644b005f2a
The EncryptionService now loads a set of keys and uses the active one to encrypt and selects key based on keyid during decryption. Introduced EncryptedValue to hold keyId and encrypted data. (There are no intermeddiate keys yet)
44 lines
1.5 KiB
C#
44 lines
1.5 KiB
C#
using System.Buffers.Text;
|
|
using System.Security.Cryptography;
|
|
using IdentityShroud.Core.Contracts;
|
|
using IdentityShroud.Core.Model;
|
|
using IdentityShroud.Core.Security.Keys;
|
|
using IdentityShroud.Core.Services;
|
|
using IdentityShroud.TestUtils.Substitutes;
|
|
|
|
namespace IdentityShroud.Api.Tests.Mappers;
|
|
|
|
public class KeyServiceTests
|
|
{
|
|
private readonly IEncryptionService _encryptionService = EncryptionServiceSubstitute.CreatePassthrough();
|
|
//private readonly IKeyProviderFactory _keyProviderFactory = Substitute.For<IKeyProviderFactory>();
|
|
|
|
[Fact]
|
|
public void Test()
|
|
{
|
|
// Setup
|
|
using RSA rsa = RSA.Create(2048);
|
|
|
|
RSAParameters parameters = rsa.ExportParameters(includePrivateParameters: false);
|
|
|
|
RealmKey realmKey = new()
|
|
{
|
|
Id = new("60bb79cf-4bac-4521-87f2-ac87cc15541f"),
|
|
KeyType = "RSA",
|
|
Key = new("", rsa.ExportPkcs8PrivateKey()),
|
|
CreatedAt = DateTime.UtcNow,
|
|
Priority = 10,
|
|
};
|
|
|
|
// Act
|
|
KeyService sut = new(_encryptionService, new KeyProviderFactory(), new ClockService());
|
|
var jwk = sut.CreateJsonWebKey(realmKey);
|
|
|
|
Assert.NotNull(jwk);
|
|
Assert.Equal("RSA", jwk.KeyType);
|
|
Assert.Equal(realmKey.Id.ToString(), jwk.KeyId);
|
|
Assert.Equal("sig", jwk.Use);
|
|
Assert.Equal(parameters.Exponent, Base64Url.DecodeFromChars(jwk.Exponent));
|
|
Assert.Equal(parameters.Modulus, Base64Url.DecodeFromChars(jwk.Modulus));
|
|
}
|
|
}
|