コード例 #1
0
        //Downloads and decrypts client side encrypted blob, then reuploads blob with server side encryption using a customer provided key
        private static void EncryptWithCustomerProvidedKey(
            string connectionString,
            string containerName,
            string blobName,
            string blobNameAfterMigration,
            string filePath,
            ClientSideEncryptionOptions clientSideOption,
            byte[] keyBytes)
        {
            //Download and decrypt Client Side Encrypted blob using BlobClient with Client Side Encryption Options
            string     downloadFilePath = filePath + "download";
            BlobClient blobClient       = new BlobClient(
                connectionString,
                containerName,
                blobName).WithClientSideEncryptionOptions(clientSideOption);

            blobClient.DownloadTo(downloadFilePath);

            //Set Blob Client Options with the given Customer Provided Key
            CustomerProvidedKey customerProvidedKey = new CustomerProvidedKey(keyBytes);
            BlobClientOptions   blobClientOptions   = new BlobClientOptions()
            {
                CustomerProvidedKey = customerProvidedKey,
            };

            //Reupload Blob with Server Side Encryption
            blobClient = new BlobClient(
                connectionString,
                containerName,
                blobNameAfterMigration,
                blobClientOptions);
            blobClient.Upload(downloadFilePath, true);
        }
コード例 #2
0
        public async Task AppendBlockFromUriAsync_CPK()
        {
            await using DisposingContainer test = await GetTestContainerAsync();

            // Arrange
            await test.Container.SetAccessPolicyAsync(PublicAccessType.BlobContainer);

            var data = GetRandomBuffer(Constants.KB);

            using (var stream = new MemoryStream(data))
            {
                AppendBlobClient sourceBlob = InstrumentClient(test.Container.GetAppendBlobClient(GetNewBlobName()));
                await sourceBlob.CreateAsync();

                await sourceBlob.AppendBlockAsync(stream);

                AppendBlobClient    destBlob            = InstrumentClient(test.Container.GetAppendBlobClient(GetNewBlobName()));
                CustomerProvidedKey customerProvidedKey = GetCustomerProvidedKey();
                destBlob = InstrumentClient(destBlob.WithCustomerProvidedKey(customerProvidedKey));
                await destBlob.CreateAsync();

                // Act
                Response <BlobAppendInfo> response = await destBlob.AppendBlockFromUriAsync(
                    sourceBlob.Uri,
                    new HttpRange(0, Constants.KB));

                Assert.AreEqual(customerProvidedKey.EncryptionKeyHash, response.Value.EncryptionKeySha256);
            }
        }
コード例 #3
0
 public static PageBlobClient WithCustomerProvidedKey(
     this PageBlobClient blob,
     CustomerProvidedKey customerProvidedKey) =>
 new PageBlobClient(
     ToHttps(blob.Uri),
     blob.Pipeline,
     blob.ClientDiagnostics,
     customerProvidedKey);
コード例 #4
0
 public static BlockBlobClient WithCustomerProvidedKey(
     this BlockBlobClient blob,
     CustomerProvidedKey customerProvidedKey) =>
 new BlockBlobClient(
     ToHttps(blob.Uri),
     blob.Pipeline,
     blob.Version,
     blob.ClientDiagnostics,
     customerProvidedKey);
コード例 #5
0
 private static BlobClientConfiguration BuildClientConfigurationWithCpk(
     BlobClientConfiguration clientConfiguration,
     CustomerProvidedKey customerProvidedKey)
 => new BlobClientConfiguration(
     pipeline: clientConfiguration.Pipeline,
     sharedKeyCredential: clientConfiguration.SharedKeyCredential,
     clientDiagnostics: clientConfiguration.ClientDiagnostics,
     version: clientConfiguration.Version,
     customerProvidedKey: customerProvidedKey,
     encryptionScope: null);
コード例 #6
0
 public static AppendBlobClient WithCustomerProvidedKey(
     this AppendBlobClient blob,
     CustomerProvidedKey customerProvidedKey) =>
 new AppendBlobClient(
     ToHttps(blob.Uri),
     blob.Pipeline,
     blob.Version,
     blob.ClientDiagnostics,
     customerProvidedKey,
     null);
コード例 #7
0
 public static PageBlobClient WithCustomerProvidedKey(
     this PageBlobClient blob,
     CustomerProvidedKey customerProvidedKey) =>
 new PageBlobClient(
     ToHttps(blob.Uri),
     blob.Pipeline,
     blob.SharedKeyCredential,
     blob.Version,
     blob.ClientDiagnostics,
     customerProvidedKey,
     null);
コード例 #8
0
        /// <summary>
        /// Creates a new instance of the <see cref="AppendBlobClient"/> class
        /// with an identical <see cref="Uri"/> source but the specified
        /// <paramref name="customerProvidedKey"/> customer provided key.
        /// </summary>
        /// <param name="customerProvidedKey">
        /// The customer provided key to be used by the service to encrypt data.
        /// </param>
        /// <returns>A new <see cref="AppendBlobClient"/> instance.</returns>
        protected sealed override BlobBaseClient WithCustomerProvidedKeyCore(CustomerProvidedKey customerProvidedKey)
        {
            var uriBuilder = new UriBuilder(Uri)
            {
                Scheme = Constants.Blob.Https,
                Port   = Constants.Blob.HttpsPort
            };

            return(new AppendBlobClient(
                       uriBuilder.Uri,
                       Pipeline,
                       new BlobClientOptions(customerProvidedKey: customerProvidedKey)));
        }
コード例 #9
0
        public void Ctor_CPK_Http()
        {
            // Arrange
            CustomerProvidedKey customerProvidedKey = GetCustomerProvidedKey();
            BlobClientOptions   blobClientOptions   = new BlobClientOptions()
            {
                CustomerProvidedKey = customerProvidedKey
            };
            Uri httpUri = new Uri(TestConfigDefault.BlobServiceEndpoint).ToHttp();

            // Act
            TestHelper.AssertExpectedException(
                () => new AppendBlobClient(httpUri, blobClientOptions),
                new ArgumentException("Cannot use client-provided key without HTTPS."));
        }
コード例 #10
0
        public void Ctor_CPK_EncryptionScope()
        {
            // Arrange
            CustomerProvidedKey customerProvidedKey = GetCustomerProvidedKey();
            BlobClientOptions   blobClientOptions   = new BlobClientOptions
            {
                CustomerProvidedKey = customerProvidedKey,
                EncryptionScope     = TestConfigDefault.EncryptionScope
            };

            // Act
            TestHelper.AssertExpectedException(
                () => new BlobServiceClient(new Uri(TestConfigDefault.BlobServiceEndpoint), blobClientOptions),
                new ArgumentException("CustomerProvidedKey and EncryptionScope cannot both be set"));
        }
コード例 #11
0
        public async Task CreateAsync_CPK()
        {
            await using DisposingContainer test = await GetTestContainerAsync();

            // Arrange
            var blobName             = GetNewBlobName();
            AppendBlobClient    blob = InstrumentClient(test.Container.GetAppendBlobClient(blobName));
            CustomerProvidedKey customerProvidedKey = GetCustomerProvidedKey();

            blob = InstrumentClient(blob.WithCustomerProvidedKey(customerProvidedKey));

            // Act
            Response <BlobContentInfo> response = await blob.CreateAsync();

            // Assert
            Assert.AreEqual(customerProvidedKey.EncryptionKeyHash, response.Value.EncryptionKeySha256);
        }
コード例 #12
0
        public async Task AppendBlockAsync_CPK()
        {
            await using DisposingContainer test = await GetTestContainerAsync();

            // Arrange
            var blobName             = GetNewBlobName();
            AppendBlobClient    blob = InstrumentClient(test.Container.GetAppendBlobClient(blobName));
            CustomerProvidedKey customerProvidedKey = GetCustomerProvidedKey();

            blob = InstrumentClient(blob.WithCustomerProvidedKey(customerProvidedKey));
            var data = GetRandomBuffer(Constants.KB);
            await blob.CreateAsync();

            // Act
            using var stream = new MemoryStream(data);
            Response <BlobAppendInfo> response = await blob.AppendBlockAsync(
                content : stream);

            // Assert
            Assert.AreEqual(customerProvidedKey.EncryptionKeyHash, response.Value.EncryptionKeySha256);
        }
コード例 #13
0
 /// <summary>
 /// Initializes a new instance of the <see cref="AppendBlobClient"/>
 /// class with an identical <see cref="Uri"/> source but the specified
 /// <paramref name="customerProvidedKey"/> customer provided key.
 /// </summary>
 /// <param name="customerProvidedKey">
 /// The customer provided key to be used by the service to encrypt data.
 /// </param>
 /// <returns>A new <see cref="AppendBlobClient"/> instance.</returns>
 public new AppendBlobClient WithCustomerProvidedKey(CustomerProvidedKey customerProvidedKey) => (AppendBlobClient)WithCustomerProvidedKeyCore(customerProvidedKey);
コード例 #14
0
 public static PageBlobClient WithCustomerProvidedKey(
     this PageBlobClient blob,
     CustomerProvidedKey customerProvidedKey) =>
 new PageBlobClient(
     ToHttps(blob.Uri),
     BuildClientConfigurationWithCpk(blob.ClientConfiguration, customerProvidedKey));