Restore SEBPatch

SafeExamBrowser.Configuration.UnitTests/Cryptography/HashAlgorithmTests.cs

@@ -0,0 +1,34 @@
+/*
+ * Copyright (c) 2024 ETH Zürich, IT Services
+ * 
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ */
+
+using Microsoft.VisualStudio.TestTools.UnitTesting;
+using SafeExamBrowser.Configuration.Cryptography;
+
+namespace SafeExamBrowser.Configuration.UnitTests.Cryptography
+{
+	[TestClass]
+	public class HashAlgorithmTests
+	{
+		private HashAlgorithm sut;
+
+		[TestInitialize]
+		public void Initialize()
+		{
+			sut = new HashAlgorithm();
+		}
+
+		[TestMethod]
+		public void MustGeneratePasswordHashCorrectly()
+		{
+			var hash = "4adfa806cb610693a6200e4cdbdafeaf352876a35f964a781d691457df9cd378";
+			var generated = sut.GenerateHashFor("blabbedyblubbedy");
+
+			Assert.AreEqual(hash, generated);
+		}
+	}
+}

SafeExamBrowser.Configuration.UnitTests/Cryptography/KeyGeneratorTests.cs

@@ -0,0 +1,62 @@
+/*
+ * Copyright (c) 2024 ETH Zürich, IT Services
+ * 
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ */
+
+using System;
+using System.Threading.Tasks;
+using Microsoft.VisualStudio.TestTools.UnitTesting;
+using Moq;
+using SafeExamBrowser.Configuration.Contracts;
+using SafeExamBrowser.Configuration.Contracts.Integrity;
+using SafeExamBrowser.Configuration.Cryptography;
+using SafeExamBrowser.Logging.Contracts;
+
+namespace SafeExamBrowser.Configuration.UnitTests.Cryptography
+{
+	[TestClass]
+	public class KeyGeneratorTests
+	{
+		private AppConfig appConfig;
+		private Mock<IIntegrityModule> integrityModule;
+		private Mock<ILogger> logger;
+		private KeyGenerator sut;
+
+		[TestInitialize]
+		public void Initialize()
+		{
+			appConfig = new AppConfig();
+			integrityModule = new Mock<IIntegrityModule>();
+			logger = new Mock<ILogger>();
+
+			sut = new KeyGenerator(appConfig, integrityModule.Object, logger.Object);
+		}
+
+		[TestMethod]
+		[ExpectedException(typeof(Exception), AllowDerivedTypes = true)]
+		public void CalculateBrowserExamKeyHash_MustFailWithoutUrl()
+		{
+			sut.CalculateBrowserExamKeyHash(default, default, default);
+		}
+
+		[TestMethod]
+		[ExpectedException(typeof(Exception), AllowDerivedTypes = true)]
+		public void CalculateConfigurationKeyHash_MustFailWithoutUrl()
+		{
+			sut.CalculateConfigurationKeyHash(default, default);
+		}
+
+		[TestMethod]
+		public void MustAllowForConcurrentKeyHashCalculation()
+		{
+			Parallel.For(0, 1000, (_) =>
+			{
+				sut.CalculateBrowserExamKeyHash(default, default, "https://www.safeexambrowser.org");
+				sut.CalculateConfigurationKeyHash(default, "https://www.safeexambrowser.org");
+			});
+		}
+	}
+}

SafeExamBrowser.Configuration.UnitTests/Cryptography/PasswordEncryptionTests.cs

@@ -0,0 +1,72 @@
+/*
+ * Copyright (c) 2024 ETH Zürich, IT Services
+ * 
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ */
+
+using System.IO;
+using System.Text;
+using Microsoft.VisualStudio.TestTools.UnitTesting;
+using Moq;
+using SafeExamBrowser.Configuration.Cryptography;
+using SafeExamBrowser.Configuration.Contracts;
+using SafeExamBrowser.Logging.Contracts;
+
+namespace SafeExamBrowser.Configuration.UnitTests.Cryptography
+{
+	[TestClass]
+	public class PasswordEncryptionTests
+	{
+		private Mock<ILogger> logger;
+		private PasswordEncryption sut;
+
+		[TestInitialize]
+		public void Initialize()
+		{
+			logger = new Mock<ILogger>();
+			sut = new PasswordEncryption(logger.Object);
+		}
+
+		[TestMethod]
+		public void MustPerformCorrectly()
+		{
+			var password = "test1234";
+			var message = Encoding.UTF8.GetBytes("A super secret message!");
+			var saveStatus = sut.Encrypt(new MemoryStream(message), password, out var encrypted);
+			var loadStatus = sut.Decrypt(encrypted, password, out var decrypted);
+			var original = new MemoryStream(message);
+
+			decrypted.Seek(0, SeekOrigin.Begin);
+			original.Seek(0, SeekOrigin.Begin);
+
+			while (original.Position < original.Length)
+			{
+				Assert.AreEqual(original.ReadByte(), decrypted.ReadByte());
+			}
+
+			Assert.AreEqual(SaveStatus.Success, saveStatus);
+			Assert.AreEqual(LoadStatus.Success, loadStatus);
+		}
+
+		[TestMethod]
+		public void MustRequestPasswordForDecryption()
+		{
+			var status = sut.Decrypt(new MemoryStream(), null, out _);
+
+			Assert.AreEqual(LoadStatus.PasswordNeeded, status);
+		}
+
+		[TestMethod]
+		public void MustRequestPasswordIfInvalid()
+		{
+			var password = "test1234";
+			var saveStatus = sut.Encrypt(new MemoryStream(Encoding.UTF8.GetBytes("A super secret message!")), password, out var encrypted);
+			var loadStatus = sut.Decrypt(encrypted, "not the correct password", out _);
+
+			Assert.AreEqual(SaveStatus.Success, saveStatus);
+			Assert.AreEqual(LoadStatus.PasswordNeeded, loadStatus);
+		}
+	}
+}

SafeExamBrowser.Configuration.UnitTests/Cryptography/PublicKeyEncryptionTests.cs

@@ -0,0 +1,94 @@
+/*
+ * Copyright (c) 2024 ETH Zürich, IT Services
+ * 
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ */
+
+using System;
+using System.IO;
+using System.Reflection;
+using System.Security.Cryptography.X509Certificates;
+using System.Text;
+using Microsoft.VisualStudio.TestTools.UnitTesting;
+using Moq;
+using SafeExamBrowser.Configuration.Cryptography;
+using SafeExamBrowser.Configuration.Contracts;
+using SafeExamBrowser.Configuration.Contracts.Cryptography;
+using SafeExamBrowser.Logging.Contracts;
+
+namespace SafeExamBrowser.Configuration.UnitTests.Cryptography
+{
+	[TestClass]
+	public class PublicKeyEncryptionTests
+	{
+		private Mock<ILogger> logger;
+		private Mock<ICertificateStore> store;
+		private X509Certificate2 certificate;
+
+		private PublicKeyEncryption sut;
+
+		[TestInitialize]
+		public void Initialize()
+		{
+			logger = new Mock<ILogger>();
+			store = new Mock<ICertificateStore>();
+
+			LoadCertificate();
+			store.Setup(s => s.TryGetCertificateWith(It.IsAny<byte[]>(), out certificate)).Returns(true);
+
+			sut = new PublicKeyEncryption(store.Object, logger.Object);
+		}
+
+		[TestMethod]
+		public void MustPerformCorrectly()
+		{
+			var message = Encoding.UTF8.GetBytes("A super secret message!");
+			var saveStatus = sut.Encrypt(new MemoryStream(message), certificate, out var encrypted);
+			var loadStatus = sut.Decrypt(encrypted, out var decrypted, out _);
+			var original = new MemoryStream(message);
+
+			decrypted.Seek(0, SeekOrigin.Begin);
+			original.Seek(0, SeekOrigin.Begin);
+
+			while (original.Position < original.Length)
+			{
+				Assert.AreEqual(original.ReadByte(), decrypted.ReadByte());
+			}
+
+			Assert.AreEqual(SaveStatus.Success, saveStatus);
+			Assert.AreEqual(LoadStatus.Success, loadStatus);
+		}
+
+		[TestMethod]
+		public void MustFailIfCertificateNotFound()
+		{
+			store.Setup(s => s.TryGetCertificateWith(It.IsAny<byte[]>(), out certificate)).Returns(false);
+
+			var buffer = new byte[20];
+			new Random().NextBytes(buffer);
+			var data = new MemoryStream(buffer);
+			var status = sut.Decrypt(data, out _, out _);
+
+			Assert.AreEqual(LoadStatus.InvalidData, status);
+		}
+
+		/// <summary>
+		/// makecert -sv UnitTestCert.pvk -n "CN=Unit Test Certificate" UnitTestCert.cer -r -pe -sky eXchange
+		/// pvk2pfx -pvk UnitTestCert.pvk -spc UnitTestCert.cer -pfx UnitTestCert.pfx -f
+		/// </summary>
+		private void LoadCertificate()
+		{
+			var path = $"{nameof(SafeExamBrowser)}.{nameof(Configuration)}.{nameof(UnitTests)}.UnitTestCert.pfx";
+
+			using (var stream = Assembly.GetAssembly(GetType()).GetManifestResourceStream(path))
+			{
+				var data = new byte[stream.Length];
+
+				stream.Read(data, 0, (int)stream.Length);
+				certificate = new X509Certificate2(data);
+			}
+		}
+	}
+}

SafeExamBrowser.Configuration.UnitTests/Cryptography/PublicKeySymmetricEncryptionTests.cs

@@ -0,0 +1,96 @@
+/*
+ * Copyright (c) 2024 ETH Zürich, IT Services
+ * 
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ */
+
+using System;
+using System.IO;
+using System.Reflection;
+using System.Security.Cryptography.X509Certificates;
+using System.Text;
+using Microsoft.VisualStudio.TestTools.UnitTesting;
+using Moq;
+using SafeExamBrowser.Configuration.Cryptography;
+using SafeExamBrowser.Configuration.Contracts;
+using SafeExamBrowser.Configuration.Contracts.Cryptography;
+using SafeExamBrowser.Logging.Contracts;
+
+namespace SafeExamBrowser.Configuration.UnitTests.Cryptography
+{
+	[TestClass]
+	public class PublicKeySymmetricEncryptionTests
+	{
+		private Mock<ILogger> logger;
+		private PasswordEncryption passwordEncryption;
+		private Mock<ICertificateStore> store;
+
+		private PublicKeySymmetricEncryption sut;
+		private X509Certificate2 certificate;
+
+		[TestInitialize]
+		public void Initialize()
+		{
+			logger = new Mock<ILogger>();
+			passwordEncryption = new PasswordEncryption(logger.Object);
+			store = new Mock<ICertificateStore>();
+
+			LoadCertificate();
+			store.Setup(s => s.TryGetCertificateWith(It.IsAny<byte[]>(), out certificate)).Returns(true);
+
+			sut = new PublicKeySymmetricEncryption(store.Object, logger.Object, passwordEncryption);
+		}
+
+		[TestMethod]
+		public void MustPerformCorrectly()
+		{
+			var message = Encoding.UTF8.GetBytes("A super secret message!");
+			var saveStatus = sut.Encrypt(new MemoryStream(message), certificate, out var encrypted);
+			var loadStatus = sut.Decrypt(encrypted, out var decrypted, out _);
+			var original = new MemoryStream(message);
+
+			decrypted.Seek(0, SeekOrigin.Begin);
+			original.Seek(0, SeekOrigin.Begin);
+
+			while (original.Position < original.Length)
+			{
+				Assert.AreEqual(original.ReadByte(), decrypted.ReadByte());
+			}
+
+			Assert.AreEqual(SaveStatus.Success, saveStatus);
+			Assert.AreEqual(LoadStatus.Success, loadStatus);
+		}
+
+		[TestMethod]
+		public void MustFailIfCertificateNotFound()
+		{
+			store.Setup(s => s.TryGetCertificateWith(It.IsAny<byte[]>(), out certificate)).Returns(false);
+
+			var buffer = new byte[20];
+			new Random().NextBytes(buffer);
+			var data = new MemoryStream(buffer);
+			var status = sut.Decrypt(data, out _, out _);
+
+			Assert.AreEqual(LoadStatus.InvalidData, status);
+		}
+
+		/// <summary>
+		/// makecert -sv UnitTestCert.pvk -n "CN=Unit Test Certificate" UnitTestCert.cer -r -pe -sky eXchange
+		/// pvk2pfx -pvk UnitTestCert.pvk -spc UnitTestCert.cer -pfx UnitTestCert.pfx -f
+		/// </summary>
+		private void LoadCertificate()
+		{
+			var path = $"{nameof(SafeExamBrowser)}.{nameof(Configuration)}.{nameof(UnitTests)}.UnitTestCert.pfx";
+
+			using (var stream = Assembly.GetAssembly(GetType()).GetManifestResourceStream(path))
+			{
+				var data = new byte[stream.Length];
+
+				stream.Read(data, 0, (int)stream.Length);
+				certificate = new X509Certificate2(data);
+			}
+		}
+	}
+}