public async Task <string> EncryptAsync(string initializationVector, string plainText) { var request = new EncryptRequest { Plaintext = Encoding.UTF8.GetBytes(plainText), InitializationVector = Encoding.UTF8.GetBytes(initializationVector) }; using (HttpClient httpClient = HttpClientHelper.GetHttpClient(this.workloadUri)) { var edgeletHttpClient = new HttpWorkloadClient(httpClient) { BaseUrl = HttpClientHelper.GetBaseUrl(this.workloadUri) }; EncryptResponse result = await this.Execute(() => edgeletHttpClient.EncryptAsync(this.apiVersion, this.moduleId, this.moduleGenerationId, request), "Encrypt"); return(Convert.ToBase64String(result.Ciphertext)); } }
public byte[] EncryptSymmetric( string projectId = "my-project", string locationId = "us-east1", string keyRingId = "my-key-ring", string keyId = "my-key", string message = "Sample message") { // Create the client. KeyManagementServiceClient client = KeyManagementServiceClient.Create(); // Build the key name. CryptoKeyName keyName = new CryptoKeyName(projectId, locationId, keyRingId, keyId); // Convert the message into bytes. Cryptographic plaintexts and // ciphertexts are always byte arrays. byte[] plaintext = Encoding.UTF8.GetBytes(message); // Call the API. EncryptResponse result = client.Encrypt(keyName, ByteString.CopyFrom(plaintext)); // Return the ciphertext. return(result.Ciphertext.ToByteArray()); }
private void TestEncryptKeyAndBuildResult() { byte[] encryptedKey = { 0, 1 }; EncryptResponse encryptResponse = new EncryptResponse { CiphertextBlob = new MemoryStream(encryptedKey) }; byte[] dataKeyPlainText = { 2, 3 }; amazonKeyManagementServiceClientMock .Setup(x => x.EncryptAsync(It.IsAny <EncryptRequest>(), It.IsAny <CancellationToken>())) .Returns(Task.FromResult(encryptResponse)); Option <JObject> actualResult = awsKeyManagementServiceImplSpy.Object.EncryptKeyAndBuildResult( amazonKeyManagementServiceClientMock.Object, preferredRegion, ArnUsWest1, dataKeyPlainText); Assert.Equal(preferredRegion, ((JObject)actualResult).GetValue(RegionKey).ToString()); Assert.Equal(ArnUsWest1, ((JObject)actualResult).GetValue(ArnKey).ToString()); Assert.Equal(encryptedKey, Convert.FromBase64String(((JObject)actualResult).GetValue(EncryptedKek).ToString())); }
private static async Task <string> Encrypt(KmsCryptoClient kmsCryptoClient, string keyId) { logger.Info("Encrypt"); string plainText = "I love .NET SDK!"; var plainTextBytes = System.Text.Encoding.UTF8.GetBytes(plainText); EncryptDataDetails encryptDataDetails = new EncryptDataDetails { KeyId = keyId, Plaintext = System.Convert.ToBase64String(plainTextBytes), LoggingContext = GetSampleLoggingContext() }; EncryptRequest encryptRequest = new EncryptRequest { EncryptDataDetails = encryptDataDetails }; EncryptResponse encryptResponse = await kmsCryptoClient.Encrypt(encryptRequest); logger.Info($"PlainText: {plainText}"); logger.Info($"CipherText: {encryptResponse.EncryptedData.Ciphertext}"); return(encryptResponse.EncryptedData.Ciphertext); }
public void ExpectEncryptToSucceed() { var myInputXml = new XElement(ElementName, "input"); byte[] myEncryptedData = Encoding.UTF8.GetBytes("encrypted"); var myBase64EncryptedData = Convert.ToBase64String(myEncryptedData); using (var encryptedResponseStream = new MemoryStream()) { encryptedResponseStream.Write(myEncryptedData, 0, myEncryptedData.Length); encryptedResponseStream.Seek(0, SeekOrigin.Begin); var encryptResponse = new EncryptResponse { KeyId = KeyId, CiphertextBlob = encryptedResponseStream }; encryptConfig.Setup(x => x.EncryptionContext).Returns(encryptionContext); encryptConfig.Setup(x => x.GrantTokens).Returns(grantTokens); encryptConfig.Setup(x => x.KeyId).Returns(KeyId); kmsClient.Setup(x => x.EncryptAsync(It.IsAny <EncryptRequest>(), CancellationToken.None)) .ReturnsAsync(encryptResponse) .Callback <EncryptRequest, CancellationToken>((er, ct) => { Assert.Same(encryptionContext, er.EncryptionContext); Assert.Same(grantTokens, er.GrantTokens); var body = XElement.Load(er.Plaintext); Assert.True(XNode.DeepEquals(myInputXml, body)); }); var encryptedXml = encryptor.Encrypt(myInputXml); Assert.Equal(typeof(KmsXmlDecryptor), encryptedXml.DecryptorType); var encryptedBlob = (string)encryptedXml.EncryptedElement.Element("value"); Assert.Equal(myBase64EncryptedData, encryptedBlob); } }
public override GenerateTokenResponse Query(GenerateTokenRequest request, IServiceRouter router, RequestContext context) { List <Token> tokens = new List <Token>(); foreach (var token in request.Tokens) { DateTime issued = _clock.GetCurrentInstant().ToDateTimeUtc(); string composite = $"prin:{token.PrincipalId : N}|issued:{issued : yyyyMMddHHmmss}|expire:{token.Expiration: yyyyMMddHHmmss}|type:{token.Type : G}"; byte[] bytes = Encoding.ASCII.GetBytes(composite); EncryptResponse response = router.Query <EncryptRequest, EncryptResponse>(new EncryptRequest() { Algorithm = request.Algorithm, ClearText = bytes, Key = request.Key }); Token newToken = new Token() { Data = Convert.ToBase64String(response.CipherText), Type = token.Type, Expiration = token.Expiration, Issued = issued, PrincipalId = token.PrincipalId }; tokens.Add(newToken); } return(new GenerateTokenResponse() { Tokens = tokens }); }
public void ExpectEncryptToSucceed(bool useAppId, bool hashAppId, string appId, string expectedAppId) { var myInputXml = new XElement(ElementName, "input"); byte[] myEncryptedData = Encoding.UTF8.GetBytes("encrypted"); var myBase64EncryptedData = Convert.ToBase64String(myEncryptedData); using (var encryptedResponseStream = new MemoryStream()) { encryptedResponseStream.Write(myEncryptedData, 0, myEncryptedData.Length); encryptedResponseStream.Seek(0, SeekOrigin.Begin); var encryptResponse = new EncryptResponse { KeyId = KeyId, CiphertextBlob = encryptedResponseStream }; var actualConfig = new KmsXmlEncryptorConfig { EncryptionContext = encryptionContext, GrantTokens = grantTokens, KeyId = KeyId, DiscriminatorAsContext = useAppId, HashDiscriminatorContext = hashAppId }; var actualOptions = new DataProtectionOptions { ApplicationDiscriminator = appId }; encryptConfig.Setup(x => x.Value).Returns(actualConfig); dpOptions.Setup(x => x.Value).Returns(actualOptions); kmsClient.Setup(x => x.EncryptAsync(It.IsAny <EncryptRequest>(), CancellationToken.None)) .ReturnsAsync(encryptResponse) .Callback <EncryptRequest, CancellationToken>((er, ct) => { if (appId != null && useAppId) { Assert.Contains(KmsConstants.ApplicationEncryptionContextKey, er.EncryptionContext.Keys); Assert.Equal(expectedAppId, er.EncryptionContext[KmsConstants.ApplicationEncryptionContextKey]); } else { Assert.Same(encryptionContext, er.EncryptionContext); } Assert.Same(grantTokens, er.GrantTokens); var body = XElement.Load(er.Plaintext); Assert.True(XNode.DeepEquals(myInputXml, body)); }); var encryptedXml = encryptor.Encrypt(myInputXml); Assert.Equal(typeof(KmsXmlDecryptor), encryptedXml.DecryptorType); var encryptedBlob = (string)encryptedXml.EncryptedElement.Element("value"); Assert.Equal(myBase64EncryptedData, encryptedBlob); } }