public void ReadMeta() { using (var ks = StorageKeySet.Create(GetClientCred(), DefaultContainer, "create1")()) { Expect(ks.Metadata.Name, Is.EqualTo("Create1")); } }
public void RevokeOverwrite() { var testPath = "revoke-override"; using (var writer = CreateNewStorageWriter(DefaultContainer, testPath)) using (var ks = CreateNewKeySetMeta(KeyKind.Symmetric, KeyPurpose.DecryptAndEncrypt)) { int ver = ks.AddKey(KeyStatus.Primary); Expect(ver, Is.EqualTo(1)); var success = ks.Save(writer); Expect(success, Is.True); } WebBase64 origCipherText = null; WebBase64 origKeyId = null; using (var ks = new StorageKeySet(GetClientCred(), DefaultContainer, testPath)) using (var encrypter = new Encrypter(ks)) { origCipherText = encrypter.Encrypt(Input); origKeyId = WebBase64.FromBytes(ks.Metadata.Versions.First().KeyId); } using (var origKs = new StorageKeySet(GetClientCred(), DefaultContainer, testPath)) using (var ks = new MutableKeySet(origKs)) using (var writer = CreateNewStorageWriter(DefaultContainer, testPath)) { var status = ks.Demote(1); Expect(status, Is.EqualTo(KeyStatus.Active)); var status2 = ks.Demote(1); Expect(status2, Is.EqualTo(KeyStatus.Inactive)); var revoked = ks.Revoke(1); Expect(revoked, Is.True); var success = ks.Save(writer); Expect(success, Is.True); } using (var writer = CreateNewStorageWriter(DefaultContainer, testPath)) using (var ks = CreateNewKeySetMeta(KeyKind.Symmetric, KeyPurpose.DecryptAndEncrypt)) { int ver = ks.AddKey(KeyStatus.Primary); Expect(ver, Is.EqualTo(1)); var success = ks.Save(writer); Expect(success, Is.True); } WebBase64 newCipherText = null; using (var ks = new StorageKeySet(GetClientCred(), DefaultContainer, testPath)) using (var encrypter = new Encrypter(ks)) { newCipherText = encrypter.Encrypt(Input); } using (var ks = StorageKeySet.Create(GetClientCred(), DefaultContainer, testPath)()) { var newKeyId = WebBase64.FromBytes(ks.Metadata.Versions.First().KeyId); var prefix = new byte[KeyczarConst.KeyHashLength]; Array.Copy(newCipherText.ToBytes(), 1, prefix, 0, prefix.Length); Expect(prefix, Is.Not.EqualTo(origKeyId.ToBytes())); Expect(prefix, Is.EqualTo(newKeyId.ToBytes())); } }