private void TestAsymmetricEncryptionWithKeystore(Keystore correctKeystore, string correctKeyContainerName, Keystore wrongKeystore, string wrongKeyContainerName)
{
CleanupKeystores();
byte[] plainBytes = ByteUtil.Utf8NoBOM.GetBytes("Secret String For Testing");
try
{
// Key should be automatically generated
byte[] encryptedBytes = AsymmetricEncryption.EncryptWithKeyFromKeystore(correctKeystore, correctKeyContainerName, plainBytes);
Assert.IsFalse(ByteUtil.ByteArraysMatch(plainBytes, encryptedBytes));
byte[] decryptedBytes = AsymmetricEncryption.DecryptWithKeyFromKeystore(correctKeystore, correctKeyContainerName, encryptedBytes);
Assert.IsTrue(ByteUtil.ByteArraysMatch(plainBytes, decryptedBytes));
// Key should be retrievable from correct keystore
string publicKeyLoaded = AsymmetricEncryption.GetKeyFromKeystore(correctKeystore, correctKeyContainerName, false);
Assert.IsNotNull(publicKeyLoaded);
// Key should NOT be retrievable from incorrect keystore
string publicKeyFromWrongKeystore = AsymmetricEncryption.GetKeyFromKeystore(wrongKeystore, correctKeyContainerName, false);
Assert.IsNull(publicKeyFromWrongKeystore);
Assert.IsTrue(KeystoreContainsKeyContainer(correctKeystore, correctKeyContainerName));
Assert.IsFalse(KeystoreContainsKeyContainer(wrongKeystore, correctKeyContainerName));
Assert.IsFalse(KeystoreContainsKeyContainer(correctKeystore, wrongKeyContainerName));
Assert.IsFalse(KeystoreContainsKeyContainer(wrongKeystore, wrongKeyContainerName));
// Test encryption using exported public key.
byte[] encryptedBytes2 = AsymmetricEncryption.EncryptWithKey(publicKeyLoaded, plainBytes);
Assert.IsFalse(ByteUtil.ByteArraysMatch(plainBytes, encryptedBytes2));
byte[] decryptedBytes2 = AsymmetricEncryption.DecryptWithKeyFromKeystore(correctKeystore, correctKeyContainerName, encryptedBytes2);
Assert.IsTrue(ByteUtil.ByteArraysMatch(plainBytes, decryptedBytes2));
// Should be possible to replace existing keys by calling GenerateNewKeysInKeystore
AsymmetricEncryption.GenerateNewKeysInKeystore(correctKeystore, correctKeyContainerName, out string publicKey2);
Assert.AreNotEqual(publicKeyLoaded, publicKey2);
// Getting the key should now return the new key
string publicKeyLoaded2 = AsymmetricEncryption.GetKeyFromKeystore(correctKeystore, correctKeyContainerName, false);
Assert.AreEqual(publicKey2, publicKeyLoaded2);
// Delete the key
AsymmetricEncryption.DeletePublicKeyFromKeystore(correctKeystore, correctKeyContainerName);
Assert.IsNull(AsymmetricEncryption.GetKeyFromKeystore(correctKeystore, correctKeyContainerName, false));
// Try to generate a new one using the "Get" method.
string publicKeyLoaded3 = AsymmetricEncryption.GetKeyFromKeystore(correctKeystore, correctKeyContainerName, true);
Assert.AreNotEqual(publicKeyLoaded, publicKeyLoaded3);
Assert.AreNotEqual(publicKey2, publicKeyLoaded3);
}
finally
{
AsymmetricEncryption.DeletePublicKeyFromKeystore(correctKeystore, correctKeyContainerName);
Assert.IsFalse(KeystoreContainsKeyContainer(correctKeystore, correctKeyContainerName));
// Confirm the delete can be done redundantly without negative effect
AsymmetricEncryption.DeletePublicKeyFromKeystore(correctKeystore, correctKeyContainerName);
Assert.IsFalse(KeystoreContainsKeyContainer(correctKeystore, correctKeyContainerName));
Assert.IsFalse(KeystoreContainsKeyContainer(wrongKeystore, correctKeyContainerName));
Assert.IsFalse(KeystoreContainsKeyContainer(correctKeystore, wrongKeyContainerName));
Assert.IsFalse(KeystoreContainsKeyContainer(wrongKeystore, wrongKeyContainerName));
}
}
