public void AcceptEncryptionAlgorithmRegardlessOfCase(string algorithm)
{
var provider = new SqlColumnEncryptionCngProvider();
byte[] ciphertext = provider.EncryptColumnEncryptionKey(MASTER_KEY_PATH, algorithm, new byte[] { 1, 2, 3, 4, 5 });
Assert.NotNull(ciphertext);
}
public void ThrowExceptionWithInvalidParameterWhileEncryptingColumnEncryptionKey(string errorMsg, Type exceptionType, string masterKeyPath, string encryptionAlgorithm, byte[] bytes)
{
var provider = new SqlColumnEncryptionCngProvider();
Exception ex = Assert.Throws(exceptionType, () => provider.EncryptColumnEncryptionKey(masterKeyPath, encryptionAlgorithm, bytes));
Assert.Equal(errorMsg, ex.Message);
}
public void ThrowPlatformNotSupportedExceptionInUnix()
{
var provider = new SqlColumnEncryptionCngProvider();
Assert.Throws <PlatformNotSupportedException>(() => provider.EncryptColumnEncryptionKey("", "", new byte[] { }));
Assert.Throws <PlatformNotSupportedException>(() => provider.DecryptColumnEncryptionKey("", "", new byte[] { }));
Assert.Throws <PlatformNotSupportedException>(() => provider.SignColumnMasterKeyMetadata("", false));
Assert.Throws <PlatformNotSupportedException>(() => provider.VerifyColumnMasterKeyMetadata("", false, new byte[] { }));
}
public void EncryptKeyAndThenDecryptItSuccessfully(int dataSize)
{
var provider = new SqlColumnEncryptionCngProvider();
var columnEncryptionKey = new byte[dataSize];
var randomNumberGenerator = new Random();
randomNumberGenerator.NextBytes(columnEncryptionKey);
byte[] encryptedData = provider.EncryptColumnEncryptionKey(MASTER_KEY_PATH, ENCRYPTION_ALGORITHM, columnEncryptionKey);
byte[] decryptedData = provider.DecryptColumnEncryptionKey(MASTER_KEY_PATH, ENCRYPTION_ALGORITHM, encryptedData);
Assert.Equal(columnEncryptionKey, decryptedData);
}
internal static byte[] CreateEncryptedCekUsingCsp(string providerName, string keyContainerName)
{
try
{
// Create a random column encryption key of size 256 bits
byte[] columnEncryptionKey = GenerateRandomBytes(32);
Console.WriteLine(@"Plaintext CEK: {0}", ConvertBytesToHexString(columnEncryptionKey, true));
// Encrypt CEK with CMK stored in EKM
string keyPath = String.Format(@"{0}/{1}", providerName, keyContainerName);
SqlColumnEncryptionCngProvider cspProvider = new SqlColumnEncryptionCngProvider();
return(cspProvider.EncryptColumnEncryptionKey(keyPath, @"RSA_OAEP", columnEncryptionKey));
}
catch (Exception e)
{
Console.WriteLine("\tFAILURE: Creating the encrypted column encryption key failed");
Console.WriteLine(@" {0}", e.Message);
return(null);
}
}
public void ThrowNotSupportedExceptionWhenCallingVerifyColumnMasterKeyMetadata()
{
var provider = new SqlColumnEncryptionCngProvider();
Assert.Throws <NotSupportedException>(() => provider.VerifyColumnMasterKeyMetadata(MASTER_KEY_PATH, true, GenerateTestEncryptedBytes(1, 0, 256, 256)));
}
public void ThrowNotSupportedExceptionWhenCallingSignColumnMasterKeyMetadata()
{
var provider = new SqlColumnEncryptionCngProvider();
Assert.Throws <NotSupportedException>(() => provider.SignColumnMasterKeyMetadata(MASTER_KEY_PATH, true));
}
