From 06d8de67c5724413c5f4aa696f76a04f24829a97 Mon Sep 17 00:00:00 2001 From: Bernd Schoolmann Date: Mon, 9 Jun 2025 14:48:14 +0200 Subject: [PATCH] Fix test --- .../RotateUserAccountKeysCommandTests.cs | 136 +----------------- 1 file changed, 2 insertions(+), 134 deletions(-) diff --git a/test/Core.Test/KeyManagement/UserKey/RotateUserAccountKeysCommandTests.cs b/test/Core.Test/KeyManagement/UserKey/RotateUserAccountKeysCommandTests.cs index f6c3a78712..ea573eb56e 100644 --- a/test/Core.Test/KeyManagement/UserKey/RotateUserAccountKeysCommandTests.cs +++ b/test/Core.Test/KeyManagement/UserKey/RotateUserAccountKeysCommandTests.cs @@ -252,9 +252,9 @@ public class RotateUserAccountKeysCommandTests user.PrivateKey = "2.xxx"; sutProvider.GetDependency() .GetByUserIdAsync(user.Id) - .Returns(new SignatureKeyPairData(SignatureAlgorithm.Ed25519, "7.xxx", "public")); + .ReturnsNull(); ; user.PublicKey = "public"; - model.AccountKeys.PublicKeyEncryptionKeyPairData.PublicKey = "public"; + model.AccountPublicKey = "public"; model.UserKeyEncryptedAccountPrivateKey = "2.xxx"; var saveEncryptedDataActions = new List(); await sutProvider.Sut.UpdateAccountKeys(model, user, saveEncryptedDataActions); @@ -271,136 +271,4 @@ public class RotateUserAccountKeysCommandTests var exception = Assert.Throws(() => sutProvider.Sut.ValidateRotationModelSignatureKeyPairForV1UserAndUpgradeToV2(model, user, encryptedDataActions)); Assert.Equal("The provided public key encryption key pair data does not contain a valid signed public key.", exception.Message); } - - [Theory, BitAutoData] - public async Task ThrowsIfSignatureKeyPairDataIsNull(SutProvider sutProvider, User user, RotateUserAccountKeysData model) - { - user.Kdf = Enums.KdfType.Argon2id; - user.PrivateKey = "2.abc"; - user.PublicKey = "public-key"; - if (model.AccountKeys != null) - { - model.AccountKeys.SignatureKeyPairData = null; - } - model.MasterPasswordUnlockData.Email = user.Email; - model.MasterPasswordUnlockData.KdfType = Enums.KdfType.Argon2id; - model.MasterPasswordUnlockData.KdfIterations = 3; - model.MasterPasswordUnlockData.KdfMemory = 64; - model.MasterPasswordUnlockData.KdfParallelism = 4; - model.AccountPublicKey = user.PublicKey; - model.UserKeyEncryptedAccountPrivateKey = "2.abc"; - model.AccountKeys.PublicKeyEncryptionKeyPairData = new PublicKeyEncryptionKeyPairData("2.abc", user.PublicKey, "signed-public-key"); - sutProvider.GetDependency().GetByUserIdAsync(user.Id) - .Returns(new SignatureKeyPairData(SignatureAlgorithm.Ed25519, "dummyWrappedSigningKey", "dummyVerifyingKey")); - sutProvider.GetDependency().CheckPasswordAsync(user, model.OldMasterKeyAuthenticationHash) - .Returns(true); - var ex = await Assert.ThrowsAsync(async () => await sutProvider.Sut.RotateUserAccountKeysAsync(user, model)); - Assert.Equal("The provided signature key pair data is missing.", ex.Message); - } - - [Theory, BitAutoData] - public async Task ThrowsIfVerifyingKeyDoesNotMatch(SutProvider sutProvider, User user, RotateUserAccountKeysData model) - { - user.Kdf = Enums.KdfType.Argon2id; - user.PrivateKey = "2.abc"; - user.PublicKey = "public-key"; - var repoKeyPair = new SignatureKeyPairData(SignatureAlgorithm.Ed25519, "signingKey", "verifyingKey"); - var modelKeyPair = new SignatureKeyPairData(SignatureAlgorithm.Ed25519, "signingKey", "verifyingKey-different"); - if (model.AccountKeys == null) - { - model.AccountKeys = new Core.KeyManagement.Models.Data.Models.UserAccountKeysData - { - PublicKeyEncryptionKeyPairData = new PublicKeyEncryptionKeyPairData("2.abc", user.PublicKey, "signed-public-key"), - SignatureKeyPairData = modelKeyPair - }; - } - else - { - model.AccountKeys.SignatureKeyPairData = modelKeyPair; - model.AccountKeys.PublicKeyEncryptionKeyPairData = new PublicKeyEncryptionKeyPairData("2.abc", user.PublicKey, "signed-public-key"); - } - model.MasterPasswordUnlockData.Email = user.Email; - model.MasterPasswordUnlockData.KdfType = Enums.KdfType.Argon2id; - model.MasterPasswordUnlockData.KdfIterations = 3; - model.MasterPasswordUnlockData.KdfMemory = 64; - model.MasterPasswordUnlockData.KdfParallelism = 4; - model.AccountPublicKey = user.PublicKey; - model.UserKeyEncryptedAccountPrivateKey = "2.abc"; - sutProvider.GetDependency().GetByUserIdAsync(user.Id) - .Returns(repoKeyPair); - sutProvider.GetDependency().CheckPasswordAsync(user, model.OldMasterKeyAuthenticationHash) - .Returns(true); - var ex = await Assert.ThrowsAsync(async () => await sutProvider.Sut.RotateUserAccountKeysAsync(user, model)); - Assert.Equal("The provided verifying key does not match the expected value.", ex.Message); - } - - [Theory, BitAutoData] - public async Task ThrowsIfSignedPublicKeyIsNullOrEmpty(SutProvider sutProvider, User user, RotateUserAccountKeysData model) - { - user.Kdf = Enums.KdfType.Argon2id; - user.PrivateKey = "2.abc"; - user.PublicKey = "public-key"; - var keyPair = new SignatureKeyPairData(SignatureAlgorithm.Ed25519, "dummyWrappedSigningKey", "dummyVerifyingKey"); - if (model.AccountKeys == null) - { - model.AccountKeys = new Core.KeyManagement.Models.Data.Models.UserAccountKeysData - { - PublicKeyEncryptionKeyPairData = new PublicKeyEncryptionKeyPairData("2.abc", user.PublicKey, null), - SignatureKeyPairData = keyPair - }; - } - else - { - model.AccountKeys.SignatureKeyPairData = keyPair; - model.AccountKeys.PublicKeyEncryptionKeyPairData = new PublicKeyEncryptionKeyPairData("2.abc", user.PublicKey, null); - } - model.MasterPasswordUnlockData.Email = user.Email; - model.MasterPasswordUnlockData.KdfType = Enums.KdfType.Argon2id; - model.MasterPasswordUnlockData.KdfIterations = 3; - model.MasterPasswordUnlockData.KdfMemory = 64; - model.MasterPasswordUnlockData.KdfParallelism = 4; - model.AccountPublicKey = user.PublicKey; - model.UserKeyEncryptedAccountPrivateKey = "2.abc"; - sutProvider.GetDependency().GetByUserIdAsync(user.Id) - .Returns(keyPair); - sutProvider.GetDependency().CheckPasswordAsync(user, model.OldMasterKeyAuthenticationHash) - .Returns(true); - var ex = await Assert.ThrowsAsync(async () => await sutProvider.Sut.RotateUserAccountKeysAsync(user, model)); - Assert.Equal("The provided public key encryption key pair data does not contain a valid signed public key.", ex.Message); - } - - [Theory, BitAutoData] - public async Task ThrowsIfWrappedSigningKeyIsNotXChaCha20(SutProvider sutProvider, User user, RotateUserAccountKeysData model) - { - user.Kdf = Enums.KdfType.Argon2id; - user.PrivateKey = "2.abc"; - user.PublicKey = "public-key"; - var keyPair = new SignatureKeyPairData(SignatureAlgorithm.Ed25519, "signingKey", "verifyingKey"); - if (model.AccountKeys == null) - { - model.AccountKeys = new Core.KeyManagement.Models.Data.Models.UserAccountKeysData - { - PublicKeyEncryptionKeyPairData = new PublicKeyEncryptionKeyPairData("2.abc", user.PublicKey, "signed-public-key"), - SignatureKeyPairData = keyPair - }; - } - else - { - model.AccountKeys.SignatureKeyPairData = keyPair; - model.AccountKeys.PublicKeyEncryptionKeyPairData = new PublicKeyEncryptionKeyPairData("2.abc", user.PublicKey, "signed-public-key"); - } - model.MasterPasswordUnlockData.Email = user.Email; - model.MasterPasswordUnlockData.KdfType = Enums.KdfType.Argon2id; - model.MasterPasswordUnlockData.KdfIterations = 3; - model.MasterPasswordUnlockData.KdfMemory = 64; - model.MasterPasswordUnlockData.KdfParallelism = 4; - model.AccountPublicKey = user.PublicKey; - model.UserKeyEncryptedAccountPrivateKey = "2.abc"; - sutProvider.GetDependency().GetByUserIdAsync(user.Id) - .Returns(keyPair); - sutProvider.GetDependency().CheckPasswordAsync(user, model.OldMasterKeyAuthenticationHash) - .Returns(true); - var ex = await Assert.ThrowsAsync(async () => await sutProvider.Sut.RotateUserAccountKeysAsync(user, model)); - Assert.Equal("The provided wrapped signing key is not XChaCha20-encrypted.", ex.Message); - } }