public void GivenEncryptingData_WhenDecryptingData_FromImportedKey_ThenDataIsDecrypted()
{
var currentUser = WindowsIdentity.GetCurrent()
.Name;
var target = new RSAEncryption("target", currentUser);
var signatureContainer = new RSAEncryption("signatureContainer", currentUser);
var signaturePublicKey = signatureContainer.ExportKey(false);
var targetPublicKey = target.ExportKey(false);
HybridEncryption hybridEncryption = HybridEncryption.CreateEncryption(targetPublicKey, "signatureContainer");
HybridDecryption hybridDecryption = HybridDecryption.CreateDecryption("target", signaturePublicKey);
RandomNumberGenerator random = new RNGCryptoServiceProvider();
var data = new byte[512];
var sessionKey = new byte[32];
var iv = new byte[16];
random.GetBytes(sessionKey);
random.GetBytes(iv);
random.GetBytes(data);
(EncryptionSettings key, byte[] encryptedData)encryptedResult = hybridEncryption.EncryptData(sessionKey, data, iv);
var keyBlob = encryptedResult.key.ExportToBlob();
var keyFromBlob = EncryptionSettings.FromBlob(keyBlob);
var decryptedData = hybridDecryption.DecryptData(keyFromBlob, encryptedResult.encryptedData);
Assert.That(decryptedData, Is.EqualTo(data));
}
public void GivenEncryptionKeyBlob_WhenImportingKey_ThenImportsSessionKeyCorrectly()
{
var currentUser = WindowsIdentity.GetCurrent()
.Name;
var target = new RSAEncryption("target", currentUser);
new RSAEncryption("signatureContainer", currentUser);
var targetPublicKey = target.ExportKey(false);
HybridEncryption hybridEncryption = HybridEncryption.CreateEncryption(targetPublicKey, "signatureContainer");
RandomNumberGenerator random = new RNGCryptoServiceProvider();
var data = File.ReadAllBytes("appsettings.json");
var sessionKey = new byte[32];
var iv = new byte[16];
random.GetBytes(sessionKey);
random.GetBytes(iv);
(EncryptionSettings key, byte[] encryptedData)encryptedResult = hybridEncryption.EncryptData(sessionKey, data, iv);
var key = encryptedResult.key;
var keyBlob = key.ExportToBlob();
var keyFromBlob = EncryptionSettings.FromBlob(keyBlob);
Assert.That(keyFromBlob.SessionKey, Is.EqualTo(key.SessionKey));
}
public void GivenRandomData_WhenEncryptingData_ThenSessionKeyIsReturned()
{
var currentUser = WindowsIdentity.GetCurrent()
.Name;
var target = new RSAEncryption("target", currentUser);
new RSAEncryption("signatureContainer", currentUser);
var targetPublicKey = target.ExportKey(false);
HybridEncryption hybridEncryption = HybridEncryption.CreateEncryption(targetPublicKey, "signatureContainer");
RandomNumberGenerator random = new RNGCryptoServiceProvider();
var data = new byte[512];
var sessionKey = new byte[32];
var iv = new byte[16];
random.GetBytes(sessionKey);
random.GetBytes(iv);
random.GetBytes(data);
var encryptedResult = hybridEncryption.EncryptData(sessionKey, data, iv);
Assert.That(encryptedResult.key.SessionKey, Is.Not.Empty);
}
public override void Handle(Context context)
{
if (!context.Arguments.TryGetValue(WellKnownCommandArguments.FILE_PATH, out var filePath))
{
throw new MissingFilePathException("Missing file path argument. try encrypt --help for more information");
}
if (!context.Arguments.TryGetValue(WellKnownCommandArguments.IMPORT_KEY, out var publicKeyPath))
{
throw new MissingKeyException("Missing key argument. try encrypt --help for more information");
}
if (!context.Arguments.TryGetValue(WellKnownCommandArguments.ENCRYPTED_FILE_OUT, out var encryptedFilePath))
{
throw new MissingFilePathException("Missing encrypted file path argument. try encrypt --help for more information");
}
if (!context.Arguments.TryGetValue(WellKnownCommandArguments.SIGNATURE_CONTAINER, out var signatureContainer))
{
throw new ContainerNameMissingException("Missing name of signature container. try encrypt --help for more information");
}
var publicKey = File.ReadAllText(publicKeyPath);
var fileEncrypter = new FileEncrypter(HybridEncryption.CreateEncryption(publicKey, signatureContainer),
new RNGCryptoRandomBytesGenerator());
var encryptionResult = fileEncrypter.Encrypt(filePath);
File.WriteAllBytes(encryptedFilePath, encryptionResult.data);
var keyPath = new FileInfo(encryptedFilePath).Directory.FullName;
File.WriteAllBytes($"{keyPath}/decryptionkey", encryptionResult.key.ExportToBlob());
SetEndState(context);
}