashSize / 8];
this.sha1Secret[0] = 0x33;
this.sha1Secret[1] = 0x55;
this.sha1Secret2 = new byte[sha1.HashSize / 8];
this.sha1Secret2[0] = 0x88;
this.sha1Secret2[1] = 0xcc;
}
[TestCase]
public void Properties() {
string handle = "somehandle";
TimeSpan lifetime = TimeSpan.FromMinutes(2);
Association assoc = HmacShaAssociation.Create(Protocol.Default, Protocol.Default.Args.SignatureAlgorithm.HMAC_SHA1, handle, this.sha1Secret, lifetime);
Assert.IsFalse(assoc.IsExpired);
Assert.IsTrue(Math.Abs((DateTime.Now - assoc.Issued.ToLocalTime()).TotalSeconds) < deltaDateTime.TotalSeconds);
Assert.IsTrue(Math.Abs((DateTime.Now.ToLocalTime() + lifetime - assoc.Expires.ToLocalTime()).TotalSeconds) < deltaDateTime.TotalSeconds);
Assert.AreEqual(handle, assoc.Handle);
Assert.IsTrue(Math.Abs(lifetime.TotalSeconds - assoc.SecondsTillExpiration) < deltaDateTime.TotalSeconds);
Assert.IsTrue(MessagingUtilities.AreEquivalent(this.sha1Secret, assoc.SecretKey));
Assert.AreEqual(0, assoc.Issued.Millisecond, "No milliseconds because this can be cut off in conversions.");
}
[TestCase]
public void Sign() {
Association assoc1 = HmacShaAssociation.Create(Protocol.Default, Protocol.Default.Args.SignatureAlgorithm.HMAC_SHA1, "h1", this.sha1Secret, TimeSpan.FromMinutes(2));
Association assoc2 = HmacShaAssociation.Create(Protocol.Default, Protocol.Default.Args.SignatureAlgorithm.HMAC_SHA1, "h2", this.sha1Secret2, TimeSpan.FromMinutes(2));
var data = new byte[] { 0xdd, 0xcc };
// sign once and verify that it's sane
byte[] signature1 = assoc1.Sign(data);
Assert.IsNotNull(signature1);
Assert.AreNotEqual(0, signature1.Length);
// sign again and make sure it's different
byte[] signature2 = assoc2.Sign(data);
Assert.IsNotNull(signature2);
Assert.AreNotEqual(0, signature2.Length);
Assert.IsFalse(MessagingUtilities.AreEquivalent(signature1, signature2));
// sign again with the same secret and make sure it's the same.
Assert.IsTrue(MessagingUtilities.AreEquivalent(signature1, assoc1.Sign(data)));
// now change the data and make sure signature changes
data[1] = 0xee;
Assert.IsFalse(MessagingUtilities.AreEquivalent(signature1, assoc1.Sign(data)));
}
}
}
|
