public static void UploadEncryptedFileSymmetric(string path, CloudBlobContainer container) { // Create a blob named after the file we are uploading CloudBlockBlob blob = container.GetBlockBlobReference("SymmetricUploadTest.jpg"); // Create an Azure Encryption Extensions symmetric encryption provider // We are not passing any key material so a 256-bit AES key will be generated for us. var provider = new SymmetricBlobCryptoProvider(); // Since we let the library generate a new key for us, we need to persist it somewhere // so we can decrypt our blob later. We can use a simple JSON storage format built into // the library to store our key on disk. // Remember: If we lose this key we can never retrieve our blob. provider.WriteKeyFile("symmetricKey.dat"); // Encrypt and upload the file to Azure, passing in our provider // The file will be prepended with a random IV and encrypted with AES256. // This 'Encrypted' extension method mirrors the native methods but takes a provider. blob.UploadFromFileEncrypted(provider, path, FileMode.Open); }
public void ToKeyFileAndBackTest() { IBlobCryptoProvider symmetricProvider = new SymmetricBlobCryptoProvider(); symmetricProvider.WriteKeyFile("keyfile.txt"); IBlobCryptoProvider clonedProvider = ProviderFactory.CreateProviderFromKeyFile("keyfile.txt"); var encryptedStream = symmetricProvider.EncryptedStream(streamSample); var decryptedStream = clonedProvider.DecryptedStream(encryptedStream); byte[] result = new byte[sampleStreamSize]; decryptedStream.Read(result, 0, result.Length); Assert.IsTrue( result.SequenceEqual(streamSample.ToArray()), "Decrypted data does not match original data"); }