public void TestKeyWrapConstructorWithBadArgument() { KeyWrap keyWrap = new KeyWrap(6, KeyWrapMode.Specification); Assert.Throws <InternalErrorException>(() => { keyWrap.Unwrap(new V1AesCrypto(new V1Aes128CryptoFactory(), _keyEncryptingKey, SymmetricIV.Zero128), _keyData.GetBytes()); }, "Calling with too short wrapped data."); Assert.Throws <InternalErrorException>(() => { keyWrap = new KeyWrap(5, KeyWrapMode.AxCrypt); }, "Calling with too few iterations."); Assert.Throws <InternalErrorException>(() => { keyWrap = new KeyWrap(0, KeyWrapMode.AxCrypt); }, "Calling with zero (too few) iterations."); Assert.Throws <InternalErrorException>(() => { keyWrap = new KeyWrap(-100, KeyWrapMode.AxCrypt); }, "Calling with negative number of iterations."); Assert.Throws <InternalErrorException>(() => { keyWrap = new KeyWrap(6, (KeyWrapMode)9999); }, "Calling with bogus KeyWrapMode."); Assert.Throws <ArgumentNullException>(() => { keyWrap = new KeyWrap(null, 6, KeyWrapMode.Specification); }, "Calling with null salt argument."); }
public byte[] UnwrapMasterKey(SymmetricKey keyEncryptingKey, byte fileVersionMajor) { if (keyEncryptingKey == null) { throw new ArgumentNullException("keyEncryptingKey"); } byte[] wrappedKeyData = GetKeyData(); Salt salt = Salt; SymmetricKey masterKeyEncryptingKey = keyEncryptingKey; if (fileVersionMajor <= 1) { // Due to a bug in 1.1 and earlier we only used a truncated part of the key and salt :-( // Compensate for this here. Users should be warned if FileVersionMajor <= 1 . byte[] badKey = new byte[masterKeyEncryptingKey.Size / 8]; Array.Copy(keyEncryptingKey.GetBytes(), 0, badKey, 0, 4); masterKeyEncryptingKey = new SymmetricKey(badKey); byte[] badSalt = new byte[salt.Length]; Array.Copy(salt.GetBytes(), 0, badSalt, 0, 4); salt = new Salt(badSalt); } KeyWrap keyWrap = new KeyWrap(salt, KeyWrapIterations, KeyWrapMode.AxCrypt); byte[] unwrappedKeyData = keyWrap.Unwrap(Resolve.CryptoFactory.Legacy.CreateCrypto(masterKeyEncryptingKey, null, 0), wrappedKeyData); return(unwrappedKeyData); }
public byte[] UnwrapMasterKey(AesKey keyEncryptingKey, byte fileVersionMajor) { byte[] wrappedKeyData = GetKeyData(); KeyWrapSalt salt = Salt; if (fileVersionMajor <= 1) { // Due to a bug in 1.1 and earlier we only used a truncated part of the key and salt :-( // Compensate for this here. Users should be warned if FileVersionMajor <= 1 . byte[] badKey = new byte[keyEncryptingKey.Length]; Array.Copy(keyEncryptingKey.GetBytes(), 0, badKey, 0, 4); keyEncryptingKey = new AesKey(badKey); byte[] badSalt = new byte[salt.Length]; Array.Copy(salt.GetBytes(), 0, badSalt, 0, 4); salt = new KeyWrapSalt(badSalt); } byte[] unwrappedKeyData; using (KeyWrap keyWrap = new KeyWrap(keyEncryptingKey, salt, Iterations, KeyWrapMode.AxCrypt)) { unwrappedKeyData = keyWrap.Unwrap(wrappedKeyData); } return(unwrappedKeyData); }
public void TestUnwrap() { byte[] unwrapped; KeyWrap keyWrap = new KeyWrap(6, KeyWrapMode.Specification); unwrapped = keyWrap.Unwrap(new V1AesCrypto(new V1Aes128CryptoFactory(), _keyEncryptingKey, SymmetricIV.Zero128), _wrapped); Assert.That(unwrapped, Is.EquivalentTo(_keyData.GetBytes()), "Unwrapped the wrong data"); }
public void TestKeyWrapConstructorWithBadArgument() { using (KeyWrap keyWrap = new KeyWrap(_keyEncryptingKey, 6, KeyWrapMode.Specification)) { Assert.Throws <InternalErrorException>(() => { keyWrap.Unwrap(_keyData.GetBytes()); }, "Calling with too short wrapped data."); } Assert.Throws <InternalErrorException>(() => { using (KeyWrap keyWrap = new KeyWrap(_keyEncryptingKey, new KeyWrapSalt(32), 6, KeyWrapMode.AxCrypt)) { } }, "Calling with too long salt."); Assert.Throws <InternalErrorException>(() => { using (KeyWrap keyWrap = new KeyWrap(_keyEncryptingKey, 5, KeyWrapMode.AxCrypt)) { } }, "Calling with too few iterations."); Assert.Throws <InternalErrorException>(() => { using (KeyWrap keyWrap = new KeyWrap(_keyEncryptingKey, 0, KeyWrapMode.AxCrypt)) { } }, "Calling with zero (too few) iterations."); Assert.Throws <InternalErrorException>(() => { using (KeyWrap keyWrap = new KeyWrap(_keyEncryptingKey, -100, KeyWrapMode.AxCrypt)) { } }, "Calling with negative number of iterations."); Assert.Throws <InternalErrorException>(() => { using (KeyWrap keyWrap = new KeyWrap(_keyEncryptingKey, 6, (KeyWrapMode)9999)) { } }, "Calling with bogus KeyWrapMode."); Assert.Throws <ArgumentNullException>(() => { using (KeyWrap keyWrap = new KeyWrap(null, new KeyWrapSalt(16), 6, KeyWrapMode.AxCrypt)) { } }, "Calling with null key argument."); Assert.Throws <ArgumentNullException>(() => { using (KeyWrap keyWrap = new KeyWrap(_keyEncryptingKey, null, 6, KeyWrapMode.Specification)) { } }, "Calling with null salt argument."); }
public void TestUnwrap() { byte[] unwrapped; using (KeyWrap keyWrap = new KeyWrap(_keyEncryptingKey, 6, KeyWrapMode.Specification)) { unwrapped = keyWrap.Unwrap(_wrapped); } Assert.That(unwrapped, Is.EquivalentTo(_keyData.GetBytes()), "Unwrapped the wrong data"); }
public void TestWrapAndUnwrapAxCryptMode() { SymmetricKey keyToWrap = new SymmetricKey(new byte[] { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15 }); Salt salt = new Salt(new byte[] { 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31 }); long keyWrapIterations = 12345; byte[] wrapped; KeyWrap keyWrap = new KeyWrap(salt, keyWrapIterations, KeyWrapMode.AxCrypt); wrapped = keyWrap.Wrap(new V1AesCrypto(new V1Aes128CryptoFactory(), _keyEncryptingKey, SymmetricIV.Zero128), keyToWrap); byte[] unwrapped; keyWrap = new KeyWrap(salt, keyWrapIterations, KeyWrapMode.AxCrypt); unwrapped = keyWrap.Unwrap(new V1AesCrypto(new V1Aes128CryptoFactory(), _keyEncryptingKey, SymmetricIV.Zero128), wrapped); Assert.That(unwrapped, Is.EquivalentTo(keyToWrap.GetBytes()), "The unwrapped data should be equal to original."); }
public void TestUnwrapFromSimpleFile() { using (Stream testStream = FakeRuntimeFileInfo.ExpandableMemoryStream(Resources.helloworld_key_a_txt)) { KeyWrap1HeaderBlock keyWrapHeaderBlock = null; using (AxCryptReader axCryptReader = AxCryptReader.Create(testStream)) { int headers = 0; while (axCryptReader.Read()) { switch (axCryptReader.CurrentItemType) { case AxCryptItemType.None: break; case AxCryptItemType.MagicGuid: break; case AxCryptItemType.HeaderBlock: if (axCryptReader.CurrentHeaderBlock.HeaderBlockType == HeaderBlockType.KeyWrap1) { keyWrapHeaderBlock = (KeyWrap1HeaderBlock)axCryptReader.CurrentHeaderBlock; ++headers; } break; case AxCryptItemType.Data: break; case AxCryptItemType.EndOfStream: break; default: break; } } Assert.That(headers, Is.EqualTo(1), "We're expecting exactly one KeyWrap1 block to be found!"); byte[] wrapped = keyWrapHeaderBlock.GetKeyData(); using (KeyWrap keyWrap = new KeyWrap(new Passphrase("a").DerivedPassphrase, keyWrapHeaderBlock.Salt, keyWrapHeaderBlock.Iterations, KeyWrapMode.AxCrypt)) { byte[] unwrapped = keyWrap.Unwrap(wrapped); Assert.That(unwrapped.Length, Is.Not.EqualTo(0), "An unwrapped key is invalid if it is returned as a zero-length array."); } } } }
private byte[] UnwrapMasterKeyData() { if (_keyEncryptingKey == null) { return(new byte[0]); } byte[] saltBytes = new byte[_keyEncryptingKey.DerivedKey.Size / 8]; Array.Copy(GetDataBlockBytesReference(), WRAP_SALT_OFFSET, saltBytes, 0, saltBytes.Length); Salt salt = new Salt(saltBytes); KeyWrap keyWrap = new KeyWrap(salt, KeyWrapIterations, KeyWrapMode.Specification); ICrypto crypto = _cryptoFactory.CreateCrypto(_keyEncryptingKey.DerivedKey, null, 0); byte[] wrappedKeyData = GetKeyData(crypto.BlockLength, _keyEncryptingKey.DerivedKey.Size / 8); return(keyWrap.Unwrap(crypto, wrappedKeyData)); }
public void TestUnwrapFromSimpleFile() { using (Stream testStream = FakeDataStore.ExpandableMemoryStream(Resources.helloworld_key_a_txt)) { V1KeyWrap1HeaderBlock keyWrapHeaderBlock = null; using (V1AxCryptReader axCryptReader = new V1AxCryptReader(new LookAheadStream(testStream))) { int headers = 0; while (axCryptReader.Read()) { switch (axCryptReader.CurrentItemType) { case AxCryptItemType.None: break; case AxCryptItemType.MagicGuid: break; case AxCryptItemType.HeaderBlock: if (axCryptReader.CurrentHeaderBlock.HeaderBlockType == HeaderBlockType.KeyWrap1) { keyWrapHeaderBlock = (V1KeyWrap1HeaderBlock)axCryptReader.CurrentHeaderBlock; ++headers; } break; case AxCryptItemType.Data: break; case AxCryptItemType.EndOfStream: break; default: break; } } Assert.That(headers, Is.EqualTo(1), "We're expecting exactly one KeyWrap1 block to be found!"); byte[] wrapped = keyWrapHeaderBlock.GetKeyData(); KeyWrap keyWrap = new KeyWrap(keyWrapHeaderBlock.Salt, keyWrapHeaderBlock.KeyWrapIterations, KeyWrapMode.AxCrypt); byte[] unwrapped = keyWrap.Unwrap(new V1AesCrypto(new V1Aes128CryptoFactory(), new V1DerivedKey(new Passphrase("a")).DerivedKey, SymmetricIV.Zero128), wrapped); Assert.That(unwrapped.Length, Is.Not.EqualTo(0), "An unwrapped key is invalid if it is returned as a zero-length array."); } } }
public void TestWrapAndUnwrapAxCryptMode() { AesKey keyToWrap = new AesKey(new byte[] { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15 }); AesKey keyEncryptingKey = new AesKey(new byte[] { 15, 14, 13, 12, 11, 10, 9, 8, 7, 6, 5, 4, 3, 2, 1, 0 }); KeyWrapSalt salt = new KeyWrapSalt(new byte[] { 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31 }); long iterations = 12345; byte[] wrapped; using (KeyWrap keyWrap = new KeyWrap(keyEncryptingKey, salt, iterations, KeyWrapMode.AxCrypt)) { wrapped = keyWrap.Wrap(keyToWrap); } byte[] unwrapped; using (KeyWrap keyWrap = new KeyWrap(keyEncryptingKey, salt, iterations, KeyWrapMode.AxCrypt)) { unwrapped = keyWrap.Unwrap(wrapped); } Assert.That(unwrapped, Is.EquivalentTo(keyToWrap.GetBytes()), "The unwrapped data should be equal to original."); }
public static void TestDispose() { KeyWrap keyWrap = new KeyWrap(_keyEncryptingKey, 6, KeyWrapMode.Specification); keyWrap.Dispose(); Assert.Throws <ObjectDisposedException>(() => { keyWrap.Wrap(new AesKey()); }); Assert.Throws <ObjectDisposedException>(() => { keyWrap.Unwrap(new byte[16 + 8]); }); Assert.DoesNotThrow(() => { keyWrap.Dispose(); }); }
public void TestUnwrapWithBadArgument() { KeyWrap keyWrap = new KeyWrap(100, KeyWrapMode.Specification); Assert.Throws <InternalErrorException>(() => keyWrap.Unwrap(new V2AesCrypto(SymmetricKey.Zero256, SymmetricIV.Zero128, 0), new byte[25])); }