Unit test file decryption

TelegramBots · Sep 2, 2018 · 23f2797 · 23f2797
1 parent 77f9cff
commit 23f2797
Show file tree

Hide file tree

Showing 3 changed files with 404 additions and 25 deletions.
diff --git a/src/Telegram.Bot.Extensions.Passport/Decryption/Decrypter.cs b/src/Telegram.Bot.Extensions.Passport/Decryption/Decrypter.cs
@@ -89,53 +89,60 @@ DataCredentials dataCredentials
         }
 
         /// <inheritdoc />
-        public Task DecryptFileAsync(
-            Stream encryptedContent,
-            FileCredentials fileCredentials,
-            Stream destination,
-            CancellationToken cancellationToken = default
+        public byte[] DecryptFile(
+            byte[] encryptedContent,
+            FileCredentials fileCredentials
         )
         {
             if (encryptedContent is null)
                 throw new ArgumentNullException(nameof(encryptedContent));
             if (fileCredentials is null)
                 throw new ArgumentNullException(nameof(fileCredentials));
-            if (!encryptedContent.CanRead)
-                throw new ArgumentException("Stream does not support reading.", nameof(encryptedContent));
-            if (encryptedContent.CanSeek && encryptedContent.Length % 16 != 0)
+            if (encryptedContent.Length % 16 != 0)
                 throw new PassportDataDecryptionException($"Invalid data length: {encryptedContent.Length}");
-            if (!destination.CanWrite)
-                throw new ArgumentException("Stream does not support writing.", nameof(destination));
 
             byte[] dataSecret = Convert.FromBase64String(fileCredentials.Secret);
             byte[] dataHash = Convert.FromBase64String(fileCredentials.FileHash);
 
             if (dataHash.Length != 32)
                 throw new PassportDataDecryptionException($"Invalid hash length: {dataHash.Length}");
 
-            return DecryptDataStreamAsync(encryptedContent, dataSecret, dataHash, destination, cancellationToken);
+            return DecryptDataBytes(encryptedContent, dataSecret, dataHash);
         }
 
         /// <inheritdoc />
-        public byte[] DecryptFile(
-            byte[] encryptedContent,
-            FileCredentials fileCredentials
+        public Task DecryptFileAsync(
+            Stream encryptedContent,
+            FileCredentials fileCredentials,
+            Stream destination,
+            CancellationToken cancellationToken = default
         )
         {
             if (encryptedContent is null)
                 throw new ArgumentNullException(nameof(encryptedContent));
             if (fileCredentials is null)
                 throw new ArgumentNullException(nameof(fileCredentials));
-            if (encryptedContent.Length % 16 != 0)
-                throw new PassportDataDecryptionException($"Invalid data length: {encryptedContent.Length}");
+            if (fileCredentials.Secret is null)
+                throw new ArgumentNullException(nameof(fileCredentials.Secret));
+            if (fileCredentials.FileHash is null)
+                throw new ArgumentNullException(nameof(fileCredentials.FileHash));
+            if (destination is null)
+                throw new ArgumentNullException(nameof(destination));
+            if (!encryptedContent.CanRead)
+                throw new ArgumentException("Stream does not support reading.", nameof(encryptedContent));
+            if (encryptedContent.CanSeek && encryptedContent.Length % 16 != 0)
+                throw new PassportDataDecryptionException
+                    ($"Length of padded data is not divisible by 16: {encryptedContent.Length}.");
+            if (!destination.CanWrite)
+                throw new ArgumentException("Stream does not support writing.", nameof(destination));
 
             byte[] dataSecret = Convert.FromBase64String(fileCredentials.Secret);
             byte[] dataHash = Convert.FromBase64String(fileCredentials.FileHash);
 
             if (dataHash.Length != 32)
-                throw new PassportDataDecryptionException($"Invalid hash length: {dataHash.Length}");
+                throw new PassportDataDecryptionException($"file hash has invalid length: {dataHash.Length}.");
 
-            return DecryptDataBytes(encryptedContent, dataSecret, dataHash);
+            return DecryptDataStreamAsync(encryptedContent, dataSecret, dataHash, destination, cancellationToken);
         }
 
         private static async Task DecryptDataStreamAsync(
@@ -157,8 +164,8 @@ CancellationToken cancellationToken
                 aes.IV = dataIv;
                 aes.Padding = PaddingMode.None;
 
-                using (var decryptor = aes.CreateDecryptor())
-                using (CryptoStream aesStream = new CryptoStream(data, decryptor, CryptoStreamMode.Read))
+                using (var decrypter = aes.CreateDecryptor())
+                using (CryptoStream aesStream = new CryptoStream(data, decrypter, CryptoStreamMode.Read))
                 using (var sha256 = SHA256.Create())
                 using (CryptoStream shaStream = new CryptoStream(aesStream, sha256, CryptoStreamMode.Read))
                 {
@@ -168,11 +175,12 @@ CancellationToken cancellationToken
 
                     byte paddingLength = paddingBuffer[0];
                     if (paddingLength < 32)
-                        throw new PassportDataDecryptionException("Invalid data padding length");
+                        throw new PassportDataDecryptionException($"Data has invalid padding length: {paddingLength}.");
 
                     int actualDataLength = read - paddingLength;
                     if (actualDataLength < 1)
-                        throw new PassportDataDecryptionException("Invalid data");
+                        // ToDo test
+                        throw new PassportDataDecryptionException($"Data has invalid length: {actualDataLength}.");
 
                     await destination.WriteAsync(paddingBuffer, paddingLength, actualDataLength, cancellationToken)
                         .ConfigureAwait(false);
@@ -187,7 +195,7 @@ await shaStream.CopyToAsync(destination, defaultBufferSize, cancellationToken)
                     for (int i = 0; i < hash.Length; i++)
                     {
                         if (hash[i] != paddedDataHash[i])
-                            throw new PassportDataDecryptionException("Data hash mismatch");
+                            throw new PassportDataDecryptionException($"Data hash mismatch at position {i}.");
                     }
                 }
             }
@@ -235,7 +243,7 @@ private static byte[] DecryptDataBytes(byte[] data, byte[] secret, byte[] hash)
                 for (int i = 0; i < hash.Length; i++)
                 {
                     if (hash[i] != paddedDataHash[i])
-                        throw new PassportDataDecryptionException("Data hash mismatch");
+                        throw new PassportDataDecryptionException("Data hash mismatch.");
                 }
             }
 

diff --git a/test/IntegrationTests/Passport Element Errors/Identity Card Error Tests.cs b/test/IntegrationTests/Passport Element Errors/Identity Card Error Tests.cs
@@ -75,7 +75,8 @@ await BotClient.SendTextMessageAsync(
 
             RSA key = EncryptionKey.ReadAsRsa();
             IDecrypter decrypter = new Decrypter();
-            Credentials credentials = decrypter.DecryptCredentials(key, passportUpdate.Message.PassportData.Credentials);
+            Credentials credentials =
+                decrypter.DecryptCredentials(key, passportUpdate.Message.PassportData.Credentials);
 
             Assert.Equal("Test nonce for identity card", credentials.Nonce);