Got rid of the DTOs, properly created the Authorization and MasterKey…

… objects, wrote tests and refactored other tests

src/PassFruit.Security.Cryptography.Net45/Net45HmacSha256.cs

@@ -9,15 +9,8 @@ namespace PassFruit.Security.Cryptography.Net45
     public class Net45HmacSha256 : HmacSha256
     {
 
-        public Net45HmacSha256()
-            : base(new Net45RandomNumberGenerator())
+        protected override byte[] PlatformSpecificCompute(byte[] message, byte[] key)
         {
-
-        }
-
-        public override byte[] Compute(byte[] message, byte[] key)
-        {
-            // ToDo: Check input
             using (var hmacsha256 = new HMACSHA256(key))
             {
                 return hmacsha256.ComputeHash(message);

src/PassFruit.Security.Cryptography.Net45/Net45Pbkdf2.cs

@@ -16,9 +16,8 @@ public Net45Pbkdf2()
 
         }
 
-        public override byte[] Compute(byte[] password, byte[] salt, int iterations)
+        protected override byte[] PlatformSpecificCompute(byte[] password, byte[] salt, int iterations)
         {
-            // ToDo: Check input
             using (var keyGenerator = new Rfc2898DeriveBytes(password, salt, iterations))
             {
                 return keyGenerator.GetBytes(Aes.KeySizeInBits / 8);

src/PassFruit.Security.Cryptography.Net45/Net45RandomNumberGenerator.cs

@@ -9,7 +9,7 @@ namespace PassFruit.Security.Cryptography.Net45
     public class Net45RandomNumberGenerator : RandomNumberGenerator
     {
 
-        public override byte[] Generate(int sizeInBits)
+        protected override byte[] PlatformSpecificGenerate(int sizeInBits)
         {
 
             using (var randomNumberGenerator = System.Security.Cryptography.RandomNumberGenerator.Create())

src/PassFruit.Security/Authorization.cs

@@ -0,0 +1,42 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Text;
+using PassFruit.Security.Cryptography;
+
+namespace PassFruit.Security
+{
+    public class Authorization
+    {
+
+        private const string AuthorizedMessage = "AUTHORIZED";
+
+        /// <summary>
+        /// A new message is generated by encrypting a hard coded value with the provided Master Key and random 
+        /// generated Initialization Vector.
+        /// The message is then passed to the hashing function and the key used is the provided Master Key.
+        /// </summary>
+        public Authorization(MasterKey masterKey, Aes aes, HmacSha256 hmacSha256)
+            : this(masterKey, aes.GenerateInitializationVector(), aes, hmacSha256)
+        {
+
+        }
+
+        /// <summary>
+        /// A message is generated by encrypting a hard coded value with the provided Master Key and 
+        /// Initialization Vector.
+        /// The message is then passed to the hashing function and the key used is the provided Master Key.
+        /// </summary>
+        public Authorization(MasterKey masterKey, byte[] initializationVector, Aes aes, HmacSha256 hmacSha256)
+        {
+            InitializationVector = initializationVector;
+            var ciphertext = aes.Encrypt(AuthorizedMessage, masterKey.SecretKey, initializationVector);
+            Hmac = hmacSha256.Compute(ciphertext, masterKey.SecretKey);
+        }
+
+        public byte[] InitializationVector { get; private set; }
+
+        public byte[] Hmac { get; private set; }
+
+    }
+}

src/PassFruit.Security/Cryptography/HmacSha256.cs

@@ -8,17 +8,14 @@ namespace PassFruit.Security.Cryptography
     public abstract class HmacSha256
     {
 
-        private readonly RandomNumberGenerator _randomNumberGenerator;
-
-        public const int KeySizeInBits = 512;
         public const int HmacSizeInBits = 256;
 
-        protected HmacSha256(RandomNumberGenerator randomNumberGenerator)
+        public byte[] Compute(byte[] message, byte[] key)
         {
-            _randomNumberGenerator = randomNumberGenerator;
+            return PlatformSpecificCompute(message, key);
         }
 
-        public abstract byte[] Compute(byte[] message, byte[] key);
+        protected abstract byte[] PlatformSpecificCompute(byte[] message, byte[] key);
 
     }
 }

src/PassFruit.Security/Cryptography/Pbkdf2.cs

@@ -14,6 +14,7 @@ public abstract class Pbkdf2
     {
 
         public const int SaltSizeInBits = 256;
+        public const int MinumumIterations = 10;
 
         private readonly RandomNumberGenerator _randomNumberGenerator;
 
@@ -27,7 +28,20 @@ public byte[] Compute(string password, byte[] salt, int iterations)
             return Compute(Encoding.UTF8.GetBytes(password), salt, iterations);
         }
 
-        public abstract byte[] Compute(byte[] password, byte[] salt, int iterations);
+        public byte[] Compute(byte[] password, byte[] salt, int iterations)
+        {
+            if (salt == null || salt.Length != SaltSizeInBits / 8)
+            {
+                throw new ArgumentException("The salt size must be " + SaltSizeInBits + " bits", "salt");
+            }
+            if (iterations < MinumumIterations)
+            {
+                throw new ArgumentException("The minimum number of iteration is " + MinumumIterations, "iterations");
+            }
+            return PlatformSpecificCompute(password, salt, iterations);
+        }
+
+        protected abstract byte[] PlatformSpecificCompute(byte[] password, byte[] salt, int iterations);
 
         public byte[] GenerateSalt()
         {

src/PassFruit.Security/Cryptography/RandomNumberGenerator.cs

@@ -7,8 +7,18 @@ namespace PassFruit.Security.Cryptography
 {
     public abstract class RandomNumberGenerator
     {
+        private const int MinimumSizeInBits = 128;
 
-        public abstract byte[] Generate(int sizeInBits);
+        public byte[] Generate(int sizeInBits)
+        {
+            if (sizeInBits < MinimumSizeInBits)
+            {
+                throw new ArgumentException("The minimum size that can be generated is " + MinimumSizeInBits + " bits", "sizeInBits");
+            }
+            return  PlatformSpecificGenerate(sizeInBits);
+        }
+
+        protected abstract byte[] PlatformSpecificGenerate(int sizeInBits);
 
     }
 }

src/PassFruit.Security/EncryptedData.cs

@@ -0,0 +1,22 @@
+namespace PassFruit.Security
+{
+    public class EncryptedData
+    {
+        public EncryptedData(byte[] salt, byte[] initializationVector, int iterations, byte[] ciphertext)
+        {
+            Ciphertext = ciphertext;
+            Iterations = iterations;
+            InitializationVector = initializationVector;
+            Salt = salt;
+        }
+
+        public byte[] Salt { get; private set; }
+
+        public byte[] InitializationVector { get; private set; }
+
+        public int Iterations { get; private set; }
+
+        public byte[] Ciphertext { get; private set; }
+
+    }
+}

src/PassFruit.Security/Encryptor.cs

@@ -19,22 +19,16 @@ public Encryptor(Pbkdf2 pbkdf2, Aes aes)
             _aes = aes;
         }
 
-        public EncryptedDataDto EncryptData(string message, byte[] masterKey, int dataKeyIterations)
+        public EncryptedData EncryptData(string message, byte[] masterKey, int dataKeyIterations)
         {
             var salt = _pbkdf2.GenerateSalt();
             var dataKey = _pbkdf2.Compute(masterKey, salt, dataKeyIterations);
             var initializationVector = _aes.GenerateInitializationVector();
-            var ciphertext = _aes.Encrypt(message, dataKey, initializationVector); ;
-            return new EncryptedDataDto
-            {
-                Iterations = dataKeyIterations,
-                Salt = salt,
-                InitializationVector = initializationVector,
-                Ciphertext = ciphertext
-            };
+            var ciphertext = _aes.Encrypt(message, dataKey, initializationVector);
+            return new EncryptedData(salt, initializationVector, dataKeyIterations, ciphertext);
         }
 
-        public string DecryptData(EncryptedDataDto encryptedData, byte[] masterKey)
+        public string DecryptData(EncryptedData encryptedData, byte[] masterKey)
         {
             var dataKey = _pbkdf2.Compute(masterKey, encryptedData.Salt, encryptedData.Iterations);
             var message = _aes.Decrypt(encryptedData.Ciphertext, dataKey, encryptedData.InitializationVector);

src/PassFruit.Security/MasterKey.cs

@@ -0,0 +1,35 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Text;
+using PassFruit.Security.Cryptography;
+
+namespace PassFruit.Security
+{
+    public class MasterKey
+    {
+
+        public MasterKey(string secretPassword, int iterations, Pbkdf2 pbkdf2)
+            : this(secretPassword, pbkdf2.GenerateSalt(), iterations, pbkdf2)
+        {
+
+        }
+
+        public MasterKey(string secretPassword, byte[] salt, int iterations, Pbkdf2 pbkdf2)
+        {
+            Salt = salt;
+            SecretKey = pbkdf2.Compute(secretPassword, Salt, iterations);
+            Iterations = iterations;
+        }
+
+        /// <summary>
+        /// The value of the SecretKey should never be stored locally or transmitted on the wire
+        /// </summary>
+        public byte[] SecretKey { get; private set; }
+
+        public byte[] Salt { get; private set; }
+
+        public int Iterations { get; private set; }
+
+    }
+}

src/PassFruit.Security/PassFruit.Security.csproj

@@ -36,16 +36,16 @@
     <!-- A reference to the entire .NET Framework is automatically included -->
   </ItemGroup>
   <ItemGroup>
-    <Compile Include="AuthorizationDto.cs" />
-    <Compile Include="Authorizer.cs" />
+    <Compile Include="Authorization.cs" />
     <Compile Include="Cryptography\Aes.cs" />
     <Compile Include="Cryptography\HmacSha256.cs" />
     <Compile Include="Cryptography\Pbkdf2.cs" />
     <Compile Include="Cryptography\RandomNumberGenerator.cs" />
-    <Compile Include="EncryptedDataDto.cs">
+    <Compile Include="EncryptedData.cs">
       <SubType>Code</SubType>
     </Compile>
     <Compile Include="Encryptor.cs" />
+    <Compile Include="MasterKey.cs" />
     <Compile Include="Properties\AssemblyInfo.cs" />
   </ItemGroup>
   <Import Project="$(MSBuildExtensionsPath32)\Microsoft\Portable\$(TargetFrameworkVersion)\Microsoft.Portable.CSharp.targets" />