public DataProtectionKeyValueConverter(FileAccess access)
: base(access)
{
var provider = DataProtectionProvider.CreateAzureDataProtector();
_dataProtector = provider.CreateProtector("function-secrets");
}
public static Tuple <string, string>[] GenerateSecretStringsKeyPair(int number)
{
var unencryptedToEncryptedKeyPair = new Tuple <string, string> [number];
var protector = DataProtectionProvider.CreateAzureDataProtector().CreateProtector(DefaultProtectorPurpose);
for (int i = 0; i < number; i++)
{
string unencryptedKey = GenerateSecretString();
unencryptedToEncryptedKeyPair[i] = new Tuple <string, string>(unencryptedKey, protector.Protect(unencryptedKey));
}
return(unencryptedToEncryptedKeyPair);
}
public static string DecryptSecretString(string content)
{
try
{
var protector = DataProtectionProvider.CreateAzureDataProtector().CreateProtector(DefaultProtectorPurpose);
return(protector.Unprotect(content));
}
catch (CryptographicException ex)
{
throw new FormatException($"unable to decrypt {content}, the key is either invalid or malformed", ex);
}
}
public void EncryptedValue_CanBeDecrypted()
{
using (var variables = new TestScopedEnvironmentVariable(Constants.AzureWebsiteLocalEncryptionKey, "0F75CA46E7EBDD39E4CA6B074D1F9A5972B849A55F91A248"))
{
var provider = DataProtectionProvider.CreateAzureDataProtector(null, true);
var protector = provider.CreateProtector("test");
string expected = "test string";
string encrypted = protector.Protect(expected);
string result = protector.Unprotect(encrypted);
Assert.Equal(expected, result);
}
}
public static string DecryptSecretString(string content)
{
var protector = DataProtectionProvider.CreateAzureDataProtector().CreateProtector(DefaultProtectorPurpose);
return(protector.Unprotect(content));
}