nhyatt/bitwarden
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-06-20 02:48:03 -05:00
Code

Fix test

Browse Source
This commit is contained in:
Bernd Schoolmann 2025-06-09 14:48:14 +02:00
parent 18c562db6f
commit 06d8de67c5
No known key found for this signature in database
1 changed files with 2 additions and 134 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

136
test/Core.Test/KeyManagement/UserKey/RotateUserAccountKeysCommandTests.cs
View File

@ -252,9 +252,9 @@ public class RotateUserAccountKeysCommandTests
user.PrivateKey = "2.xxx";
sutProvider.GetDependency<IUserSignatureKeyPairRepository>()
.GetByUserIdAsync(user.Id)
.Returns(new SignatureKeyPairData(SignatureAlgorithm.Ed25519, "7.xxx", "public"));
.ReturnsNull(); ;
user.PublicKey = "public";
model.AccountKeys.PublicKeyEncryptionKeyPairData.PublicKey = "public";
model.AccountPublicKey = "public";
model.UserKeyEncryptedAccountPrivateKey = "2.xxx";
var saveEncryptedDataActions = new List<Core.KeyManagement.UserKey.UpdateEncryptedDataForKeyRotation>();
await sutProvider.Sut.UpdateAccountKeys(model, user, saveEncryptedDataActions);
@ -271,136 +271,4 @@ public class RotateUserAccountKeysCommandTests
var exception = Assert.Throws<InvalidOperationException>(() => sutProvider.Sut.ValidateRotationModelSignatureKeyPairForV1UserAndUpgradeToV2(model, user, encryptedDataActions));
Assert.Equal("The provided public key encryption key pair data does not contain a valid signed public key.", exception.Message);
}
[Theory, BitAutoData]
public async Task ThrowsIfSignatureKeyPairDataIsNull(SutProvider<RotateUserAccountKeysCommand> sutProvider, User user, RotateUserAccountKeysData model)
{
user.Kdf = Enums.KdfType.Argon2id;
user.PrivateKey = "2.abc";
user.PublicKey = "public-key";
if (model.AccountKeys != null)
{
model.AccountKeys.SignatureKeyPairData = null;
}
model.MasterPasswordUnlockData.Email = user.Email;
model.MasterPasswordUnlockData.KdfType = Enums.KdfType.Argon2id;
model.MasterPasswordUnlockData.KdfIterations = 3;
model.MasterPasswordUnlockData.KdfMemory = 64;
model.MasterPasswordUnlockData.KdfParallelism = 4;
model.AccountPublicKey = user.PublicKey;
model.UserKeyEncryptedAccountPrivateKey = "2.abc";
model.AccountKeys.PublicKeyEncryptionKeyPairData = new PublicKeyEncryptionKeyPairData("2.abc", user.PublicKey, "signed-public-key");
sutProvider.GetDependency<IUserSignatureKeyPairRepository>().GetByUserIdAsync(user.Id)
.Returns(new SignatureKeyPairData(SignatureAlgorithm.Ed25519, "dummyWrappedSigningKey", "dummyVerifyingKey"));
sutProvider.GetDependency<IUserService>().CheckPasswordAsync(user, model.OldMasterKeyAuthenticationHash)
.Returns(true);
var ex = await Assert.ThrowsAsync<InvalidOperationException>(async () => await sutProvider.Sut.RotateUserAccountKeysAsync(user, model));
Assert.Equal("The provided signature key pair data is missing.", ex.Message);
}
[Theory, BitAutoData]
public async Task ThrowsIfVerifyingKeyDoesNotMatch(SutProvider<RotateUserAccountKeysCommand> sutProvider, User user, RotateUserAccountKeysData model)
{
user.Kdf = Enums.KdfType.Argon2id;
user.PrivateKey = "2.abc";
user.PublicKey = "public-key";
var repoKeyPair = new SignatureKeyPairData(SignatureAlgorithm.Ed25519, "signingKey", "verifyingKey");
var modelKeyPair = new SignatureKeyPairData(SignatureAlgorithm.Ed25519, "signingKey", "verifyingKey-different");
if (model.AccountKeys == null)
{
model.AccountKeys = new Core.KeyManagement.Models.Data.Models.UserAccountKeysData
{
PublicKeyEncryptionKeyPairData = new PublicKeyEncryptionKeyPairData("2.abc", user.PublicKey, "signed-public-key"),
SignatureKeyPairData = modelKeyPair
};
}
else
{
model.AccountKeys.SignatureKeyPairData = modelKeyPair;
model.AccountKeys.PublicKeyEncryptionKeyPairData = new PublicKeyEncryptionKeyPairData("2.abc", user.PublicKey, "signed-public-key");
}
model.MasterPasswordUnlockData.Email = user.Email;
model.MasterPasswordUnlockData.KdfType = Enums.KdfType.Argon2id;
model.MasterPasswordUnlockData.KdfIterations = 3;
model.MasterPasswordUnlockData.KdfMemory = 64;
model.MasterPasswordUnlockData.KdfParallelism = 4;
model.AccountPublicKey = user.PublicKey;
model.UserKeyEncryptedAccountPrivateKey = "2.abc";
sutProvider.GetDependency<IUserSignatureKeyPairRepository>().GetByUserIdAsync(user.Id)
.Returns(repoKeyPair);
sutProvider.GetDependency<IUserService>().CheckPasswordAsync(user, model.OldMasterKeyAuthenticationHash)
.Returns(true);
var ex = await Assert.ThrowsAsync<InvalidOperationException>(async () => await sutProvider.Sut.RotateUserAccountKeysAsync(user, model));
Assert.Equal("The provided verifying key does not match the expected value.", ex.Message);
}
[Theory, BitAutoData]
public async Task ThrowsIfSignedPublicKeyIsNullOrEmpty(SutProvider<RotateUserAccountKeysCommand> sutProvider, User user, RotateUserAccountKeysData model)
{
user.Kdf = Enums.KdfType.Argon2id;
user.PrivateKey = "2.abc";
user.PublicKey = "public-key";
var keyPair = new SignatureKeyPairData(SignatureAlgorithm.Ed25519, "dummyWrappedSigningKey", "dummyVerifyingKey");
if (model.AccountKeys == null)
{
model.AccountKeys = new Core.KeyManagement.Models.Data.Models.UserAccountKeysData
{
PublicKeyEncryptionKeyPairData = new PublicKeyEncryptionKeyPairData("2.abc", user.PublicKey, null),
SignatureKeyPairData = keyPair
};
}
else
{
model.AccountKeys.SignatureKeyPairData = keyPair;
model.AccountKeys.PublicKeyEncryptionKeyPairData = new PublicKeyEncryptionKeyPairData("2.abc", user.PublicKey, null);
}
model.MasterPasswordUnlockData.Email = user.Email;
model.MasterPasswordUnlockData.KdfType = Enums.KdfType.Argon2id;
model.MasterPasswordUnlockData.KdfIterations = 3;
model.MasterPasswordUnlockData.KdfMemory = 64;
model.MasterPasswordUnlockData.KdfParallelism = 4;
model.AccountPublicKey = user.PublicKey;
model.UserKeyEncryptedAccountPrivateKey = "2.abc";
sutProvider.GetDependency<IUserSignatureKeyPairRepository>().GetByUserIdAsync(user.Id)
.Returns(keyPair);
sutProvider.GetDependency<IUserService>().CheckPasswordAsync(user, model.OldMasterKeyAuthenticationHash)
.Returns(true);
var ex = await Assert.ThrowsAsync<InvalidOperationException>(async () => await sutProvider.Sut.RotateUserAccountKeysAsync(user, model));
Assert.Equal("The provided public key encryption key pair data does not contain a valid signed public key.", ex.Message);
}
[Theory, BitAutoData]
public async Task ThrowsIfWrappedSigningKeyIsNotXChaCha20(SutProvider<RotateUserAccountKeysCommand> sutProvider, User user, RotateUserAccountKeysData model)
{
user.Kdf = Enums.KdfType.Argon2id;
user.PrivateKey = "2.abc";
user.PublicKey = "public-key";
var keyPair = new SignatureKeyPairData(SignatureAlgorithm.Ed25519, "signingKey", "verifyingKey");
if (model.AccountKeys == null)
{
model.AccountKeys = new Core.KeyManagement.Models.Data.Models.UserAccountKeysData
{
PublicKeyEncryptionKeyPairData = new PublicKeyEncryptionKeyPairData("2.abc", user.PublicKey, "signed-public-key"),
SignatureKeyPairData = keyPair
};
}
else
{
model.AccountKeys.SignatureKeyPairData = keyPair;
model.AccountKeys.PublicKeyEncryptionKeyPairData = new PublicKeyEncryptionKeyPairData("2.abc", user.PublicKey, "signed-public-key");
}
model.MasterPasswordUnlockData.Email = user.Email;
model.MasterPasswordUnlockData.KdfType = Enums.KdfType.Argon2id;
model.MasterPasswordUnlockData.KdfIterations = 3;
model.MasterPasswordUnlockData.KdfMemory = 64;
model.MasterPasswordUnlockData.KdfParallelism = 4;
model.AccountPublicKey = user.PublicKey;
model.UserKeyEncryptedAccountPrivateKey = "2.abc";
sutProvider.GetDependency<IUserSignatureKeyPairRepository>().GetByUserIdAsync(user.Id)
.Returns(keyPair);
sutProvider.GetDependency<IUserService>().CheckPasswordAsync(user, model.OldMasterKeyAuthenticationHash)
.Returns(true);
var ex = await Assert.ThrowsAsync<InvalidOperationException>(async () => await sutProvider.Sut.RotateUserAccountKeysAsync(user, model));
Assert.Equal("The provided wrapped signing key is not XChaCha20-encrypted.", ex.Message);
}
}