private void TestAsymmetricEncryptionWithKeystore(Keystore correctKeystore, string correctKeyContainerName, Keystore wrongKeystore, string wrongKeyContainerName) { CleanupKeystores(); byte[] plainBytes = ByteUtil.Utf8NoBOM.GetBytes("Secret String For Testing"); try { // Key should be automatically generated byte[] encryptedBytes = AsymmetricEncryption.EncryptWithKeyFromKeystore(correctKeystore, correctKeyContainerName, plainBytes); Assert.IsFalse(ByteUtil.ByteArraysMatch(plainBytes, encryptedBytes)); byte[] decryptedBytes = AsymmetricEncryption.DecryptWithKeyFromKeystore(correctKeystore, correctKeyContainerName, encryptedBytes); Assert.IsTrue(ByteUtil.ByteArraysMatch(plainBytes, decryptedBytes)); // Key should be retrievable from correct keystore string publicKeyLoaded = AsymmetricEncryption.GetKeyFromKeystore(correctKeystore, correctKeyContainerName, false); Assert.IsNotNull(publicKeyLoaded); // Key should NOT be retrievable from incorrect keystore string publicKeyFromWrongKeystore = AsymmetricEncryption.GetKeyFromKeystore(wrongKeystore, correctKeyContainerName, false); Assert.IsNull(publicKeyFromWrongKeystore); Assert.IsTrue(KeystoreContainsKeyContainer(correctKeystore, correctKeyContainerName)); Assert.IsFalse(KeystoreContainsKeyContainer(wrongKeystore, correctKeyContainerName)); Assert.IsFalse(KeystoreContainsKeyContainer(correctKeystore, wrongKeyContainerName)); Assert.IsFalse(KeystoreContainsKeyContainer(wrongKeystore, wrongKeyContainerName)); // Test encryption using exported public key. byte[] encryptedBytes2 = AsymmetricEncryption.EncryptWithKey(publicKeyLoaded, plainBytes); Assert.IsFalse(ByteUtil.ByteArraysMatch(plainBytes, encryptedBytes2)); byte[] decryptedBytes2 = AsymmetricEncryption.DecryptWithKeyFromKeystore(correctKeystore, correctKeyContainerName, encryptedBytes2); Assert.IsTrue(ByteUtil.ByteArraysMatch(plainBytes, decryptedBytes2)); // Should be possible to replace existing keys by calling GenerateNewKeysInKeystore AsymmetricEncryption.GenerateNewKeysInKeystore(correctKeystore, correctKeyContainerName, out string publicKey2); Assert.AreNotEqual(publicKeyLoaded, publicKey2); // Getting the key should now return the new key string publicKeyLoaded2 = AsymmetricEncryption.GetKeyFromKeystore(correctKeystore, correctKeyContainerName, false); Assert.AreEqual(publicKey2, publicKeyLoaded2); // Delete the key AsymmetricEncryption.DeletePublicKeyFromKeystore(correctKeystore, correctKeyContainerName); Assert.IsNull(AsymmetricEncryption.GetKeyFromKeystore(correctKeystore, correctKeyContainerName, false)); // Try to generate a new one using the "Get" method. string publicKeyLoaded3 = AsymmetricEncryption.GetKeyFromKeystore(correctKeystore, correctKeyContainerName, true); Assert.AreNotEqual(publicKeyLoaded, publicKeyLoaded3); Assert.AreNotEqual(publicKey2, publicKeyLoaded3); } finally { AsymmetricEncryption.DeletePublicKeyFromKeystore(correctKeystore, correctKeyContainerName); Assert.IsFalse(KeystoreContainsKeyContainer(correctKeystore, correctKeyContainerName)); // Confirm the delete can be done redundantly without negative effect AsymmetricEncryption.DeletePublicKeyFromKeystore(correctKeystore, correctKeyContainerName); Assert.IsFalse(KeystoreContainsKeyContainer(correctKeystore, correctKeyContainerName)); Assert.IsFalse(KeystoreContainsKeyContainer(wrongKeystore, correctKeyContainerName)); Assert.IsFalse(KeystoreContainsKeyContainer(correctKeystore, wrongKeyContainerName)); Assert.IsFalse(KeystoreContainsKeyContainer(wrongKeystore, wrongKeyContainerName)); } }