コード例 #1
0
        public void ImportFromXml_CreatesAppropriateDescriptor()
        {
            // Arrange
            var descriptor = new CngCbcAuthenticatedEncryptorDescriptor(
                new CngCbcAuthenticatedEncryptorConfiguration()
            {
                EncryptionAlgorithm         = Constants.BCRYPT_AES_ALGORITHM,
                EncryptionAlgorithmKeySize  = 192,
                EncryptionAlgorithmProvider = null,
                HashAlgorithm         = Constants.BCRYPT_SHA512_ALGORITHM,
                HashAlgorithmProvider = null
            },
                "k88VrwGLINfVAqzlAp7U4EAjdlmUG17c756McQGdjHU8Ajkfc/A3YOKdqlMcF6dXaIxATED+g2f62wkRRRRRzA==".ToSecret());
            var control = CreateEncryptorInstanceFromDescriptor(descriptor);

            const string xml = @"
                <descriptor version='1' xmlns:enc='http://schemas.asp.net/2015/03/dataProtection'>
                  <encryption algorithm='AES' keyLength='192' />
                  <hash algorithm='SHA512' />
                  <masterKey enc:requiresEncryption='true'>k88VrwGLINfVAqzlAp7U4EAjdlmUG17c756McQGdjHU8Ajkfc/A3YOKdqlMcF6dXaIxATED+g2f62wkRRRRRzA==</masterKey>
                </descriptor>";
            var          deserializedDescriptor = new CngCbcAuthenticatedEncryptorDescriptorDeserializer().ImportFromXml(XElement.Parse(xml));
            var          test = CreateEncryptorInstanceFromDescriptor(deserializedDescriptor as CngCbcAuthenticatedEncryptorDescriptor);

            // Act & assert
            byte[] plaintext          = new byte[] { 1, 2, 3, 4, 5 };
            byte[] aad                = new byte[] { 2, 4, 6, 8, 0 };
            byte[] ciphertext         = control.Encrypt(new ArraySegment <byte>(plaintext), new ArraySegment <byte>(aad));
            byte[] roundTripPlaintext = test.Decrypt(new ArraySegment <byte>(ciphertext), new ArraySegment <byte>(aad));
            Assert.Equal(plaintext, roundTripPlaintext);
        }
コード例 #2
0
        public void ExportToXml_WithoutProviders_ProducesCorrectPayload()
        {
            // Arrange
            var masterKey  = Convert.ToBase64String(Encoding.UTF8.GetBytes("[PLACEHOLDER]"));
            var descriptor = new CngCbcAuthenticatedEncryptorDescriptor(new CngCbcAuthenticatedEncryptorConfiguration()
            {
                EncryptionAlgorithm        = "enc-alg",
                EncryptionAlgorithmKeySize = 2048,
                HashAlgorithm = "hash-alg"
            }, masterKey.ToSecret());

            // Act
            var retVal = descriptor.ExportToXml();

            // Assert
            Assert.Equal(typeof(CngCbcAuthenticatedEncryptorDescriptorDeserializer), retVal.DeserializerType);
            var expectedXml = $@"
                <descriptor>
                  <encryption algorithm='enc-alg' keyLength='2048' />
                  <hash algorithm='hash-alg' />
                  <masterKey enc:requiresEncryption='true' xmlns:enc='http://schemas.asp.net/2015/03/dataProtection'>
                    <value>{masterKey}</value>
                  </masterKey>
                </descriptor>";

            XmlAssert.Equal(expectedXml, retVal.SerializedDescriptorElement);
        }
        public void ExportToXml_WithoutProviders_ProducesCorrectPayload()
        {
            // Arrange
            var masterKey  = "k88VrwGLINfVAqzlAp7U4EAjdlmUG17c756McQGdjHU8Ajkfc/A3YOKdqlMcF6dXaIxATED+g2f62wkRRRRRzA==".ToSecret();
            var descriptor = new CngCbcAuthenticatedEncryptorDescriptor(new CngCbcAuthenticatedEncryptionSettings()
            {
                EncryptionAlgorithm        = "enc-alg",
                EncryptionAlgorithmKeySize = 2048,
                HashAlgorithm = "hash-alg"
            }, masterKey);

            // Act
            var retVal = descriptor.ExportToXml();

            // Assert
            Assert.Equal(typeof(CngCbcAuthenticatedEncryptorDescriptorDeserializer), retVal.DeserializerType);
            const string expectedXml = @"
                <descriptor>
                  <encryption algorithm='enc-alg' keyLength='2048' />
                  <hash algorithm='hash-alg' />
                  <masterKey enc:requiresEncryption='true' xmlns:enc='http://schemas.asp.net/2015/03/dataProtection'>
                    <value>k88VrwGLINfVAqzlAp7U4EAjdlmUG17c756McQGdjHU8Ajkfc/A3YOKdqlMcF6dXaIxATED+g2f62wkRRRRRzA==</value>
                  </masterKey>
                </descriptor>";

            XmlAssert.Equal(expectedXml, retVal.SerializedDescriptorElement);
        }
コード例 #4
0
        public void ImportFromXml_CreatesAppropriateDescriptor()
        {
            var masterKey = Convert.ToBase64String(Encoding.UTF8.GetBytes("[PLACEHOLDER]"));
            // Arrange
            var descriptor = new CngCbcAuthenticatedEncryptorDescriptor(
                new CngCbcAuthenticatedEncryptorConfiguration()
            {
                EncryptionAlgorithm         = Constants.BCRYPT_AES_ALGORITHM,
                EncryptionAlgorithmKeySize  = 192,
                EncryptionAlgorithmProvider = null,
                HashAlgorithm         = Constants.BCRYPT_SHA512_ALGORITHM,
                HashAlgorithmProvider = null
            },
                masterKey.ToSecret());
            var control = CreateEncryptorInstanceFromDescriptor(descriptor);

            var xml = $@"
                <descriptor version='1' xmlns:enc='http://schemas.asp.net/2015/03/dataProtection'>
                  <encryption algorithm='AES' keyLength='192' />
                  <hash algorithm='SHA512' />
                  <masterKey enc:requiresEncryption='true'>{masterKey}</masterKey>
                </descriptor>";
            var deserializedDescriptor = new CngCbcAuthenticatedEncryptorDescriptorDeserializer().ImportFromXml(XElement.Parse(xml));
            var test = CreateEncryptorInstanceFromDescriptor(deserializedDescriptor as CngCbcAuthenticatedEncryptorDescriptor);

            // Act & assert
            byte[] plaintext          = new byte[] { 1, 2, 3, 4, 5 };
            byte[] aad                = new byte[] { 2, 4, 6, 8, 0 };
            byte[] ciphertext         = control.Encrypt(new ArraySegment <byte>(plaintext), new ArraySegment <byte>(aad));
            byte[] roundTripPlaintext = test.Decrypt(new ArraySegment <byte>(ciphertext), new ArraySegment <byte>(aad));
            Assert.Equal(plaintext, roundTripPlaintext);
        }
        public void ImportFromXml_CreatesAppropriateDescriptor()
        {
            // Arrange
            var control = new CngCbcAuthenticatedEncryptorDescriptor(
                new CngCbcAuthenticatedEncryptionSettings()
                {
                    EncryptionAlgorithm = Constants.BCRYPT_AES_ALGORITHM,
                    EncryptionAlgorithmKeySize = 192,
                    EncryptionAlgorithmProvider = null,
                    HashAlgorithm = Constants.BCRYPT_SHA512_ALGORITHM,
                    HashAlgorithmProvider = null
                },
                "k88VrwGLINfVAqzlAp7U4EAjdlmUG17c756McQGdjHU8Ajkfc/A3YOKdqlMcF6dXaIxATED+g2f62wkRRRRRzA==".ToSecret()).CreateEncryptorInstance();

            const string xml = @"
                <descriptor version='1' xmlns:enc='http://schemas.asp.net/2015/03/dataProtection'>
                  <encryption algorithm='AES' keyLength='192' />
                  <hash algorithm='SHA512' />
                  <masterKey enc:requiresEncryption='true'>k88VrwGLINfVAqzlAp7U4EAjdlmUG17c756McQGdjHU8Ajkfc/A3YOKdqlMcF6dXaIxATED+g2f62wkRRRRRzA==</masterKey>
                </descriptor>";
            var test = new CngCbcAuthenticatedEncryptorDescriptorDeserializer().ImportFromXml(XElement.Parse(xml)).CreateEncryptorInstance();

            // Act & assert
            byte[] plaintext = new byte[] { 1, 2, 3, 4, 5 };
            byte[] aad = new byte[] { 2, 4, 6, 8, 0 };
            byte[] ciphertext = control.Encrypt(new ArraySegment<byte>(plaintext), new ArraySegment<byte>(aad));
            byte[] roundTripPlaintext = test.Decrypt(new ArraySegment<byte>(ciphertext), new ArraySegment<byte>(aad));
            Assert.Equal(plaintext, roundTripPlaintext);
        }
        public void ExportToXml_WithProviders_ProducesCorrectPayload()
        {
            // Arrange
            var masterKey = "k88VrwGLINfVAqzlAp7U4EAjdlmUG17c756McQGdjHU8Ajkfc/A3YOKdqlMcF6dXaIxATED+g2f62wkRRRRRzA==".ToSecret();
            var descriptor = new CngCbcAuthenticatedEncryptorDescriptor(new CngCbcAuthenticatedEncryptionSettings()
            {
                EncryptionAlgorithm = "enc-alg",
                EncryptionAlgorithmKeySize = 2048,
                EncryptionAlgorithmProvider = "enc-alg-prov",
                HashAlgorithm = "hash-alg",
                HashAlgorithmProvider = "hash-alg-prov"
            }, masterKey);

            // Act
            var retVal = descriptor.ExportToXml();

            // Assert
            Assert.Equal(typeof(CngCbcAuthenticatedEncryptorDescriptorDeserializer), retVal.DeserializerType);
            const string expectedXml = @"
                <descriptor>
                  <encryption algorithm='enc-alg' keyLength='2048' provider='enc-alg-prov' />
                  <hash algorithm='hash-alg' provider='hash-alg-prov' />
                  <masterKey enc:requiresEncryption='true' xmlns:enc='http://schemas.asp.net/2015/03/dataProtection'>
                    <value>k88VrwGLINfVAqzlAp7U4EAjdlmUG17c756McQGdjHU8Ajkfc/A3YOKdqlMcF6dXaIxATED+g2f62wkRRRRRzA==</value>
                  </masterKey>
                </descriptor>";
            XmlAssert.Equal(expectedXml, retVal.SerializedDescriptorElement);
        }
コード例 #7
0
        private static IAuthenticatedEncryptor CreateEncryptorInstanceFromDescriptor(CngCbcAuthenticatedEncryptorDescriptor descriptor)
        {
            var encryptorFactory = new CngCbcAuthenticatedEncryptorFactory(NullLoggerFactory.Instance);
            var key = new Key(
                Guid.NewGuid(),
                DateTimeOffset.Now,
                DateTimeOffset.Now + TimeSpan.FromHours(1),
                DateTimeOffset.Now + TimeSpan.FromDays(30),
                descriptor,
                new[] { encryptorFactory });


            return(key.CreateEncryptor());
        }