public void ShouldEncryptFile() { var file = Guid.NewGuid().ToString(); File.WriteAllText(file, "MyPassword = \"ABC\""); var key = Guid.NewGuid().ToString(); var subject = new ConfigToolImplementation(new List <string> { file }, false, key, new List <string> { ".+Password.+" }); subject.Encrypt(); var table = Toml.Parse(File.ReadAllText(file)); var keeper = new SecretKeeper(key); Check.That(keeper.Decrypt(table.ToModel()["MyPassword"].ToString())) .IsEqualTo("ABC"); }
public void ShouldFailWithErrorOnCorruptedCypher() { var sc = new SecretKeeper(Security.GenerateKeyAsString()); Check.ThatCode(() => sc.Decrypt(Convert.ToBase64String(Encoding.UTF8.GetBytes("Not a cypher")))) .Throws <TomlConfigurationException>() .AndWhichMessage() .Contains("corrupted"); }
public void ShouldDecryptSecretWhenLoading() { var keeper = new SecretKeeper("KEY"); var instance = TomlConfig .FromString($"Password = \"{keeper.Encrypt("42")}\"") .WithMasterKey("KEY") .Read <ConfigWithSecret>(); Check.That(instance.Password).IsEqualTo("42"); }
/// <summary> /// Configure the dependency injection services /// </summary> private static IServiceProvider CreateServices() { return(new ServiceCollection() .AddFluentMigratorCore() .ConfigureRunner(rb => rb .AddPostgres() .WithGlobalConnectionString(SecretKeeper.GetConnectionString()) .ScanIn(typeof(Migration001_AddLogTable).Assembly).For.Migrations()) .AddLogging(lb => lb.AddFluentMigratorConsole()) .BuildServiceProvider(false)); }
public void ShouldDoSecretRoundTrip() { var sc = new SecretKeeper(Security.GenerateKeyAsString()); var iLovePink = "I love pink!"; var cypher = sc.Encrypt(iLovePink); Check.That(sc.Decrypt(cypher)) .IsEqualTo(iLovePink); }
private void VerifyValue(string cypherValue, string keyName) { var secretKeeper = new SecretKeeper(masterKey); try { secretKeeper.Decrypt(cypherValue); } catch (Exception ex) { Console.Error.WriteLine($"Failed to decrypt {keyName} from value '{cypherValue}' Error:" + ex.Message); } }
public void ShouldDecryptSecrets() { var key = Security.GenerateKeyAsString(); var secretKeeper = new SecretKeeper(key); var secret = "MyVerySecretPassword"; var instance = TomlConfig .FromString($"MyPassword = \"{secretKeeper.Encrypt(secret)}\"") .WithMasterKey(key) .Read <ConfigWithSecret>(); Check.That(instance.MyPassword) .IsEqualTo(secret); }
private bool DecryptValue(string cypherValue, out string clearValue) { var secretKeeper = new SecretKeeper(masterKey); if (secretKeeper.IsValidCypher(cypherValue, out var thumb, out _)) { secretKeeper.AssertSecretThumbnail(thumb); clearValue = secretKeeper.Decrypt(cypherValue); return(true); } clearValue = null; return(false); }
public void ShouldFailWithExceptionIfMasterKeyIsNotMatched() { var sc = new SecretKeeper(Security.GenerateKeyAsString()); var iLovePink = "I love pink!"; var cypher = sc.Encrypt(iLovePink); sc = new SecretKeeper(Security.GenerateKeyAsString()); Check.ThatCode(() => sc.Decrypt(cypher)) .Throws <TomlConfigurationException>() .AndWhichMessage() .Contains("thumbnail"); }
static void Main(string[] args) { if (args.Length == 2 && args[0] == "--secret" && args[1].StartsWith("server=")) { SecretKeeper.SaveConnectionString(args[1]); } if (!SecretKeeper.SecretExists()) { throw new Exception("Unable to proceed without secret.txt"); } var serviceProvider = CreateServices(); // Put the database update into a scope to ensure // that all resources will be disposed. using (var scope = serviceProvider.CreateScope()) { UpdateDatabase(scope.ServiceProvider); } }