private static void PutWithCustomerSuppliedEncryptionKeysTest_Common(StorageFixture fixture, SigningVersion signingVersion, [CallerMemberName] string caller = null)
{
var bucket = fixture.SingleVersionBucket;
var name = IdGenerator.FromGuid();
var content = fixture.SmallContent;
string url = null;
EncryptionKey key = EncryptionKey.Generate();
Func <HttpRequestMessage> createPutRequest = () =>
{
var request = new HttpRequestMessage
{
Method = HttpMethod.Put,
Content = new ByteArrayContent(content)
};
key.ModifyRequest(request);
return(request);
};
fixture.RegisterDelayTest(
s_duration,
beforeDelay: async duration =>
{
var request = createPutRequest();
var requestTemplate = RequestTemplate
.FromBucket(bucket)
.WithObjectName(name)
.WithHttpRequestMessage(request);
url = fixture.UrlSigner.Sign(requestTemplate, Options.FromDuration(duration).WithSigningVersion(signingVersion));
// Verify that the URL works initially.
request.RequestUri = new Uri(url);
var response = await fixture.HttpClient.SendAsync(request);
await VerifyResponseAsync(response);
// Make sure the encryption succeeded.
var downloadedContent = new MemoryStream();
await Assert.ThrowsAsync <GoogleApiException>(
() => fixture.Client.DownloadObjectAsync(bucket, name, downloadedContent));
await fixture.Client.DownloadObjectAsync(bucket, name, downloadedContent, new DownloadObjectOptions {
EncryptionKey = key
});
AssertContentEqual(content, downloadedContent.ToArray());
},
afterDelay: async() =>
{
// Verify that the URL no longer works.
var request = createPutRequest();
request.RequestUri = new Uri(url);
var response = await fixture.HttpClient.SendAsync(request);
Assert.Equal(HttpStatusCode.BadRequest, response.StatusCode);
// Cleanup
await fixture.Client.DeleteObjectAsync(bucket, name);
},
caller);
}
private static void GetWithCustomerSuppliedEncryptionKeysTest_Common(StorageFixture fixture, SigningVersion signingVersion, [CallerMemberName] string caller = null)
{
var bucket = fixture.SingleVersionBucket;
var name = IdGenerator.FromGuid();
var content = fixture.SmallContent;
string url = null;
EncryptionKey key = EncryptionKey.Generate();
Func <HttpRequestMessage> createGetRequest = () =>
{
var request = new HttpRequestMessage {
Method = HttpMethod.Get
};
key.ModifyRequest(request);
return(request);
};
fixture.RegisterDelayTest(
s_duration,
beforeDelay: async duration =>
{
var encryptingClient = StorageClient.Create(encryptionKey: key);
encryptingClient.UploadObject(bucket, name, "application/octet-stream", new MemoryStream(content));
// We don't need to specify the encryption key headers explicitly in the signer template.
// The request message we are using in the template already has them set
// (by key.ModifyRequest(request)) and the signer will extract them from there.
var request = createGetRequest();
var requestTemplate = RequestTemplate
.FromBucket(bucket)
.WithObjectName(name)
.WithHttpRequestMessage(request);
url = fixture.UrlSigner.Sign(requestTemplate, Options.FromDuration(duration).WithSigningVersion(signingVersion));
request.RequestUri = new Uri(url);
// Verify that the URL works initially.
var response = await fixture.HttpClient.SendAsync(request);
var result = await response.Content.ReadAsByteArrayAsync();
AssertContentEqual(content, result);
},
afterDelay: async() =>
{
// Verify that the URL no longer works.
var request = createGetRequest();
request.RequestUri = new Uri(url);
var response = await fixture.HttpClient.SendAsync(request);
Assert.Equal(HttpStatusCode.BadRequest, response.StatusCode);
// Cleanup
await fixture.Client.DeleteObjectAsync(bucket, name);
},
caller);
}
private void PutWithCustomerSuppliedEncryptionKeysTest_InitDelayTest()
{
var bucket = _fixture.SingleVersionBucket;
var name = GenerateName();
var data = _fixture.SmallContent;
string url = null;
EncryptionKey key = EncryptionKey.Generate();
Func <HttpRequestMessage> createPutRequest = () =>
{
var request = new HttpRequestMessage
{
Method = HttpMethod.Put,
Content = new ByteArrayContent(data)
};
key.ModifyRequest(request);
return(request);
};
_fixture.RegisterDelayTest(_duration,
beforeDelay: async duration =>
{
var request = createPutRequest();
url = _fixture.UrlSigner.Sign(bucket, name, duration, request);
// Verify that the URL works initially.
request.RequestUri = new Uri(url);
var response = await _fixture.HttpClient.SendAsync(request);
Assert.True(response.IsSuccessStatusCode);
// Make sure the encryption succeeded.
var downloadedData = new MemoryStream();
await Assert.ThrowsAsync <GoogleApiException>(
() => _fixture.Client.DownloadObjectAsync(bucket, name, downloadedData));
await _fixture.Client.DownloadObjectAsync(bucket, name, downloadedData, new DownloadObjectOptions {
EncryptionKey = key
});
Assert.Equal(data, downloadedData.ToArray());
},
afterDelay: async() =>
{
// Verify that the URL no longer works.
var request = createPutRequest();
request.RequestUri = new Uri(url);
var response = await _fixture.HttpClient.SendAsync(request);
Assert.Equal(HttpStatusCode.BadRequest, response.StatusCode);
// Cleanup
await _fixture.Client.DeleteObjectAsync(bucket, name);
});
}
private static void GetWithCustomerSuppliedEncryptionKeysTest_Common(StorageFixture fixture, UrlSigner signer, [CallerMemberName] string caller = null)
{
var bucket = fixture.SingleVersionBucket;
var name = IdGenerator.FromGuid();
var content = fixture.SmallContent;
string url = null;
EncryptionKey key = EncryptionKey.Generate();
Func <HttpRequestMessage> createGetRequest = () =>
{
var request = new HttpRequestMessage {
Method = HttpMethod.Get
};
key.ModifyRequest(request);
return(request);
};
fixture.RegisterDelayTest(
s_duration,
beforeDelay: async duration =>
{
var encryptingClient = StorageClient.Create(encryptionKey: key);
encryptingClient.UploadObject(bucket, name, "application/octet-stream", new MemoryStream(content));
var request = createGetRequest();
url = signer.Sign(bucket, name, duration, request);
request.RequestUri = new Uri(url);
// Verify that the URL works initially.
var response = await fixture.HttpClient.SendAsync(request);
var result = await response.Content.ReadAsByteArrayAsync();
AssertContentEqual(content, result);
},
afterDelay: async() =>
{
// Verify that the URL no longer works.
var request = createGetRequest();
request.RequestUri = new Uri(url);
var response = await fixture.HttpClient.SendAsync(request);
Assert.Equal(HttpStatusCode.BadRequest, response.StatusCode);
// Cleanup
await fixture.Client.DeleteObjectAsync(bucket, name);
},
caller);
}
public void ModifyRequest_NotNone()
{
EncryptionKey key = EncryptionKey.Create(new byte[32]);
var request = new HttpRequestMessage();
key.ModifyRequest(request);
IEnumerable <string> values;
Assert.True(request.Headers.TryGetValues(EncryptionKey.AlgorithmHeader, out values));
Assert.Equal(new[] { EncryptionKey.AlgorithmValue }, values);
Assert.True(request.Headers.TryGetValues(EncryptionKey.KeyHeader, out values));
Assert.Equal(new[] { "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=" }, values);
Assert.True(request.Headers.TryGetValues(EncryptionKey.KeyHashHeader, out values));
Assert.Equal(new[] { "Zmh6rfhivXdsj8GLjp+OIAiXFIVu4jOzkCpZHQ1fKSU=" }, values);
Assert.False(request.Headers.TryGetValues(EncryptionKey.CopySourceAlgorithmHeader, out values));
Assert.False(request.Headers.TryGetValues(EncryptionKey.CopySourceKeyHeader, out values));
Assert.False(request.Headers.TryGetValues(EncryptionKey.CopySourceKeyHashHeader, out values));
}