public void ToKeyFileStringDecryptFailsWithNoPrivateKeyTest()
{
// Load Certificate
X509Certificate2 cert = new X509Certificate2("4096.pfx", string.Empty, X509KeyStorageFlags.Exportable);
// Make a provider
AsymmetricBlobCryptoProvider asymmetricProvider = new AsymmetricBlobCryptoProvider(cert, true);
string keyString = asymmetricProvider.ToKeyFileString(true);
// Clone a new provider from exported keyfile
IBlobCryptoProvider clonedProvider = ProviderFactory.CreateProviderFromKeyFileString(keyString);
// Run an encryption loop using the cloned provider
// which should not have a private key (And thus fail).
var encryptedStream = clonedProvider.EncryptedStream(streamSample);
var decryptedStream = clonedProvider.DecryptedStream(encryptedStream);
byte[] result = new byte[sampleStreamSize];
decryptedStream.Read(result, 0, result.Length);
Assert.IsTrue(
result.SequenceEqual(streamSample.ToArray()),
"Decrypted data does not match original data");
}
public void ToKeyFileStringPublicOnlyCertificateTest()
{
// Load Certificate
X509Certificate2 cert = new X509Certificate2("4096.pfx", string.Empty, X509KeyStorageFlags.Exportable);
// Make a provider
AsymmetricBlobCryptoProvider asymmetricProvider = new AsymmetricBlobCryptoProvider(cert, true);
string keyString = asymmetricProvider.ToKeyFileString(true);
// Clone a new provider from exported keyfile
IBlobCryptoProvider clonedProvider = ProviderFactory.CreateProviderFromKeyFileString(keyString);
// Run an encryption loop using the two providers
// Should be able to encrypt with the public only clone, and decrypt with the original
var encryptedStream = clonedProvider.EncryptedStream(streamSample);
var decryptedStream = asymmetricProvider.DecryptedStream(encryptedStream);
byte[] result = new byte[sampleStreamSize];
decryptedStream.Read(result, 0, result.Length);
Assert.IsTrue(
result.SequenceEqual(streamSample.ToArray()),
"Decrypted data does not match original data");
}
public void BlockBlob_UploadDownload_Stream_KeyFileString()
{
// Prepare random memory stream
Random random = new Random();
byte[] buffer = new byte[51200];
random.NextBytes(buffer);
MemoryStream testStream = new MemoryStream(buffer);
// Get a blob reference
CloudStorageAccount storageAccount = CloudStorageAccount.DevelopmentStorageAccount;
CloudBlobClient blobClient = storageAccount.CreateCloudBlobClient();
CloudBlobContainer container = blobClient.GetContainerReference("testcontainer");
container.CreateIfNotExists();
String blobId = Guid.NewGuid().ToString();
CloudBlockBlob blob = container.GetBlockBlobReference(blobId);
// Create provider
var provider = new SymmetricBlobCryptoProvider();
// Upload stream
blob.UploadFromStreamEncrypted(provider, testStream);
// Recreate provider from keyfile string
var restoredProvider = ProviderFactory.CreateProviderFromKeyFileString(provider.ToKeyFileString());
// Download stream
MemoryStream downloadedStream = new MemoryStream();
CloudBlockBlob blobRestored = container.GetBlockBlobReference(blobId);
blobRestored.DownloadToStreamEncrypted(restoredProvider, downloadedStream);
// Compare raw and decrypted streams
Assert.IsTrue(testStream.ToArray().SequenceEqual(downloadedStream.ToArray()));
// Download file again, without our library, to ensure it was actually encrypted
MemoryStream encryptedStream = new MemoryStream();
blob.DownloadToStream(encryptedStream);
// Delete blob
blob.DeleteIfExists();
// Compare raw and encrypted streams
Assert.IsFalse(testStream.ToArray().SequenceEqual(encryptedStream.ToArray()));
}
public void ToKeyFileStringAndBackTest()
{
IBlobCryptoProvider asymmetricProvider = new AsymmetricBlobCryptoProvider();
string keyString = asymmetricProvider.ToKeyFileString();
IBlobCryptoProvider clonedProvider = ProviderFactory.CreateProviderFromKeyFileString(keyString);
var encryptedStream = asymmetricProvider.EncryptedStream(streamSample);
var decryptedStream = clonedProvider.DecryptedStream(encryptedStream);
byte[] result = new byte[sampleStreamSize];
decryptedStream.Read(result, 0, result.Length);
Assert.IsTrue(
result.SequenceEqual(streamSample.ToArray()),
"Decrypted data does not match original data");
}
public void EmptyStringTest()
{
var provider = ProviderFactory.CreateProviderFromKeyFileString(string.Empty);
}
public void InvalidStringTest()
{
var provider = ProviderFactory.CreateProviderFromKeyFileString("Some random text.");
}
