public void TestRandomBytes(int?numBytes)
{
byte[] cryptoKey, authKey;
SymmetricAuthenticated_AES_HMACSHA256.GenerateKeys(out cryptoKey, out authKey);
byte[] input = null;
if (numBytes.HasValue)
{
input = GetRandomBytes(numBytes.Value, numBytes.Value);
}
byte[] encrypted, decrypted;
using (var algorithm = new SymmetricAuthenticated_AES_HMACSHA256())
{
encrypted = algorithm.EncryptBytes(input, cryptoKey, authKey);
}
using (var algorithm = new SymmetricAuthenticated_AES_HMACSHA256())
{
decrypted = algorithm.DecryptBytes(encrypted, cryptoKey, authKey);
}
if (input == null)
{
Assert.IsNull(encrypted, "encrypted");
Assert.IsNull(decrypted, "decrypted");
}
else
{
Assert.IsTrue(encrypted.Length >= numBytes, "encrypted.Length");
Assert.IsTrue(decrypted.SequenceEqual(input), "Decrypted does not match original.");
}
}
public void TestIncorrectKeyFails()
{
byte[] cryptoKey, authKey;
SymmetricAuthenticated_AES_HMACSHA256.GenerateKeys(out cryptoKey, out authKey);
byte[] input = GetRandomBytes(1000, 5000);
byte[] encrypted;
using (var algorithm = new SymmetricAuthenticated_AES_HMACSHA256())
{
encrypted = algorithm.EncryptBytes(input, cryptoKey, authKey);
}
SymmetricAuthenticated_AES_HMACSHA256.GenerateKeys(out cryptoKey, out authKey);
using (var algorithm = new SymmetricAuthenticated_AES_HMACSHA256())
{
algorithm.DecryptBytes(encrypted, cryptoKey, authKey);
}
}
public void TestSameInputProducesDifferentOutput()
{
byte[] cryptoKey, authKey;
SymmetricAuthenticated_AES_HMACSHA256.GenerateKeys(out cryptoKey, out authKey);
for (int counter = 0; counter < 10; ++counter)
{
var encryptedAsBase64 = new HashSet <string>();
using (var algorithm = new SymmetricAuthenticated_AES_HMACSHA256())
{
var inputBytes = GetRandomBytes(1024, 4096);
for (int i = 0; i < 100; ++i)
{
encryptedAsBase64.Add(Convert.ToBase64String(algorithm.EncryptBytes(inputBytes, cryptoKey, authKey)));
}
}
Assert.AreEqual(100, encryptedAsBase64.Count, "Should be 100 distinct values");
}
}
public void TestUnicodeString()
{
byte[] cryptoKey, authKey;
SymmetricAuthenticated_AES_HMACSHA256.GenerateKeys(out cryptoKey, out authKey);
string input = Convert.ToBase64String(SecureRandomizer.GetRandomBytes(100)) + "\u01e2\u01f0\u020e\u0229";
byte[] encrypted;
string decrypted;
using (var algorithm = new SymmetricAuthenticated_AES_HMACSHA256())
{
encrypted = algorithm.EncryptString(input, cryptoKey, authKey);
}
using (var algorithm = new SymmetricAuthenticated_AES_HMACSHA256())
{
Assert.IsTrue(encrypted.Length > 100, "encrypted.Length");
decrypted = algorithm.DecryptBytes(encrypted, cryptoKey, authKey).AsString();
}
Assert.AreEqual(input, decrypted, string.Format("{0} | {1}", input, decrypted));
}
public void TestInvalidAuthentication()
{
byte[] cryptoKey, authKey;
SymmetricAuthenticated_AES_HMACSHA256.GenerateKeys(out cryptoKey, out authKey);
byte[] input = GetRandomBytes(500, 1000);
byte[] encrypted, decrypted;
using (var algorithm = new SymmetricAuthenticated_AES_HMACSHA256())
{
encrypted = algorithm.EncryptBytes(input, cryptoKey, authKey);
}
// Change the last byte in the file, which is the
encrypted[encrypted.GetUpperBound(0)] = (byte)(~encrypted[encrypted.GetUpperBound(0)]);
using (var algorithm = new SymmetricAuthenticated_AES_HMACSHA256())
{
decrypted = algorithm.DecryptBytes(encrypted, cryptoKey, authKey);
}
Assert.IsTrue(decrypted.SequenceEqual(input), "Decrypted does not match original.");
}
public virtual void TestKeys()
{
byte[] cryptoKey, authKey;
SymmetricAuthenticated_AES_HMACSHA256.GenerateKeys(out cryptoKey, out authKey);
Assert.AreEqual(32, cryptoKey.Length);
Assert.AreEqual(32, authKey.Length);
bool anyNonZero = false;
foreach (byte b in cryptoKey)
{
anyNonZero |= (b != 0);
}
Assert.IsTrue(anyNonZero);
anyNonZero = false;
foreach (byte b in authKey)
{
anyNonZero |= (b != 0);
}
Assert.IsTrue(anyNonZero);
}