public void TestKeysFromBase64()
{
AsymmetricCipherKeyPair expectedPrivate;
using (var reader = File.OpenText(@"encrypterTests/privatekey2.pem")) // file containing RSA PKCS1 private key
{
expectedPrivate = (AsymmetricCipherKeyPair) new PemReader(reader).ReadObject();
}
AsymmetricCipherKeyPair actualPrivate = X509AsymmetricEncrypter.PrivateBase64KeyToACKP("MIIEpAIBAAKCAQEAydkev6usDL3Bc8nf5olqLlVXCYTRNYoTeUiTD/+CDynW+dU4redtTEkHy4YHJ0CAK82thV7DtAw52dR7/q/5/ZuvZzwtz30L+qhZSHKleTu7xxQrRhY2Tbrldxd1zbUbAjBHL4EUTbASTmojKCXEvG1U+jYRhfoCX8KRW/2AfhmQtvHmEVomRFUFy2tC5i6oS5l7YzM0j4hPQSj6FyWGLDHrLQ61kx8VTEdt6nH9Gr5S5DMUWyuscXwNJe6LK8WJNUwszI/MYwl4AFLVVy1w3DdL2UFuwyaZHLu5Tmn18Sx3yZWB0KUE3jwZ9q1v1zo05qcYJ8NbxdWZwygRE8tsHQIDAQABAoIBABP5JR7ISQUVvc/MWRiB3nzpOuyZNO58VEL7GHpLyT3g4QHlxG8I6HrU+y17fLe4nTY4awQ4hVsKnqrcaMyh8zXSMwAfJ1VRxV6vS+5sUc12SLWBXGraBdOZO92V97U8R4jm6BReTHkHhDg4LnRpkFco5nC/6un7/EIniaS1qAJSLk9NT3O+Nj7l+KTq3IVm9fDHnjEh+tmqTpJDWZZdyhTXZic2kD548Y1MeKDkH5n29/olmbz3n8aaNgf8MwEqjgurluMtkpE+UKB3TLDYZ2Im7kHyrD65vMuEcddkS8PT3l/vddt2dN6MHn4cTRsBOPF5k1CTglzVYd0R8TFZK00CgYEA5a98QQXlz7ZeV2dF1cBsRyYMyHSusK1gHHRUvyletRLe9Z//gnE/4a67B5YJ/UTDZgf7W5pH8v1ifBdY5rK54sWF4uPnupWUcsS0zM6Lxc7NreK08HR//yqiBeFKLZO1aBrSIcemG0T0801Fn2XgeLz+FQvwFEDu/ZKOuJnYsxcCgYEA4PkvMLUsfiTzG2NWM3aMDCBRF3x3LE0C9qf2OYTV1uB/4fyCsAg0jBIopcC8xhRUTPCGXKJcSxwmBBTaIhwO4Phf/DC4lJfGWHTSDl7SsB9wyRNKNL+NUPwJ75f9RlPEvdFZtPNPqqyfGfEFyZn1RXihcOyUb7s6vqx7QTa06usCgYEAxF+k/HLuaQii4FeLfZVm/e2qQDiCosuYwLs1ObtFHctklNyWuA/bbjjV70Z4g/GmnjV00ny1xyqcaTwM5jEofJokPjhch0ocAYPskK6HEjgd4e1ShcMVLDRnEl/r68u97aQAxKDNg8MRKnOGcyHHKXNsSNJMEQTzUBldrLbcb0ECgYEAn4f0L7z5rQX0ooJBmULCMsMj3dy0AWUm6dPXJZiNrs8JwC24Wq2m3YDu9AMFmgzGbrzM+pljixuN1a0XtcJhxqQ6JHJEIZKy4v0MC4awLpZM+zlDkL4YrsnbHdyQjLNQOy5eR5OV9bhtJg8lBH25UKcnDBWneMey840J5geuKTsCgYBg4g2cz7OH+lQMlc/xECl0h4hPDV4V1R7oL1VH/qmMeeHe0rCx7/a8sAWjWVNQal/8R3dT/7/Ct6SPIc2WJ0UG/robSw0Ii/YG9iLYImF0IdHgPGxvjjmRvfxrToeWvTlzaStH4MLNPB6TRi18mlS5WUaNQcOQGDh4jypmhlic+Q==");
Assert.AreEqual(expectedPrivate.Private, actualPrivate.Private);
}
public void TestBOEncryption()
{
//hubnet.StaticLogger.Logger = new Microsoft.Extensions.Logging.Debug.DebugLogger("Testlogger", (log, level) => { return true; });
string[] files = Directory.GetFiles($"encrypterTests/bo/", "*.json"); //
foreach (string testFile in files)
{
JObject json;
using (StreamReader r = new StreamReader(testFile))
{
string jsonString = r.ReadToEnd();
json = JsonConvert.DeserializeObject <JObject>(jsonString);
}
Assert.IsNotNull(json, $"The content of file {testFile} seems to be no valid JSON.");
string boType = (string)json["boTyp"];
Assert.IsNotNull(boType, $"The JSON content of file {testFile} is missing the obligatory 'boTyp' attribute.");
BusinessObject bo = BO4E.BoMapper.MapObject(boType, json);
Assert.IsNotNull(bo, $"The business object in file {testFile} is not a valid BO4E.");
/******* symmetric test ******/
byte[] symkey = SecretBox.GenerateKey();
string symkeyString = Convert.ToBase64String(symkey);
EncryptedObject eo;
using (SymmetricEncrypter se0 = new SymmetricEncrypter(symkey))
{
eo = se0.Encrypt(bo, "Associated");
}
BusinessObject boDecrypted;
using (SymmetricEncrypter se1 = new SymmetricEncrypter(symkeyString))
{
boDecrypted = se1.Decrypt(eo);
}
string expectedString = JsonConvert.SerializeObject(bo);
string actualString = JsonConvert.SerializeObject(boDecrypted);
Assert.AreEqual(expectedString, actualString, "Original and encrypted->decrypted object do not match!");
/******* asymmetric test ******/
var asykeyPairSender = PublicKeyBox.GenerateKeyPair();
var asykeyPairRecipient = PublicKeyBox.GenerateKeyPair();
using (AsymmetricEncrypter asyenc = new AsymmetricEncrypter(asykeyPairSender))
{
eo = asyenc.Encrypt(bo, Convert.ToBase64String(asykeyPairRecipient.PublicKey));
}
using (AsymmetricEncrypter asydec = new AsymmetricEncrypter(asykeyPairRecipient.PrivateKey))
{
boDecrypted = asydec.Decrypt(eo);
}
expectedString = JsonConvert.SerializeObject(bo);
actualString = JsonConvert.SerializeObject(boDecrypted);
Assert.AreEqual(expectedString, actualString, "Original and encrypted->decrypted object do not match!");
/******* X509 + RSA test ******/
// encrypt (without needing a private key)
X509Certificate2 x509certPubl = new X509Certificate2(X509Certificate2.CreateFromCertFile("encrypterTests/publickey.cer"));
using (X509AsymmetricEncrypter xasyEnc = new X509AsymmetricEncrypter(x509certPubl))// encrypter needs no private key!
{
eo = xasyEnc.Encrypt(bo);
}
// decrypt (using a private key)
AsymmetricCipherKeyPair keyPair;
using (var reader = File.OpenText(@"encrypterTests/privatekey.pem")) // file containing RSA PKCS1 private key
{
keyPair = (AsymmetricCipherKeyPair) new PemReader(reader).ReadObject();
}
// openssl genrsa -out privatekey.pem 2048
// openssl req -new -x509 -key privatekey.pem -out publickey.cer -days 3650
using (X509AsymmetricEncrypter xasydec = new X509AsymmetricEncrypter(keyPair.Private))
{
boDecrypted = xasydec.Decrypt(eo);
}
expectedString = JsonConvert.SerializeObject(bo);
actualString = JsonConvert.SerializeObject(boDecrypted);
Assert.IsTrue(expectedString == actualString, "Original and encrypted->decrypted object do not match!");
/********** X509 + RSA multiple recipients *******/
X509Certificate2 x509certPubl2 = new X509Certificate2(X509Certificate2.CreateFromCertFile("encrypterTests/publickey2.cer"));
EncryptedObject eoMultiple;
using (X509AsymmetricEncrypter xasyEncMultiple = new X509AsymmetricEncrypter(new HashSet <X509Certificate2> {
x509certPubl, x509certPubl2
})) // encrypter needs not private key!
{
eoMultiple = xasyEncMultiple.Encrypt(bo);
}
// decrypt (using both private keys)
AsymmetricCipherKeyPair keyPair2;
using (var reader = File.OpenText(@"encrypterTests/privatekey2.pem")) // file containing RSA PKCS1 private key
{
keyPair2 = (AsymmetricCipherKeyPair) new PemReader(reader).ReadObject();
}
using (X509AsymmetricEncrypter xasydecMultiple = new X509AsymmetricEncrypter(keyPair.Private))
{
using X509AsymmetricEncrypter xasydecMultiple2 = new X509AsymmetricEncrypter(keyPair2.Private);
boDecrypted = xasydecMultiple.Decrypt(eoMultiple);
BusinessObject boDecrypted2 = xasydecMultiple2.Decrypt(eoMultiple);
string actualString2 = JsonConvert.SerializeObject(boDecrypted2);
Assert.AreEqual(expectedString, actualString2, "Original and encrypted->decrypted object do not match!");
}
expectedString = JsonConvert.SerializeObject(bo);
actualString = JsonConvert.SerializeObject(boDecrypted);
Assert.AreEqual(expectedString, actualString, "Original and encrypted->decrypted object do not match!");
}
}
