public async Task <ActionResult> Encrypt([FromBody] EncryptRequest body) { if (!ModelState.IsValid) { mAuditLogger.Warning("Bad request to Encrypt API: {sourceIP} {validationState}", Request.HttpContext.Connection.RemoteIpAddress, ModelState.ValidationState); return(BadRequest("One or more of the required fields doesn't present in the request body.")); } mAuditLogger.Information("Encryption request started, SourceIP: {sourceIp}, ServiceAccount: {sa}, Namespace: {namespace}", Request.HttpContext.Connection.RemoteIpAddress, body.ServiceAccountName, body.NamespaceName); var encryptedData = await mKeyManagement.Encrypt(body.Data, body.ServiceAccountName); if (body.ServiceAccountName == "default") { return(BadRequest("You cannot encrypt a secret for the default service account")); } mAuditLogger.Information("Encryption request succeeded, SourceIP: {sourceIp}, ServiceAccount: {serviceAccount}, Namesacpe: {namespace}", Request.HttpContext.Connection.RemoteIpAddress, body.ServiceAccountName, body.NamespaceName); return(Content(encryptedData)); }
public override EncryptResponse Encrypt(EncryptRequest request, CallSettings callSettings = null) { EncryptCalls++; return(new EncryptResponse { Ciphertext = request.Plaintext }); }
/// <summary> /// Encrypts data using the given [EncryptDataDetails](https://docs.cloud.oracle.com/api/#/en/key/latest/datatypes/EncryptDataDetails) resource. /// Plaintext included in the example request is a base64-encoded value of a UTF-8 string. /// /// </summary> /// <param name="request">The request object containing the details to send. Required.</param> /// <param name="retryConfiguration">The retry configuration that will be used by to send this request. Optional.</param> /// <param name="cancellationToken">The cancellation token to cancel this operation. Optional.</param> /// <returns>A response object containing details about the completed operation</returns> /// <example>Click <a href="https://docs.cloud.oracle.com/en-us/iaas/tools/dot-net-examples/latest/keymanagement/Encrypt.cs.html">here</a> to see an example of how to use Encrypt API.</example> public async Task <EncryptResponse> Encrypt(EncryptRequest request, RetryConfiguration retryConfiguration = null, CancellationToken cancellationToken = default) { logger.Trace("Called encrypt"); Uri uri = new Uri(this.restClient.GetEndpoint(), System.IO.Path.Combine(basePathWithoutHost, "/20180608/encrypt".Trim('/'))); HttpMethod method = new HttpMethod("POST"); HttpRequestMessage requestMessage = Converter.ToHttpRequestMessage(uri, method, request); requestMessage.Headers.Add("Accept", "application/json"); GenericRetrier retryingClient = Retrier.GetPreferredRetrier(retryConfiguration, this.retryConfiguration); HttpResponseMessage responseMessage; try { if (retryingClient != null) { responseMessage = await retryingClient.MakeRetryingCall(this.restClient.HttpSend, requestMessage, cancellationToken).ConfigureAwait(false); } else { responseMessage = await this.restClient.HttpSend(requestMessage).ConfigureAwait(false); } this.restClient.CheckHttpResponseMessage(requestMessage, responseMessage); return(Converter.FromHttpResponseMessage <EncryptResponse>(responseMessage)); } catch (Exception e) { logger.Error($"Encrypt failed with error: {e.Message}"); throw; } }
public void EncryptKey_Context_Ok() { var kmsClientMock = new Mock <IAmazonKeyManagementService>(); var provider = new KmsDataKeyProvider(kmsClientMock.Object, "myKey"); EncryptRequest sentRequest = null; kmsClientMock.Setup(x => x.Encrypt(It.IsAny <EncryptRequest>())) .Returns((EncryptRequest req) => { sentRequest = req; return(new EncryptResponse { CiphertextBlob = DoubleValues(req.Plaintext), }); }); var context = new Dictionary <string, string> { { "purpose", "doubling" } }; provider.EncryptKey(Bytes(1, 2, 3), context).Should().Equal(Bytes(2, 4, 6)); sentRequest.Plaintext.ToArray().Should().Equal(Bytes(1, 2, 3)); sentRequest.EncryptionContext["purpose"].Should().Be("doubling"); sentRequest.KeyId.Should().Be("myKey"); provider.EncryptKey(Bytes(2, 3, 4), context).Should().Equal(Bytes(4, 6, 8)); }
internal EncryptResponse Encrypt(EncryptRequest request) { var marshaller = new EncryptRequestMarshaller(); var unmarshaller = EncryptResponseUnmarshaller.Instance; return(Invoke <EncryptRequest, EncryptResponse>(request, marshaller, unmarshaller)); }
internal virtual Option <JObject> EncryptKeyAndBuildResult( IAmazonKeyManagementService kmsClient, string region, string arn, byte[] dataKeyPlainText) { try { TimerOptions encryptTimerOptions = new TimerOptions { Name = MetricsUtil.AelMetricsPrefix + ".kms.aws.encrypt." + region }; using (MetricsUtil.MetricsInstance.Measure.Timer.Time(encryptTimerOptions)) { // Note we can't wipe plaintext key till end of calling method since underlying buffer shared by all requests EncryptRequest encryptRequest = new EncryptRequest { KeyId = arn, Plaintext = new MemoryStream(dataKeyPlainText) }; Task <EncryptResponse> encryptAsync = kmsClient.EncryptAsync(encryptRequest); byte[] encryptedKeyEncryptionKey = encryptAsync.Result.CiphertextBlob.ToArray(); return(Option <JObject> .Some(BuildKmsRegionKeyJson(region, arn, encryptedKeyEncryptionKey))); } } catch (AggregateException e) { Logger.LogWarning(e, "Failed to encrypt generated data key via region {region} KMS", region); // TODO Consider adding notification/CW alert return(Option <JObject> .None); } }
public IActionResult Encrypt([FromBody] EncryptRequest request) { if (ModelState.IsValid) { try { string result = _cryptoOperation.Encrypt(request.PlainText); return(Ok(new EncryptResponse { CipherText = result })); } catch (Exception ex) { return(StatusCode(500, new { errorMessage = ex.Message })); } } else { return(BadRequest(new { errorMessage = "Invalid payload" })); } }
internal bool Encrypt(FileStream inputStream, out MemoryStream encStream) { bool isSuccess = false; var memoryStream = new MemoryStream(); inputStream.CopyTo(memoryStream); var kmsClient = new AmazonKeyManagementServiceClient(this.awsCredentials, this.region); var encRequest = new EncryptRequest { KeyId = "Have to Insert KeyArn.." , Plaintext = memoryStream }; var encResponse = kmsClient.Encrypt(encRequest); if (encResponse.HttpStatusCode != System.Net.HttpStatusCode.OK) { isSuccess = true; } encStream = encResponse.CiphertextBlob; return(isSuccess); }
static void Main(string[] args) { // string accessKey = "AKIAJCRLXQX2J6OKN4GQ"; // string seacretKey = "29XQBOyGZwkgXcW/4yylTdzWu2Hv95EyKq/lwmN0"; // string keyID = "0022d1d9-f0c7-45e1-8f84-2b77c6fdcba9"; // var kms = new AmazonKeyManagementServiceClient(accessKey, seacretKey, Amazon.RegionEndpoint.APNortheast1); // var encReq = new EncryptRequest(); // encReq.KeyId = keyID; // encReq.Plaintext = new MemoryStream(Encoding.UTF8.GetBytes("19999-99999-46884-67157")); // var encrypt = kms.EncryptAsync(encReq); // System.Console.WriteLine(System.Convert.ToBase64String(encrypt.Result.CiphertextBlob.ToArray())); // var base64Str = System.Convert.ToBase64String(encrypt.Result.CiphertextBlob.ToArray()); // var decReq = new DecryptRequest(); // decReq.CiphertextBlob = new MemoryStream(System.Convert.FromBase64String(base64Str)); // var decrypt = kms.DecryptAsync(decReq).Result; // System.Console.WriteLine(Encoding.UTF8.GetString(decrypt.Plaintext.ToArray())); string accessKey = "AKIAJCRLXQX2J6OKN4GQ"; string seacretKey = "29XQBOyGZwkgXcW/4yylTdzWu2Hv95EyKq/lwmN0"; string keyID = "0022d1d9-f0c7-45e1-8f84-2b77c6fdcba9"; var str = "19185-57675-51957-67395"; var kmsc = new AmazonKeyManagementServiceClient(accessKey, seacretKey, Amazon.RegionEndpoint.APNortheast1); //(アクセスキー、シークレットキー、リージョンよりクライアント作成) var plaintext = new MemoryStream(Encoding.UTF8.GetBytes(str)); EncryptRequest encryptRequest = new EncryptRequest() //(暗号化リクエストを作成) { KeyId = keyID, //(頂いたKeyId を代入 "0022d1d9-f0c7-45e1-8f84-2b77c6fdcba9") Plaintext = plaintext }; var ciphertext = kmsc.EncryptAsync(encryptRequest).Result.CiphertextBlob; //(kmsc は上記クライアント) System.Console.WriteLine(Convert.ToBase64String(ciphertext.ToArray())); }
/// <summary> /// Initiates the asynchronous execution of the Encrypt operation. /// </summary> /// /// <param name="request">Container for the necessary parameters to execute the Encrypt operation.</param> /// <param name="cancellationToken"> /// A cancellation token that can be used by other objects or threads to receive notice of cancellation. /// </param> /// <returns>The task object representing the asynchronous operation.</returns> public Task <EncryptResponse> EncryptAsync(EncryptRequest request, System.Threading.CancellationToken cancellationToken = default(CancellationToken)) { var marshaller = new EncryptRequestMarshaller(); var unmarshaller = EncryptResponseUnmarshaller.Instance; return(InvokeAsync <EncryptRequest, EncryptResponse>(request, marshaller, unmarshaller, cancellationToken)); }
public override Task <EncryptResponse> Encrypt(EncryptRequest request, ServerCallContext context) { return(Task.FromResult(new EncryptResponse() { ReplicaId = _replicaId, Result = _Encrypt(request.Str, request.Shift) })); }
public ActionResult <EncryptResponse> Encrypt(EncryptRequest request) { Atbash cipher = new(); return(new EncryptResponse() { Ciphertext = cipher.Encrypt(request.Plaintext), }); }
public ActionResult <EncryptResponse> Encrypt([FromBody] EncryptRequest request) { Rot13 cipher = new(); return(new EncryptResponse() { Ciphertext = cipher.Encrypt(request.Plaintext), }); }
public override EncryptResponse Encrypt(EncryptRequest request, CallSettings callSettings = null) { byte xorOperand = (byte) request.Name.GetHashCode(); return new EncryptResponse { Ciphertext = ByteString.CopyFrom(request.Plaintext.Select(x => (byte) (x ^ xorOperand)).Select(x => (byte) (x + 1)).ToArray()), Name = request.Name.ToString() }; }
public byte[] EncryptKey(byte[] plainText, IDictionary <string, string> context) { var req = new EncryptRequest { KeyId = _keyId, Plaintext = new MemoryStream(plainText), EncryptionContext = AsDictionary(context) }; return(_client.Encrypt(req).CiphertextBlob.ToArray()); }
public override EncryptResponse Encrypt(EncryptRequest request, CallSettings callSettings = null) { var key = request.CryptoKeyPathName; var keyVersionName = new CryptoKeyVersionName(key.ProjectId, key.LocationId, key.KeyRingId, key.CryptoKeyPathId, "1"); byte xorOperand = (byte)request.Name.GetHashCode(); return(new EncryptResponse { Ciphertext = ByteString.CopyFrom(request.Plaintext.Select(x => (byte)(x ^ xorOperand)).Select(x => (byte)(x + 1)).ToArray()), Name = keyVersionName.ToString() }); }
public override byte[] TransformFinalBlock(byte[] inputBuffer, int inputOffset, int inputCount) { var request = new EncryptRequest { KeyId = _keyId, Plaintext = new MemoryStream(inputBuffer, inputOffset, inputCount) }; var task = _client.EncryptAsync(request); task.Wait(); return(task.Result.CiphertextBlob.ToArray()); }
/// <summary> /// 本接口用于加密最多为4KB任意数据,可用于加密数据库密码,RSA Key,或其它较小的敏感信息。对于应用的数据加密,使用GenerateDataKey生成的DataKey进行本地数据的加解密操作 /// </summary> /// <param name="req"><see cref="EncryptRequest"/></param> /// <returns><see cref="EncryptResponse"/></returns> public EncryptResponse EncryptSync(EncryptRequest req) { JsonResponseModel <EncryptResponse> rsp = null; try { var strResp = this.InternalRequestSync(req, "Encrypt"); rsp = JsonConvert.DeserializeObject <JsonResponseModel <EncryptResponse> >(strResp); } catch (JsonSerializationException e) { throw new TencentCloudSDKException(e.Message); } return(rsp.Response); }
public async Task <string> Encrypt(string data) { using (var stream = GenerateStreamFromString(data)) { var req = new EncryptRequest { Plaintext = stream, KeyId = this.keyId }; var response = await client.EncryptAsync(req); var result = Convert.ToBase64String(response.CiphertextBlob.ToArray()); return(result); } }
public IActionResult Encrypt(EncryptRequest request) { if (ModelState.IsValid) { string result = EncryptPayload(request.PlainText, request.Key); if (string.IsNullOrEmpty(result)) { return(StatusCode(500)); } return(Ok(new EncryptResponse { CipherTextBase64 = result })); } return(BadRequest()); }
private string Encrypt(string text) { string keyId = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxx"; MemoryStream plaintext = new MemoryStream(Encoding.UTF8.GetBytes(text)); EncryptRequest encryptRequest = new EncryptRequest() { KeyId = keyId, Plaintext = plaintext }; MemoryStream ciphertext = kmsClient.Encrypt(encryptRequest).CiphertextBlob; var buffer = new byte[ciphertext.Length]; ciphertext.Read(buffer, 0, (int)ciphertext.Length); return(Convert.ToBase64String(buffer)); }
// [END kms_add_member_to_keyring_policy] // [START kms_encrypt] public static object Encrypt(string projectId, string locationId, string keyRingId, string cryptoKeyId, string plaintextFile, string ciphertextFile) { var cloudKms = CreateAuthorizedClient(); // Generate the full path of the crypto key to use for encryption. var cryptoKey = $"projects/{projectId}/locations/{locationId}/keyRings/{keyRingId}/cryptoKeys/{cryptoKeyId}"; EncryptRequest encryptRequest = new EncryptRequest(); byte[] plaintext = File.ReadAllBytes(plaintextFile); encryptRequest.Plaintext = Convert.ToBase64String(plaintext); Console.WriteLine($"dataToEncrypt.Plaintext: {encryptRequest.Plaintext}"); var result = cloudKms.Projects.Locations.KeyRings.CryptoKeys.Encrypt(name: cryptoKey, body: encryptRequest).Execute(); // Output encrypted data to a file. File.WriteAllBytes(ciphertextFile, Convert.FromBase64String(result.Ciphertext)); Console.Write($"Encrypted file created: {ciphertextFile}"); return(0); }
/// <summary> /// Encrypts the passed data with a Master Key. This method will encrypt /// a payload up to a maximum size of 4096 bytes. The master key with the /// specified ID will be used to encrypt the data. /// </summary> /// <param name="keyId">The identifier for the master key.</param> /// <param name="data">The data to encrypt.</param> /// <returns>Encrypted data.</returns> /// <exception cref="System.ArgumentNullException"></exception> /// <exception cref="System.ArgumentException">You must provide some data to encrypt</exception> /// <exception cref="PayloadTooLargeException"></exception> /// <exception cref="KeyManagementServiceUnavailableException"></exception> public byte[] EncryptData(string keyId, byte[] data) { if (_disposed) { throw new ObjectDisposedException("AwsKmsKeyManager"); } ValidateMasterKey(keyId); if (data == null) { throw new ArgumentNullException(nameof(data)); } if (!data.Any()) { throw new ArgumentException("You must provide some data to encrypt", nameof(data)); } if (data.Length > MaxEncryptPayloadSize) { throw new PayloadTooLargeException(MaxEncryptPayloadSize, data.Length); } var res = RetryPolicy.ExecuteAndCapture(() => { using (var msPlainText = new MemoryStream(data)) { var req = new EncryptRequest { KeyId = keyId, Plaintext = msPlainText }; var t = _client.EncryptAsync(req); t.ConfigureAwait(false); return(t.GetAwaiter().GetResult()); } }); ValidateResponse(res); return(((EncryptResponse)res.Result).CiphertextBlob.ToArray()); }
public void Serialize() { var request = new EncryptRequest( keyId: "1", plaintext: Encoding.UTF8.GetBytes("applesauce"), context: new Dictionary <string, string> { { "user", "1" } } ); Assert.Equal( @"{ ""EncryptionContext"": { ""user"": ""1"" }, ""KeyId"": ""1"", ""Plaintext"": ""YXBwbGVzYXVjZQ=="" }", JsonSerializer.Serialize(request, JSO.Default)); }
public override async Task <string> EncryptAsync(string initializationVector, string plainText) { var request = new EncryptRequest { Plaintext = Encoding.UTF8.GetBytes(plainText), InitializationVector = Encoding.UTF8.GetBytes(initializationVector) }; using (HttpClient httpClient = HttpClientHelper.GetHttpClient(this.WorkloadUri)) { var edgeletHttpClient = new HttpWorkloadClient(httpClient) { BaseUrl = HttpClientHelper.GetBaseUrl(this.WorkloadUri) }; EncryptResponse result = await this.Execute(() => edgeletHttpClient.EncryptAsync(this.Version.Name, this.ModuleId, this.ModuleGenerationId, request), "Encrypt"); return(Convert.ToBase64String(result.Ciphertext)); } }
// [END kms_add_member_to_keyring_policy] // [START kms_encrypt] public static object Encrypt(string projectId, string location, string keyRing, string cryptoKeyName, string fileToEncrypt, string fileToOutput) { var cloudKms = CreateAuthorizedClient(); // Generate the full path of the crypto key to use for encryption. var cryptoKey = $"projects/{projectId}/locations/{location}/keyRings/{keyRing}/cryptoKeys/{cryptoKeyName}"; EncryptRequest dataToEncrypt = new EncryptRequest(); byte[] bytes = File.ReadAllBytes(fileToEncrypt); string contents = Convert.ToBase64String(bytes); dataToEncrypt.Plaintext = contents; Console.WriteLine($"dataToEncrypt.Plaintext: {dataToEncrypt.Plaintext}"); var result = cloudKms.Projects.Locations.KeyRings.CryptoKeys.Encrypt(body: dataToEncrypt, name: cryptoKey).Execute(); // Output encypted data to a file. File.WriteAllBytes(fileToOutput, Convert.FromBase64String(result.Ciphertext)); Console.Write($"Encypted file created: {fileToOutput}"); return(0); }
public string Encrypt(string textToEncrypt, string keyId) { try { var kmsClient = new AmazonKeyManagementServiceClient(_credentials, _region); var encryptRequest = new EncryptRequest { KeyId = keyId }; var textBytes = Encoding.UTF8.GetBytes(textToEncrypt); encryptRequest.Plaintext = new System.IO.MemoryStream(textBytes, 0, textBytes.Length); var response = kmsClient.EncryptAsync(encryptRequest); return(Convert.ToBase64String(response.Result.CiphertextBlob.ToArray())); } catch (Exception e) { Console.WriteLine(e); throw; } }
public void EncryptRequest() { // 128, 256, 512, and 1024. 1024 var request = new EncryptRequest { KeyId = "1", Plaintext = Encoding.UTF8.GetBytes("applesauce"), EncryptionContext = new JsonObject { { "user", "1" } } }; Assert.Equal( @"{ ""EncryptionContext"": { ""user"": ""1"" }, ""KeyId"": ""1"", ""Plaintext"": ""YXBwbGVzYXVjZQ=="" }", JsonObject.FromObject(request).ToString()); }
public async Task <ActionResult> Encrypt([FromBody] EncryptRequest body) { mAuditLogger.Information("Encryption request started, SourceIP: {sourceIp}, ServiceAccount: {sa}, Namespace: {namespace}", Request.HttpContext.Connection.RemoteIpAddress, body.SerivceAccountName, body.NamesapceName); var encryptedData = await mKeyManagement.Encrypt(body.Data, $"{body.NamesapceName}:{body.SerivceAccountName}"); if (body.SerivceAccountName == "default") { return(BadRequest("You cannot encrypt a secret for the default service account")); } mAuditLogger.Information("Encryption request succeeded, SourceIP: {sourceIp}, ServiceAccount: {serviceAccount}, Namesacpe: {namespace}", Request.HttpContext.Connection.RemoteIpAddress, body.SerivceAccountName, body.NamesapceName); return(Content(encryptedData)); }
private static async Task <string> Encrypt(KmsCryptoClient kmsCryptoClient, string keyId) { logger.Info("Encrypt"); string plainText = "I love .NET SDK!"; var plainTextBytes = System.Text.Encoding.UTF8.GetBytes(plainText); EncryptDataDetails encryptDataDetails = new EncryptDataDetails { KeyId = keyId, Plaintext = System.Convert.ToBase64String(plainTextBytes), LoggingContext = GetSampleLoggingContext() }; EncryptRequest encryptRequest = new EncryptRequest { EncryptDataDetails = encryptDataDetails }; EncryptResponse encryptResponse = await kmsCryptoClient.Encrypt(encryptRequest); logger.Info($"PlainText: {plainText}"); logger.Info($"CipherText: {encryptResponse.EncryptedData.Ciphertext}"); return(encryptResponse.EncryptedData.Ciphertext); }
public override void Encrypt(Google.ProtocolBuffers.IRpcController controller, EncryptRequest request, Action<NoData> done) { throw new NotImplementedException(); }
public override void Encrypt(IRpcController controller, EncryptRequest request, Action<NoData> done) { ProtoOutputBuffer.Write(request.GetType(), request.ToString()); }
public override void Encrypt(IRpcController controller, EncryptRequest request, Action<bnet.protocol.NoData> done) { throw new NotImplementedException(); }