public void ValidateCipherTest() { var cipher1 = new CipherStub("cipherStub1"); var cipher2 = new CipherStub("cipherStub2"); var cipher3 = new FernetCipher("Fernet cipher"); using var provider = new CryptoProvider(cipher1); provider.RegisterCipher(cipher2) .RegisterCipher(cipher3); var customEncryptionKey = new CustomEncryptionKey(1, Encoding.UTF8.GetBytes("Custom Encryption Key 32 symbols")); provider.ValidateCustomCiphers(new SecretsData(new List <Secret> { customEncryptionKey }, customEncryptionKey)); Assert.IsNotNull(provider); var encryptionSecret = new EncryptionSecret(2, Encoding.UTF8.GetBytes("EncryptionSecret")); provider.ValidateCustomCiphers(new SecretsData(new List <Secret> { customEncryptionKey, encryptionSecret }, encryptionSecret)); Assert.IsNotNull(provider); }
public override string Encrypt(byte[] textBytes, CustomEncryptionKey secretKey) { var secretBytes = secretKey?.GetSecretBytes(); try { return(SimpleFernet.Encrypt(secretBytes, textBytes)); } finally { SecretKeyFactory.ShuffleSecretKey(secretBytes); } }
private static IStorage InitStorageWithCustomCipher() { var cipher = new FernetCipher("Fernet cipher demo"); using var provider = new CryptoProvider(cipher); var key = new CustomEncryptionKey(7, Encoding.UTF8.GetBytes("Custom Encryption Key 32 symbols")); var secretData = new SecretsData(new List <Secret> { key }, key); var config = CredentialsHelper.GetConfigWithOauth(); config.CryptoProvider = provider; config.SecretKeyAccessor = () => secretData; return(Storage.NewStorage(config)); }
public void SecretsToStringTest() { var encryptionSecret = new EncryptionSecret(1, Guid.NewGuid().ToByteArray()); Assert.IsTrue(Regex.IsMatch(encryptionSecret.ToString(), "EncryptionSecret\\{SecretBytes\\=HASH\\[(-)?(\\d)+\\], Version=1\\}")); var customEncryptionKey = new CustomEncryptionKey(1, Guid.NewGuid().ToByteArray()); Assert.IsTrue(Regex.IsMatch(customEncryptionKey.ToString(), "CustomEncryptionKey\\{SecretBytes\\=HASH\\[(-)?(\\d)+\\], Version=1\\}")); var encryptionKey = new EncryptionKey(1, Encoding.UTF8.GetBytes("123456789012345678901234567890Ab")); Assert.IsTrue(Regex.IsMatch(encryptionKey.ToString(), "EncryptionKey\\{SecretBytes\\=HASH\\[(-)?(\\d)+\\], Version=1\\}")); }
public void EncryptWithCustomCipherNegativeTest() { var cipher = new CipherWithException("some cipher"); const string exceptionMessage = "some exception message"; #pragma warning disable CA1303 var anotherCipher = new CipherWithException("another cipher", new StorageCryptoException(exceptionMessage)); #pragma warning restore CA1303 using var provider = new CryptoProvider(cipher); provider.RegisterCipher(anotherCipher); var key = new CustomEncryptionKey(1, Encoding.UTF8.GetBytes("Custom Encryption Key 32 symbols")); var secretData = new SecretsData(new List <Secret> { key }, key); var exception = Assert.Throws <StorageCryptoException>(() => provider.Decrypt("c" + Guid.NewGuid() + ":123", secretData, 1)); Assert.AreEqual("Unknown cipher format", exception.Message); exception = Assert.Throws <StorageCryptoException>(() => provider.Decrypt("z" + Guid.NewGuid() + ":123", secretData, 1)); Assert.AreEqual("Unknown cipher format", exception.Message); exception = Assert.Throws <StorageCryptoException>(() => provider.Encrypt(Guid.NewGuid().ToString(), secretData)); Assert.AreEqual("Unexpected exception during encryption", exception.Message); Assert.NotNull(exception.InnerException); exception = Assert.Throws <StorageCryptoException>(() => provider.Decrypt("cc29tZSBjaXBoZXI=:c29tZSBjaXBoZXI=", secretData, 1)); Assert.AreEqual("Unexpected error", exception.Message); Assert.IsNotNull(exception.InnerException); exception = Assert.Throws <StorageCryptoException>(() => provider.Decrypt("cYW5vdGhlciBjaXBoZXI=:YW5vdGhlciBjaXBoZXI=", secretData, 1)); Assert.AreEqual(exceptionMessage, exception.Message); using var anotherProvider = new CryptoProvider(anotherCipher); exception = Assert.Throws <StorageCryptoException>(() => anotherProvider.Encrypt(Guid.NewGuid().ToString(), secretData)); Assert.AreEqual(exceptionMessage, exception.Message); }
public void ValidateCipherNegativeTest() { var cipher1 = new CipherStub("cipherStub1"); var cipher2 = new WrongCipher("WrongCipher"); using var provider = new CryptoProvider(cipher1); provider.RegisterCipher(cipher2); var customEncryptionKey = new CustomEncryptionKey(1, Encoding.UTF8.GetBytes("CustomEncryptionKey")); var exception = Assert.Throws <StorageClientException>(() => { provider.ValidateCustomCiphers(new SecretsData(new List <Secret> { customEncryptionKey }, customEncryptionKey)); }); Assert.AreEqual("Validation failed for custom cipher with version 'WrongCipher'", exception.Message); provider.UnregisterCipher(cipher2); var cipher3 = new CipherWithException("CipherWithException"); provider.RegisterCipher(cipher3); exception = Assert.Throws <StorageClientException>(() => { provider.ValidateCustomCiphers(new SecretsData(new List <Secret> { customEncryptionKey }, customEncryptionKey)); }); Assert.AreEqual("Validation failed for custom cipher with version 'CipherWithException'", exception.Message); Assert.NotNull(exception.InnerException); Assert.IsInstanceOf <NotImplementedException>(exception.InnerException); var secretData = SecretsDataGenerator.FromPassword("password"); exception = Assert.Throws <StorageClientException>(() => provider.ValidateCustomCiphers(secretData)); Assert.AreEqual("There is no custom encryption key for the custom ciphers", exception.Message); }
public void EncryptWithCustomCipherTest() { var cipher = new FernetCipher("Fernet cipher"); using var provider = new CryptoProvider(cipher); const int version = 5; var key = new CustomEncryptionKey(version, Encoding.UTF8.GetBytes("Custom Encryption Key 32 symbols")); var secretData = new SecretsData(new List <Secret> { key }, key); var message = "{'private_data':'" + Guid.NewGuid() + "'}"; var cipheredData = provider.Encrypt(message, secretData); Assert.NotNull(cipheredData); Assert.AreEqual(version, cipheredData.KeyVersion); Assert.NotNull(cipheredData.Data); Assert.AreNotEqual(message, cipheredData.Data); Assert.IsTrue(cipheredData.Data.StartsWith("c", StringComparison.InvariantCulture)); var decryptedText = provider.Decrypt(cipheredData.Data, secretData, cipheredData.KeyVersion); Assert.AreEqual(message, decryptedText); }
private void ValidateCipher(AbstractCipher cipher, CustomEncryptionKey encryptionKey) { try { var encryptedText = cipher.Encrypt(_encoding.GetBytes(s_validationText), encryptionKey); var decryptedText = cipher.Decrypt(_encoding.GetBytes(encryptedText), encryptionKey); var wrongDecryption = !s_validationText.Equals(decryptedText, StringComparison.InvariantCulture); s_helper.Check <StorageClientException>(wrongDecryption, Messages.CryptoProvider.s_errIncorrectCustomCrypto, cipher.Name); } catch (StorageException) { throw; } catch (System.Exception ex) { var message = string.Format(CultureInfo.InvariantCulture, Messages.CryptoProvider.s_errIncorrectCustomCrypto, cipher.Name); s_log.Error(ex, message); throw new StorageClientException(message, ex); } }
public override string Encrypt(byte[] textBytes, CustomEncryptionKey secretKey) { throw _exception ?? new NotImplementedException(); }
public override string Encrypt(byte[] textBytes, CustomEncryptionKey secretKey) { return(Guid.NewGuid().ToString()); }