public void RequiresPlaintext()
{
ArgumentNullException ex = Assert.Throws <ArgumentNullException>(() => EncryptParameters.Rsa15Parameters(null));
Assert.AreEqual("plaintext", ex.ParamName);
ex = Assert.Throws <ArgumentNullException>(() => EncryptParameters.RsaOaepParameters(null));
Assert.AreEqual("plaintext", ex.ParamName);
ex = Assert.Throws <ArgumentNullException>(() => EncryptParameters.RsaOaep256Parameters(null));
Assert.AreEqual("plaintext", ex.ParamName);
ex = Assert.Throws <ArgumentNullException>(() => EncryptParameters.A128GcmParameters(null));
Assert.AreEqual("plaintext", ex.ParamName);
Assert.DoesNotThrow(() => EncryptParameters.A128GcmParameters(Array.Empty <byte>(), null));
ex = Assert.Throws <ArgumentNullException>(() => EncryptParameters.A192GcmParameters(null));
Assert.AreEqual("plaintext", ex.ParamName);
Assert.DoesNotThrow(() => EncryptParameters.A192GcmParameters(Array.Empty <byte>(), null));
ex = Assert.Throws <ArgumentNullException>(() => EncryptParameters.A256GcmParameters(null));
Assert.AreEqual("plaintext", ex.ParamName);
Assert.DoesNotThrow(() => EncryptParameters.A256GcmParameters(Array.Empty <byte>(), null));
ex = Assert.Throws <ArgumentNullException>(() => EncryptParameters.A128CbcParameters(null));
Assert.AreEqual("plaintext", ex.ParamName);
Assert.DoesNotThrow(() => EncryptParameters.A128CbcParameters(Array.Empty <byte>(), null));
ex = Assert.Throws <ArgumentNullException>(() => EncryptParameters.A128CbcParameters(null));
Assert.AreEqual("plaintext", ex.ParamName);
Assert.DoesNotThrow(() => EncryptParameters.A192CbcParameters(Array.Empty <byte>(), null));
ex = Assert.Throws <ArgumentNullException>(() => EncryptParameters.A128CbcParameters(null));
Assert.AreEqual("plaintext", ex.ParamName);
Assert.DoesNotThrow(() => EncryptParameters.A256CbcParameters(Array.Empty <byte>(), null));
ex = Assert.Throws <ArgumentNullException>(() => EncryptParameters.A128CbcPadParameters(null));
Assert.AreEqual("plaintext", ex.ParamName);
Assert.DoesNotThrow(() => EncryptParameters.A128CbcPadParameters(Array.Empty <byte>(), null));
ex = Assert.Throws <ArgumentNullException>(() => EncryptParameters.A128CbcPadParameters(null));
Assert.AreEqual("plaintext", ex.ParamName);
Assert.DoesNotThrow(() => EncryptParameters.A192CbcPadParameters(Array.Empty <byte>(), null));
ex = Assert.Throws <ArgumentNullException>(() => EncryptParameters.A128CbcPadParameters(null));
Assert.AreEqual("plaintext", ex.ParamName);
Assert.DoesNotThrow(() => EncryptParameters.A256CbcPadParameters(Array.Empty <byte>(), null));
}
public async Task SerializeJsonWebKeyAsync()
{
// Environment variable with the Key Vault endpoint.
string keyVaultUrl = TestEnvironment.KeyVaultUrl;
var keyClient = new KeyClient(new Uri(keyVaultUrl), new DefaultAzureCredential());
string rsaKeyName = $"CloudRsaKey-{Guid.NewGuid()}";
var rsaKey = new CreateRsaKeyOptions(rsaKeyName, hardwareProtected: false)
{
KeySize = 2048,
};
KeyVaultKey cloudRsaKey = await keyClient.CreateRsaKeyAsync(rsaKey);
Debug.WriteLine($"Key is returned with name {cloudRsaKey.Name} and type {cloudRsaKey.KeyType}");
string dir = Path.Combine(TestContext.CurrentContext.WorkDirectory, "samples", nameof(Sample7_SerializeJsonWebKey));
Directory.CreateDirectory(dir);
string path = Path.Combine(dir, $"{nameof(SerializeJsonWebKeyAsync)}.json");
// Use `using` expression for clean sample, but scope it to close and dispose immediately.
{
using FileStream file = File.Create(path);
await JsonSerializer.SerializeAsync(file, cloudRsaKey.Key);
Debug.WriteLine($"Saved JWK to {path}");
}
// Use `using` expression for clean sample, but scope it to close and dispose immediately.
JsonWebKey jwk = null;
{
using FileStream file = File.Open(path, FileMode.Open);
jwk = await JsonSerializer.DeserializeAsync <JsonWebKey>(file);
Debug.WriteLine($"Read JWK from {path} with ID {jwk.Id}");
}
string content = "plaintext";
var encryptClient = new CryptographyClient(jwk);
byte[] plaintext = Encoding.UTF8.GetBytes(content);
EncryptResult encrypted = await encryptClient.EncryptAsync(EncryptParameters.RsaOaepParameters(plaintext));
Debug.WriteLine($"Encrypted: {Encoding.UTF8.GetString(plaintext)}");
byte[] ciphertext = encrypted.Ciphertext;
CryptographyClient decryptClient = keyClient.GetCryptographyClient(cloudRsaKey.Name, cloudRsaKey.Properties.Version);
DecryptResult decrypted = await decryptClient.DecryptAsync(DecryptParameters.RsaOaepParameters(ciphertext));
Debug.WriteLine($"Decrypted: {Encoding.UTF8.GetString(decrypted.Plaintext)}");
DeleteKeyOperation operation = await keyClient.StartDeleteKeyAsync(rsaKeyName);
// You only need to wait for completion if you want to purge or recover the key.
await operation.WaitForCompletionAsync();
// If the keyvault is soft-delete enabled, then for permanent deletion, deleted key needs to be purged.
keyClient.PurgeDeletedKey(rsaKeyName);
}
public void SerializeJsonWebKeySync()
{
// Environment variable with the Key Vault endpoint.
string keyVaultUrl = TestEnvironment.KeyVaultUrl;
#region Snippet:KeysSample7KeyClient
var keyClient = new KeyClient(new Uri(keyVaultUrl), new DefaultAzureCredential());
#endregion
#region Snippet:KeysSample7CreateKey
string rsaKeyName = $"CloudRsaKey-{Guid.NewGuid()}";
var rsaKey = new CreateRsaKeyOptions(rsaKeyName, hardwareProtected: false)
{
KeySize = 2048,
};
KeyVaultKey cloudRsaKey = keyClient.CreateRsaKey(rsaKey);
Debug.WriteLine($"Key is returned with name {cloudRsaKey.Name} and type {cloudRsaKey.KeyType}");
#endregion
string dir = Path.Combine(TestContext.CurrentContext.WorkDirectory, "samples", nameof(Sample7_SerializeJsonWebKey));
Directory.CreateDirectory(dir);
string path = Path.Combine(dir, $"{nameof(SerializeJsonWebKeySync)}.json");
// Use `using` expression for clean sample, but scope it to close and dispose immediately.
{
#region Snippet:KeysSample7Serialize
using FileStream file = File.Create(path);
using (Utf8JsonWriter writer = new Utf8JsonWriter(file))
{
JsonSerializer.Serialize(writer, cloudRsaKey.Key);
}
Debug.WriteLine($"Saved JWK to {path}");
#endregion
}
#region Snippet:KeysSamples7Deserialize
byte[] buffer = File.ReadAllBytes(path);
JsonWebKey jwk = JsonSerializer.Deserialize <JsonWebKey>(buffer);
Debug.WriteLine($"Read JWK from {path} with ID {jwk.Id}");
#endregion
string content = "plaintext";
#region Snippet:KeysSample7Encrypt
var encryptClient = new CryptographyClient(jwk);
byte[] plaintext = Encoding.UTF8.GetBytes(content);
EncryptResult encrypted = encryptClient.Encrypt(EncryptParameters.RsaOaepParameters(plaintext));
Debug.WriteLine($"Encrypted: {Encoding.UTF8.GetString(plaintext)}");
#endregion
byte[] ciphertext = encrypted.Ciphertext;
#region Snippet:KeysSample7Decrypt
CryptographyClient decryptClient = keyClient.GetCryptographyClient(cloudRsaKey.Name, cloudRsaKey.Properties.Version);
DecryptResult decrypted = decryptClient.Decrypt(DecryptParameters.RsaOaepParameters(ciphertext));
Debug.WriteLine($"Decrypted: {Encoding.UTF8.GetString(decrypted.Plaintext)}");
#endregion
DeleteKeyOperation operation = keyClient.StartDeleteKey(rsaKeyName);
// You only need to wait for completion if you want to purge or recover the key.
while (!operation.HasCompleted)
{
Thread.Sleep(2000);
operation.UpdateStatus();
}
// If the keyvault is soft-delete enabled, then for permanent deletion, deleted key needs to be purged.
keyClient.PurgeDeletedKey(rsaKeyName);
}
