private void RoundTripGeneric(string testData, AeadEnvelopeCrypto aeadEnvelopeCrypto) { CryptoPolicy cryptoPolicy = new DummyCryptoPolicy(); using (SecureCryptoKeyDictionary <DateTimeOffset> secureCryptoKeyDictionary = new SecureCryptoKeyDictionary <DateTimeOffset>(cryptoPolicy.GetRevokeCheckPeriodMillis())) { IEnvelopeEncryption <JObject> envelopeEncryptionJsonImpl = new EnvelopeEncryptionJsonImpl( partition, metastore, secureCryptoKeyDictionary, new SecureCryptoKeyDictionary <DateTimeOffset>(cryptoPolicy.GetRevokeCheckPeriodMillis()), aeadEnvelopeCrypto, cryptoPolicy, keyManagementService); using (Session <JObject, JObject> sessionJsonImpl = new SessionJsonImpl <JObject>(envelopeEncryptionJsonImpl)) { Asherah.AppEncryption.Util.Json testJson = new Asherah.AppEncryption.Util.Json(); testJson.Put("Test", testData); string persistenceKey = sessionJsonImpl.Store(testJson.ToJObject(), dataPersistence); Option <JObject> testJson2 = sessionJsonImpl.Load(persistenceKey, dataPersistence); Assert.True(testJson2.IsSome); string resultData = ((JObject)testJson2)["Test"].ToObject <string>(); Assert.Equal(testData, resultData); } } }
/// <summary> /// Initializes a new instance of the <see cref="EnvelopeEncryptionJsonImpl"/> class using the provided /// parameters. This is an implementation of <see cref="IEnvelopeEncryption{TD}"/> which uses /// <see cref="JObject"/> as the Data Row Record format. /// </summary> /// /// <param name="partition">A <see cref="GoDaddy.Asherah.AppEncryption.Partition"/> object.</param> /// <param name="metastore">A <see cref="IMetastore{T}"/> implementation used to store system & intermediate /// keys.</param> /// <param name="systemKeyCache">A <see cref="ConcurrentDictionary{TKey,TValue}"/> based implementation for /// caching system keys.</param> /// <param name="intermediateKeyCache">A <see cref="ConcurrentDictionary{TKey,TValue}"/> based implementation /// for caching intermediate keys.</param> /// <param name="aeadEnvelopeCrypto">An implementation of /// <see cref="GoDaddy.Asherah.Crypto.Envelope.AeadEnvelopeCrypto"/>, used to encrypt/decrypt keys and /// envelopes.</param> /// <param name="cryptoPolicy">A <see cref="GoDaddy.Asherah.Crypto.CryptoPolicy"/> implementation that dictates /// the various behaviors of Asherah.</param> /// <param name="keyManagementService">A <see cref="GoDaddy.Asherah.AppEncryption.Kms.KeyManagementService"/> /// implementation that generates the top level master key and encrypts the system keys using the master key. /// </param> public EnvelopeEncryptionJsonImpl( Partition partition, IMetastore <JObject> metastore, SecureCryptoKeyDictionary <DateTimeOffset> systemKeyCache, SecureCryptoKeyDictionary <DateTimeOffset> intermediateKeyCache, AeadEnvelopeCrypto aeadEnvelopeCrypto, CryptoPolicy cryptoPolicy, KeyManagementService keyManagementService) { this.partition = partition; this.metastore = metastore; this.systemKeyCache = systemKeyCache; this.intermediateKeyCache = intermediateKeyCache; crypto = aeadEnvelopeCrypto; this.cryptoPolicy = cryptoPolicy; this.keyManagementService = keyManagementService; }
internal AwsKeyManagementServiceImpl( Dictionary <string, string> regionToArnDictionary, string preferredRegion, AeadEnvelopeCrypto crypto, AwsKmsClientFactory awsKmsClientFactory) { regionPriorityComparator = (region1, region2) => { // Give preferred region top priority and fall back to remaining priority if (region1.Equals(this.preferredRegion)) { return(-1); } if (region2.Equals(this.preferredRegion)) { return(1); } // Treat them as equal for now // TODO consider adding logic to prefer geo/adjacent regions return(0); }; this.preferredRegion = preferredRegion; this.crypto = crypto; this.awsKmsClientFactory = awsKmsClientFactory; RegionToArnAndClientDictionary = new OrderedDictionary(); List <KeyValuePair <string, string> > regionToArnList = regionToArnDictionary.ToList(); regionToArnList.Sort((regionToArn1, regionToArn2) => regionPriorityComparator(regionToArn1.Key, regionToArn2.Key)); regionToArnList.ForEach(regionToArn => { RegionToArnAndClientDictionary.Add( regionToArn.Key, new AwsKmsArnClient(regionToArn.Value, this.awsKmsClientFactory.CreateAwsKmsClient(regionToArn.Key))); }); }
protected GenericAeadCryptoTest() { crypto = GetCryptoInstance(); random = RandomNumberGenerator.Create(); }