public void SecureFile_Stream_LargeContent() { string privateKey = AsymmetricCrypto.CreatePrivateKey(CryptoAlgorithm.RSA, 1024); string publicKey = AsymmetricCrypto.GetPublicKey(CryptoAlgorithm.RSA, privateKey); EnhancedMemoryStream original = new EnhancedMemoryStream(); EnhancedMemoryStream encrypted = new EnhancedMemoryStream(); EnhancedMemoryStream decrypted = new EnhancedMemoryStream(); SecureFile secure = null; for (int i = 0; i < 128000; i++) { original.WriteByte((byte)i); } secure = new SecureFile(original, SecureFileMode.Encrypt, publicKey); original.Position = 0; secure.EncryptTo(encrypted, CryptoAlgorithm.AES, 256); secure.Close(); secure = null; encrypted.Position = 0; secure = new SecureFile(encrypted, SecureFileMode.Decrypt, privateKey); secure.DecryptTo(decrypted); secure.Close(); secure = null; original.Position = 0; encrypted.Position = 0; CollectionAssert.AreNotEqual(original.ReadBytesToEnd(), encrypted.ReadBytesToEnd()); original.Position = 0; decrypted.Position = 0; CollectionAssert.AreEqual(original.ReadBytesToEnd(), decrypted.ReadBytesToEnd()); }
public void AuthServiceMsgs_Msg_AuthMsgAndAck() { EnhancedStream es = new EnhancedMemoryStream(); AuthMsg authMsgIn, authMsgOut; AuthAck authAckIn, authAckOut; string rsaKey = AsymmetricCrypto.CreatePrivateKey(CryptoAlgorithm.RSA, 1024); SymmetricKey saClient, saServer; string r, a, p; AuthenticationResult authResult; authMsgOut = new AuthMsg(AuthMsg.EncryptCredentials(rsaKey, "realm", "account", "password", out saClient)); Msg.Save(es, authMsgOut); es.Position = 0; authMsgIn = (AuthMsg)Msg.Load(es); AuthMsg.DecryptCredentials(rsaKey, authMsgIn.EncryptedCredentials, out r, out a, out p, out saServer); Assert.AreEqual("realm", r); Assert.AreEqual("account", a); Assert.AreEqual("password", p); authAckOut = new AuthAck(AuthAck.EncryptResult(saServer, new AuthenticationResult(AuthenticationStatus.Authenticated, "Test", TimeSpan.FromMinutes(25)))); es.SetLength(0); Msg.Save(es, authAckOut); es.Position = 0; authAckIn = (AuthAck)Msg.Load(es); authResult = AuthAck.DecryptResult(saClient, authAckIn.EncryptedResult); }
public void SecureFile_Stream_Validate() { string privateKey = AsymmetricCrypto.CreatePrivateKey(CryptoAlgorithm.RSA, 1024); string publicKey = AsymmetricCrypto.GetPublicKey(CryptoAlgorithm.RSA, privateKey); EnhancedMemoryStream original = new EnhancedMemoryStream(); EnhancedMemoryStream encrypted = new EnhancedMemoryStream(); SecureFile secure = null; byte b; for (int i = 0; i < 100; i++) { original.WriteByte((byte)i); } secure = new SecureFile(original, SecureFileMode.Encrypt, publicKey); original.Position = 0; secure.EncryptTo(encrypted, CryptoAlgorithm.AES, 256); secure.Close(); secure = null; encrypted.Position = 0; Assert.IsTrue(SecureFile.Validate(encrypted, privateKey)); encrypted.Position = encrypted.Length - 1; b = (byte)encrypted.ReadByte(); encrypted.Position = encrypted.Length - 1; encrypted.WriteByte((byte)(~b)); encrypted.Position = 0; Assert.IsFalse(SecureFile.Validate(encrypted, privateKey)); }
public void SecureData_Asymmetric() { string privateKey = AsymmetricCrypto.CreatePrivateKey(CryptoAlgorithm.RSA, 1024); string publicKey = AsymmetricCrypto.GetPublicKey(CryptoAlgorithm.RSA, privateKey); byte[] plainText; byte[] cipherText; plainText = new byte[] { 0, 1, 2, 3 }; cipherText = SecureData.Encrypt(publicKey, plainText, CryptoAlgorithm.AES, 256); CollectionAssert.AreNotEqual(plainText, cipherText); CollectionAssert.AreEqual(plainText, SecureData.Decrypt(privateKey, cipherText)); plainText = new byte[] { 0, 1, 2, 3 }; cipherText = SecureData.Encrypt(publicKey, plainText, CryptoAlgorithm.AES, 256, 1000); Assert.IsTrue(cipherText.Length >= 1000); plainText = new byte[0]; cipherText = SecureData.Encrypt(publicKey, plainText, CryptoAlgorithm.AES, 256); CollectionAssert.AreNotEqual(plainText, cipherText); CollectionAssert.AreEqual(plainText, SecureData.Decrypt(privateKey, cipherText)); plainText = new byte[2000000]; for (int i = 0; i < plainText.Length; i++) { plainText[i] = (byte)i; } cipherText = SecureData.Encrypt(publicKey, plainText, CryptoAlgorithm.AES, 256); CollectionAssert.AreNotEqual(plainText, cipherText); CollectionAssert.AreEqual(plainText, SecureData.Decrypt(privateKey, cipherText)); }
public void SecureFile_Stream_NoContent() { string privateKey = AsymmetricCrypto.CreatePrivateKey(CryptoAlgorithm.RSA, 1024); string publicKey = AsymmetricCrypto.GetPublicKey(CryptoAlgorithm.RSA, privateKey); EnhancedMemoryStream original = new EnhancedMemoryStream(); EnhancedMemoryStream encrypted = new EnhancedMemoryStream(); EnhancedMemoryStream decrypted = new EnhancedMemoryStream(); SecureFile secure = null; secure = new SecureFile(original, SecureFileMode.Encrypt, publicKey); original.Position = 0; secure.EncryptTo(encrypted, CryptoAlgorithm.AES, 256); secure.Close(); secure = null; original.Position = 0; encrypted.Position = 0; Assert.AreNotEqual(original.ReadBytesToEnd(), encrypted.ReadBytesToEnd()); encrypted.Position = 0; secure = new SecureFile(encrypted, SecureFileMode.Decrypt, privateKey); secure.DecryptTo(decrypted); secure.Close(); secure = null; Assert.AreEqual(0, decrypted.Length); }
public void AsymmetricCrypto_EncryptedCredentials() { string privateKey = AsymmetricCrypto.CreatePrivateKey(CryptoAlgorithm.RSA, 1024); string publicKey = AsymmetricCrypto.GetPublicKey(CryptoAlgorithm.RSA, privateKey); Credentials credentials; byte[] encrypted; credentials = new Credentials("realm", "user", "password"); encrypted = AsymmetricCrypto.EncryptCredentials(credentials, "RSA", publicKey); credentials = AsymmetricCrypto.DecryptCredentials(encrypted, "RSA", privateKey); Assert.AreEqual("realm", credentials.Realm); Assert.AreEqual("user", credentials.Account); Assert.AreEqual("password", credentials.Password); // Force a security failure by decrypting with the wrong key ExtendedAssert.Throws <SecurityException>( () => { privateKey = AsymmetricCrypto.CreatePrivateKey(CryptoAlgorithm.RSA, 1024); AsymmetricCrypto.DecryptCredentials(encrypted, "RSA", privateKey); }); // Force a security failure by tampering with the encrypted credentials ExtendedAssert.Throws <SecurityException>( () => { encrypted[4] = (byte)~encrypted[4]; AsymmetricCrypto.DecryptCredentials(encrypted, "RSA", privateKey); }); }
public void AsymmetricCrypto_IsXmlPublicKey() { string privateKey = AsymmetricCrypto.CreatePrivateKey(CryptoAlgorithm.RSA, 1024); string publicKey = AsymmetricCrypto.GetPublicKey(CryptoAlgorithm.RSA, privateKey); Assert.IsFalse(AsymmetricCrypto.IsXmlPublicKey(CryptoAlgorithm.RSA, privateKey)); Assert.IsTrue(AsymmetricCrypto.IsXmlPublicKey(CryptoAlgorithm.RSA, publicKey)); Assert.IsFalse(AsymmetricCrypto.IsXmlPublicKey(CryptoAlgorithm.RSA, "hello")); }
public void SecureFile_File_Validate() { string originalName = Path.GetTempFileName(); string encryptName = Path.GetTempFileName(); string privateKey = AsymmetricCrypto.CreatePrivateKey(CryptoAlgorithm.RSA, 1024); string publicKey = AsymmetricCrypto.GetPublicKey(CryptoAlgorithm.RSA, privateKey); EnhancedStream original = null; EnhancedStream encrypted = null; SecureFile secure = null; byte b; try { original = new EnhancedFileStream(originalName, FileMode.Create, FileAccess.ReadWrite); for (int i = 0; i < 100; i++) { original.WriteByte((byte)i); } original.Close(); original = null; secure = new SecureFile(originalName, SecureFileMode.Encrypt, publicKey); secure.EncryptTo(encryptName, CryptoAlgorithm.AES, 256); secure.Close(); secure = null; Assert.IsTrue(SecureFile.Validate(encryptName, privateKey)); encrypted = new EnhancedFileStream(encryptName, FileMode.Open, FileAccess.ReadWrite); encrypted.Position = encrypted.Length - 1; b = (byte)encrypted.ReadByte(); encrypted.Position = encrypted.Length - 1; encrypted.WriteByte((byte)(~b)); encrypted.Close(); Assert.IsFalse(SecureFile.Validate(encryptName, privateKey)); } finally { if (original != null) { original.Close(); } if (encrypted != null) { encrypted.Close(); } System.IO.File.Delete(originalName); System.IO.File.Delete(encryptName); } }
public void AsymmetricCrypto_KeyEquality() { string key; key = AsymmetricCrypto.CreatePrivateKey(CryptoAlgorithm.RSA, 1024); Assert.IsTrue(AsymmetricCrypto.KeyEquality(CryptoAlgorithm.RSA, key, key)); Assert.IsTrue(AsymmetricCrypto.KeyEquality(CryptoAlgorithm.RSA, key, " \t\r\n" + key + " \t\r\n")); Assert.IsTrue(AsymmetricCrypto.KeyEquality(CryptoAlgorithm.RSA, key, key.Replace("<Modulus>", " \t<Modulus>\r\n"))); Assert.IsFalse(AsymmetricCrypto.KeyEquality(CryptoAlgorithm.RSA, key, AsymmetricCrypto.CreatePrivateKey(CryptoAlgorithm.RSA, 1024))); Assert.IsFalse(AsymmetricCrypto.KeyEquality(CryptoAlgorithm.RSA, key, AsymmetricCrypto.GetPublicKey(CryptoAlgorithm.RSA, key))); }
public void AuthServiceMsgs_Msg_GetPublicKeyAck() { EnhancedStream es = new EnhancedMemoryStream(); string rsaKey = AsymmetricCrypto.CreatePrivateKey(CryptoAlgorithm.RSA, 1024); GetPublicKeyAck msgIn, msgOut; msgOut = new GetPublicKeyAck(rsaKey, Helper.MachineName, IPAddress.Parse("10.20.30.40")); Msg.Save(es, msgOut); es.Position = 0; msgIn = (GetPublicKeyAck)Msg.Load(es); Assert.AreEqual(rsaKey, msgIn.PublicKey); Assert.AreEqual(Helper.MachineName, msgIn.MachineName); Assert.AreEqual(IPAddress.Parse("10.20.30.40"), msgIn.Address); }
public void AsymmetricCrypto_ValidateKey() { string privateKey; string publicKey; privateKey = AsymmetricCrypto.CreatePrivateKey(CryptoAlgorithm.RSA, 1024); publicKey = AsymmetricCrypto.GetPublicKey(CryptoAlgorithm.RSA, privateKey); Assert.IsTrue(AsymmetricCrypto.IsValidKey(CryptoAlgorithm.RSA, privateKey)); Assert.IsTrue(AsymmetricCrypto.IsValidKey(CryptoAlgorithm.RSA, publicKey)); Assert.IsTrue(AsymmetricCrypto.IsXmlKey(CryptoAlgorithm.RSA, privateKey)); Assert.IsTrue(AsymmetricCrypto.IsXmlKey(CryptoAlgorithm.RSA, publicKey)); Assert.IsFalse(AsymmetricCrypto.IsXmlKey(CryptoAlgorithm.RSA, KeyContainer)); Assert.IsFalse(AsymmetricCrypto.IsValidKey(CryptoAlgorithm.RSA, string.Empty)); Assert.IsFalse(AsymmetricCrypto.IsValidKey(CryptoAlgorithm.RSA, "xxxx > << ")); }
private static int GenKey(string algorithm, string sKeySize) { int keySize; if (!int.TryParse(sKeySize, out keySize) || keySize <= 0) { Program.Output("key size must be >= 0"); return(1); } switch (algorithm.ToUpper()) { case CryptoAlgorithm.RC2: case CryptoAlgorithm.DES: case CryptoAlgorithm.TripleDES: case CryptoAlgorithm.AES: SymmetricKey key = Crypto.GenerateSymmetricKey(algorithm, keySize); Program.Output(""); Program.Output("SymKey {0}\r\n", key.ToString()); Program.Output("KEY: {0}\r\n", Helper.ToHex(key.Key)); Program.Output("IV: {0}\r\n", Helper.ToHex(key.IV)); return(0); case CryptoAlgorithm.RSA: string privateKey; string publicKey; privateKey = AsymmetricCrypto.CreatePrivateKey(algorithm, keySize); publicKey = AsymmetricCrypto.GetPublicKey(algorithm, privateKey); Program.Output(""); Program.Output("PRIVATE KEY :\r\n\r\n{0}\r\n", privateKey); Program.Output("PUBLIC KEY:\r\n\r\n{0}\r\n", publicKey); return(0); default: Program.Error("[{0}] is not a supported encryption algorithm.", algorithm); return(1); } }
public void SecureFile_Stream_BadHash() { string privateKey = AsymmetricCrypto.CreatePrivateKey(CryptoAlgorithm.RSA, 1024); string publicKey = AsymmetricCrypto.GetPublicKey(CryptoAlgorithm.RSA, privateKey); EnhancedMemoryStream original = new EnhancedMemoryStream(); EnhancedMemoryStream encrypted = new EnhancedMemoryStream(); EnhancedMemoryStream decrypted = new EnhancedMemoryStream(); SecureFile secure = null; byte b; for (int i = 0; i < 100; i++) { original.WriteByte((byte)i); } secure = new SecureFile(original, SecureFileMode.Encrypt, publicKey); original.Position = 0; secure.EncryptTo(encrypted, CryptoAlgorithm.AES, 256); secure.Close(); secure = null; // Munge the last byte of the hash digest and then // confirm the this is detected encrypted.Position = encrypted.Length - 1; b = (byte)encrypted.ReadByte(); encrypted.Position = encrypted.Length - 1; encrypted.WriteByte((byte)(~b)); encrypted.Position = 0; secure = new SecureFile(encrypted, SecureFileMode.Decrypt, privateKey); try { secure.DecryptTo(decrypted); Assert.Fail("Corrupt hash digest not detected."); } catch { // Expecting an exception } }
public void KeyChain_Basic() { string privateKey1 = AsymmetricCrypto.CreatePrivateKey(CryptoAlgorithm.RSA, 1024); string publicKey1 = AsymmetricCrypto.GetPublicKey(CryptoAlgorithm.RSA, privateKey1); string privateKey2 = AsymmetricCrypto.CreatePrivateKey(CryptoAlgorithm.RSA, 1024); string publicKey2 = AsymmetricCrypto.GetPublicKey(CryptoAlgorithm.RSA, privateKey2); KeyChain keyChain = new KeyChain(); ExtendedAssert.Throws <CryptographicException>( () => { keyChain.GetPrivateKey(publicKey1); }); keyChain.Add(privateKey1); keyChain.Add(privateKey2); Assert.AreEqual(privateKey1, keyChain.GetPrivateKey(publicKey1)); Assert.AreEqual(privateKey2, keyChain.GetPrivateKey(publicKey2)); }
public void SecureFile_Stream_Metadata() { string privateKey = AsymmetricCrypto.CreatePrivateKey(CryptoAlgorithm.RSA, 1024); string publicKey = AsymmetricCrypto.GetPublicKey(CryptoAlgorithm.RSA, privateKey); EnhancedMemoryStream original = new EnhancedMemoryStream(); EnhancedMemoryStream encrypted = new EnhancedMemoryStream(); EnhancedMemoryStream decrypted = new EnhancedMemoryStream(); SecureFile secure = null; DateTime createTime = Helper.UtcNowRounded - TimeSpan.FromMinutes(1); DateTime writeTime = Helper.UtcNowRounded; secure = new SecureFile(original, SecureFileMode.Encrypt, publicKey); secure.Properties["Foo"] = "Bar"; secure.Properties["Hello"] = "World"; secure.FileName = "Test.dat"; secure.FullPath = "c:\\test\\test.dat"; secure.CreateTimeUtc = createTime; secure.WriteTimeUtc = writeTime; original.Position = 0; secure.EncryptTo(encrypted, CryptoAlgorithm.AES, 256); secure.Close(); secure = null; original.Position = 0; encrypted.Position = 0; Assert.AreNotEqual(original.ReadBytesToEnd(), encrypted.ReadBytesToEnd()); encrypted.Position = 0; secure = new SecureFile(encrypted, SecureFileMode.Decrypt, privateKey); secure.DecryptTo(decrypted); Assert.AreEqual("Bar", secure.Properties["Foo"]); Assert.AreEqual("World", secure.Properties["Hello"]); Assert.AreEqual("Test.dat", secure.FileName); Assert.AreEqual("c:\\test\\test.dat", secure.FullPath); Assert.AreEqual(createTime, secure.CreateTimeUtc); Assert.AreEqual(writeTime, secure.WriteTimeUtc); secure.Close(); secure = null; Assert.AreEqual(0, decrypted.Length); }
public void AsymmetricCrypto_RsaEncryption() { string privateKey; string publicKey; byte[] plainText = new byte[] { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19 }; byte[] encrypted; byte[] decrypted; try { privateKey = AsymmetricCrypto.CreatePrivateKey(CryptoAlgorithm.RSA, 1024); publicKey = AsymmetricCrypto.GetPublicKey(CryptoAlgorithm.RSA, privateKey); encrypted = AsymmetricCrypto.Encrypt(CryptoAlgorithm.RSA, publicKey, plainText); CollectionAssert.AreNotEqual(encrypted, plainText); decrypted = AsymmetricCrypto.Decrypt(CryptoAlgorithm.RSA, privateKey, encrypted); CollectionAssert.AreEqual(plainText, decrypted); encrypted = AsymmetricCrypto.Encrypt(CryptoAlgorithm.RSA, privateKey, plainText); Assert.AreNotEqual(encrypted, plainText); decrypted = AsymmetricCrypto.Decrypt(CryptoAlgorithm.RSA, privateKey, encrypted); CollectionAssert.AreEqual(plainText, decrypted); AsymmetricCrypto.SaveKey(CryptoAlgorithm.RSA, KeyContainer, null, privateKey); encrypted = AsymmetricCrypto.Encrypt(CryptoAlgorithm.RSA, KeyContainer, plainText); CollectionAssert.AreNotEqual(encrypted, plainText); decrypted = AsymmetricCrypto.Decrypt(CryptoAlgorithm.RSA, KeyContainer, encrypted); CollectionAssert.AreEqual(plainText, decrypted); encrypted = AsymmetricCrypto.Encrypt(CryptoAlgorithm.RSA, KeyContainer, plainText); CollectionAssert.AreNotEqual(encrypted, plainText); decrypted = AsymmetricCrypto.Decrypt(CryptoAlgorithm.RSA, KeyContainer, encrypted); CollectionAssert.AreEqual(plainText, decrypted); } finally { AsymmetricCrypto.DeleteKey(CryptoAlgorithm.RSA, KeyContainer, null); } }
public void SecureData_Symmetric() { string privateKey = AsymmetricCrypto.CreatePrivateKey(CryptoAlgorithm.RSA, 1024); string publicKey = AsymmetricCrypto.GetPublicKey(CryptoAlgorithm.RSA, privateKey); SymmetricKey argsEncrypt; SymmetricKey argsDecrypt; byte[] asymPlain; byte[] asymCipher; byte[] symPlain; byte[] symCipher; asymPlain = new byte[] { 0, 1, 2, 3 }; asymCipher = SecureData.Encrypt(publicKey, asymPlain, CryptoAlgorithm.AES, 256, 1000, out argsEncrypt); CollectionAssert.AreEqual(asymPlain, SecureData.Decrypt(privateKey, asymCipher, out argsDecrypt)); symPlain = new byte[] { 10, 20, 30, 40 }; symCipher = SecureData.Encrypt(argsEncrypt, symPlain, 100); Assert.IsTrue(symCipher.Length >= 100); CollectionAssert.AreEqual(symPlain, SecureData.Decrypt(argsDecrypt, symCipher)); }
public void KeyChain_Encrypt() { string privateKey1 = AsymmetricCrypto.CreatePrivateKey(CryptoAlgorithm.RSA, 1024); string publicKey1 = AsymmetricCrypto.GetPublicKey(CryptoAlgorithm.RSA, privateKey1); string privateKey2 = AsymmetricCrypto.CreatePrivateKey(CryptoAlgorithm.RSA, 1024); string publicKey2 = AsymmetricCrypto.GetPublicKey(CryptoAlgorithm.RSA, privateKey2); KeyChain keyChain = new KeyChain(); SymmetricKey key = Crypto.GenerateSymmetricKey(); byte[] encrypted; keyChain.Add(privateKey1); keyChain.Add(privateKey2); encrypted = keyChain.Encrypt(key); keyChain = new KeyChain(key, encrypted); Assert.AreEqual(2, keyChain.Count); Assert.AreEqual(privateKey1, keyChain.GetPrivateKey(publicKey1)); Assert.AreEqual(privateKey2, keyChain.GetPrivateKey(publicKey2)); }
public void SecureFile_Stream_GetPublicKey() { string privateKey = AsymmetricCrypto.CreatePrivateKey(CryptoAlgorithm.RSA, 1024); string publicKey = AsymmetricCrypto.GetPublicKey(CryptoAlgorithm.RSA, privateKey); EnhancedMemoryStream original = new EnhancedMemoryStream(); EnhancedMemoryStream encrypted = new EnhancedMemoryStream(); SecureFile secure = null; for (int i = 0; i < 100; i++) { original.WriteByte((byte)i); } // Verify that the public key is saved when requested (the default) secure = new SecureFile(original, SecureFileMode.Encrypt, publicKey); Assert.IsTrue(secure.SavePublicKey); Assert.AreEqual(publicKey, secure.PublicKey); original.Position = 0; secure.EncryptTo(encrypted, CryptoAlgorithm.AES, 256); secure.Close(); secure = null; encrypted.Position = 0; Assert.AreEqual(publicKey, SecureFile.GetPublicKey(encrypted)); // Verify that the public key is not saved if SavePublicKey=false encrypted.SetLength(0); secure = new SecureFile(original, SecureFileMode.Encrypt, publicKey); secure.SavePublicKey = false; original.Position = 0; secure.EncryptTo(encrypted, CryptoAlgorithm.AES, 256); secure.Close(); secure = null; encrypted.Position = 0; Assert.IsNull(SecureFile.GetPublicKey(encrypted)); }
public void AuthServiceMsgs_Msg_SourceCredentials() { EnhancedStream es = new EnhancedMemoryStream(); Guid sourceID = Helper.NewGuid(); string rsaKey = AsymmetricCrypto.CreatePrivateKey(CryptoAlgorithm.RSA, 1024); SourceCredentialsMsg msgIn, msgOut; string r, a, p; msgOut = new SourceCredentialsMsg(sourceID, SourceCredentialsMsg.EncryptCredentials(rsaKey, "realm", "account", "password"), TimeSpan.FromMinutes(2)); Msg.Save(es, msgOut); es.Position = 0; msgIn = (SourceCredentialsMsg)Msg.Load(es); Assert.AreEqual(sourceID, msgIn.SourceID); Assert.AreEqual(TimeSpan.FromMinutes(2), msgIn.TTL); SourceCredentialsMsg.DecryptCredentials(rsaKey, msgIn.EncryptedCredentials, out r, out a, out p); Assert.AreEqual("realm", r); Assert.AreEqual("account", a); Assert.AreEqual("password", p); }
public void AsymmetricCrypto_RsaKeys() { string privateKey; string publicKey; try { privateKey = AsymmetricCrypto.CreatePrivateKey(CryptoAlgorithm.RSA, 1024); Assert.IsNotNull(privateKey); publicKey = AsymmetricCrypto.GetPublicKey(CryptoAlgorithm.RSA, privateKey); Assert.IsNotNull(publicKey); Assert.IsTrue(privateKey.Length > publicKey.Length); AsymmetricCrypto.SaveKey(CryptoAlgorithm.RSA, KeyContainer, null, privateKey); Assert.AreEqual(privateKey, AsymmetricCrypto.LoadPrivateKey(CryptoAlgorithm.RSA, KeyContainer, null)); Assert.AreEqual(publicKey, AsymmetricCrypto.LoadPublicKey(CryptoAlgorithm.RSA, KeyContainer, null)); } finally { AsymmetricCrypto.DeleteKey(CryptoAlgorithm.RSA, KeyContainer, null); } AsymmetricCrypto.DeleteKey(CryptoAlgorithm.RSA, KeyContainer, null); }
public void SecureFile_File_BadHash() { string originalName = Path.GetTempFileName(); string encryptName = Path.GetTempFileName(); string decryptName = Path.GetTempFileName(); string privateKey = AsymmetricCrypto.CreatePrivateKey(CryptoAlgorithm.RSA, 1024); string publicKey = AsymmetricCrypto.GetPublicKey(CryptoAlgorithm.RSA, privateKey); EnhancedStream original = null; EnhancedStream encrypted = null; SecureFile secure = null; byte b; try { original = new EnhancedFileStream(originalName, FileMode.Create, FileAccess.ReadWrite); for (int i = 0; i < 100; i++) { original.WriteByte((byte)i); } original.Close(); original = null; secure = new SecureFile(originalName, SecureFileMode.Encrypt, publicKey); secure.EncryptTo(encryptName, CryptoAlgorithm.AES, 256); secure.Close(); secure = null; // Munge the last byte of the hash digest and then confirm // that the bad hash is detected. encrypted = new EnhancedFileStream(encryptName, FileMode.Open, FileAccess.ReadWrite); encrypted.Position = encrypted.Length - 1; b = (byte)encrypted.ReadByte(); encrypted.Position = encrypted.Length - 1; encrypted.WriteByte((byte)(~b)); encrypted.Close(); encrypted = null; ExtendedAssert.Throws <CryptographicException>( () => { secure = new SecureFile(encryptName, SecureFileMode.Decrypt, privateKey); secure.DecryptTo(decryptName); }); } finally { if (original != null) { original.Close(); } if (encrypted != null) { encrypted.Close(); } try { System.IO.File.Delete(originalName); } catch { } try { System.IO.File.Delete(encryptName); } catch { } try { System.IO.File.Delete(decryptName); } catch { } } }
public void SecureFile_File_Metadata() { string originalName = Path.GetTempFileName(); string encryptName = Path.GetTempFileName(); string decryptName = Path.GetTempFileName(); string privateKey = AsymmetricCrypto.CreatePrivateKey(CryptoAlgorithm.RSA, 1024); string publicKey = AsymmetricCrypto.GetPublicKey(CryptoAlgorithm.RSA, privateKey); EnhancedStream original = null; EnhancedStream encrypted = null; EnhancedStream decrypted = null; SecureFile secure = null; DateTime createTime = Helper.UtcNowRounded - TimeSpan.FromMinutes(1); DateTime writeTime = Helper.UtcNowRounded; try { original = new EnhancedFileStream(originalName, FileMode.Create, FileAccess.ReadWrite); for (int i = 0; i < 100; i++) { original.WriteByte((byte)i); } original.Close(); original = null; Directory.SetCreationTimeUtc(originalName, createTime); Directory.SetLastWriteTimeUtc(originalName, writeTime); secure = new SecureFile(originalName, SecureFileMode.Encrypt, publicKey); secure.Properties["Foo"] = "Bar"; secure.Properties["Hello"] = "World"; secure.EncryptTo(encryptName, CryptoAlgorithm.AES, 256); Assert.AreEqual(Path.GetFileName(originalName), secure.FileName); Assert.AreEqual(createTime, secure.CreateTimeUtc); Assert.AreEqual(writeTime, secure.WriteTimeUtc); secure.Close(); secure = null; secure = new SecureFile(encryptName, SecureFileMode.Decrypt, privateKey); Assert.AreEqual("Bar", secure.Properties["Foo"]); Assert.AreEqual("World", secure.Properties["Hello"]); Assert.AreEqual(Path.GetFileName(originalName), secure.FileName); Assert.AreEqual(createTime, secure.CreateTimeUtc); Assert.AreEqual(writeTime, secure.WriteTimeUtc); secure.DecryptTo(decryptName); secure.Close(); secure = null; Assert.AreEqual(createTime, Directory.GetCreationTimeUtc(decryptName)); Assert.AreEqual(writeTime, Directory.GetLastWriteTimeUtc(decryptName)); original = new EnhancedFileStream(originalName, FileMode.Open, FileAccess.Read); encrypted = new EnhancedFileStream(encryptName, FileMode.Open, FileAccess.Read); decrypted = new EnhancedFileStream(decryptName, FileMode.Open, FileAccess.Read); original.Position = 0; encrypted.Position = 0; Assert.AreNotEqual(original.ReadBytesToEnd(), encrypted.ReadBytesToEnd()); original.Position = 0; decrypted.Position = 0; CollectionAssert.AreEqual(original.ReadBytesToEnd(), decrypted.ReadBytesToEnd()); } finally { if (original != null) { original.Close(); } if (encrypted != null) { encrypted.Close(); } if (decrypted != null) { decrypted.Close(); } System.IO.File.Delete(originalName); System.IO.File.Delete(encryptName); System.IO.File.Delete(decryptName); } }
public void SecureFile_File_GetPublicKey() { string originalName = Path.GetTempFileName(); string encryptName = Path.GetTempFileName(); string privateKey = AsymmetricCrypto.CreatePrivateKey(CryptoAlgorithm.RSA, 1024); string publicKey = AsymmetricCrypto.GetPublicKey(CryptoAlgorithm.RSA, privateKey); EnhancedStream original = null; EnhancedStream encrypted = null; SecureFile secure = null; try { original = new EnhancedFileStream(originalName, FileMode.Create, FileAccess.ReadWrite); for (int i = 0; i < 100; i++) { original.WriteByte((byte)i); } original.Close(); original = null; // Verify that the public key is saved if requested secure = new SecureFile(originalName, SecureFileMode.Encrypt, publicKey); Assert.IsTrue(secure.SavePublicKey); Assert.AreEqual(publicKey, secure.PublicKey); secure.EncryptTo(encryptName, CryptoAlgorithm.AES, 256); secure.Close(); secure = null; Assert.AreEqual(publicKey, SecureFile.GetPublicKey(encryptName)); // Verify that the public key is not saved, if SavePublicKey=false System.IO.File.Delete(encryptName); secure = new SecureFile(originalName, SecureFileMode.Encrypt, publicKey); secure.SavePublicKey = false; secure.EncryptTo(encryptName, CryptoAlgorithm.AES, 256); secure.Close(); secure = null; Assert.IsNull(SecureFile.GetPublicKey(encryptName)); } finally { if (original != null) { original.Close(); } if (encrypted != null) { encrypted.Close(); } System.IO.File.Delete(originalName); System.IO.File.Delete(encryptName); } }
public void SecureFile_File_KeyChain() { string encryptName = Path.GetTempFileName(); string privateKey = AsymmetricCrypto.CreatePrivateKey(CryptoAlgorithm.RSA, 1024); string publicKey = AsymmetricCrypto.GetPublicKey(CryptoAlgorithm.RSA, privateKey); EnhancedMemoryStream original = new EnhancedMemoryStream(); SecureFile secure = null; try { for (int i = 0; i < 100; i++) { original.WriteByte((byte)i); } // Verify that SecureFile can find the correct private key in the key chain. secure = new SecureFile(original, SecureFileMode.Encrypt, publicKey); Assert.IsTrue(secure.SavePublicKey); Assert.AreEqual(publicKey, secure.PublicKey); original.Position = 0; secure.EncryptTo(encryptName, CryptoAlgorithm.AES, 256); secure.Close(); secure = null; var keyChain = new KeyChain(); var decrypted = new EnhancedMemoryStream(); keyChain.Add(privateKey); secure = new SecureFile(encryptName, keyChain); secure.DecryptTo(decrypted); secure.Close(); secure = null; CollectionAssert.AreEqual(original.ToArray(), decrypted.ToArray()); // Verify that SecureFile throws a CryptographicException if the // key is not present in the chain. keyChain.Clear(); try { secure = new SecureFile(encryptName, keyChain); secure.DecryptTo(decrypted); Assert.Fail("Expecting a CryptographicException"); } catch (CryptographicException) { // Expecting this } finally { if (secure != null) { secure.Close(); secure = null; } } // Verify that SecureFile throws a CryptographicException if the // public key was not saved to the file. keyChain.Add(privateKey); secure = new SecureFile(original, SecureFileMode.Encrypt, publicKey); secure.SavePublicKey = false; original.Position = 0; secure.EncryptTo(encryptName, CryptoAlgorithm.AES, 256); secure.Close(); secure = null; try { secure = new SecureFile(encryptName, keyChain); secure.DecryptTo(decrypted); Assert.Fail("Expecting a CryptographicException"); } catch (CryptographicException) { // Expecting this } finally { if (secure != null) { secure.Close(); secure = null; } } } finally { System.IO.File.Delete(encryptName); } }