public void ImportFromXml_CreatesAppropriateDescriptor() { // Arrange var descriptor = new CngGcmAuthenticatedEncryptorDescriptor( new CngGcmAuthenticatedEncryptorConfiguration() { EncryptionAlgorithm = Constants.BCRYPT_AES_ALGORITHM, EncryptionAlgorithmKeySize = 192, EncryptionAlgorithmProvider = null }, "k88VrwGLINfVAqzlAp7U4EAjdlmUG17c756McQGdjHU8Ajkfc/A3YOKdqlMcF6dXaIxATED+g2f62wkRRRRRzA==".ToSecret()); var control = CreateEncryptorInstanceFromDescriptor(descriptor); const string xml = @" <descriptor version='1' xmlns:enc='http://schemas.asp.net/2015/03/dataProtection'> <encryption algorithm='AES' keyLength='192' /> <masterKey enc:requiresEncryption='true'>k88VrwGLINfVAqzlAp7U4EAjdlmUG17c756McQGdjHU8Ajkfc/A3YOKdqlMcF6dXaIxATED+g2f62wkRRRRRzA==</masterKey> </descriptor>"; var deserializedDescriptor = new CngGcmAuthenticatedEncryptorDescriptorDeserializer().ImportFromXml(XElement.Parse(xml)); var test = CreateEncryptorInstanceFromDescriptor(deserializedDescriptor as CngGcmAuthenticatedEncryptorDescriptor); // Act & assert byte[] plaintext = new byte[] { 1, 2, 3, 4, 5 }; byte[] aad = new byte[] { 2, 4, 6, 8, 0 }; byte[] ciphertext = control.Encrypt(new ArraySegment <byte>(plaintext), new ArraySegment <byte>(aad)); byte[] roundTripPlaintext = test.Decrypt(new ArraySegment <byte>(ciphertext), new ArraySegment <byte>(aad)); Assert.Equal(plaintext, roundTripPlaintext); }
public void ExportToXml_WithoutProviders_ProducesCorrectPayload() { // Arrange var masterKey = Convert.ToBase64String(Encoding.UTF8.GetBytes("[PLACEHOLDER]")); var descriptor = new CngGcmAuthenticatedEncryptorDescriptor(new CngGcmAuthenticatedEncryptorConfiguration() { EncryptionAlgorithm = "enc-alg", EncryptionAlgorithmKeySize = 2048 }, masterKey.ToSecret()); // Act var retVal = descriptor.ExportToXml(); // Assert Assert.Equal(typeof(CngGcmAuthenticatedEncryptorDescriptorDeserializer), retVal.DeserializerType); var expectedXml = $@" <descriptor> <encryption algorithm='enc-alg' keyLength='2048' /> <masterKey enc:requiresEncryption='true' xmlns:enc='http://schemas.asp.net/2015/03/dataProtection'> <value>{masterKey}</value> </masterKey> </descriptor>"; XmlAssert.Equal(expectedXml, retVal.SerializedDescriptorElement); }
public void ImportFromXml_CreatesAppropriateDescriptor() { // Arrange var masterKey = Convert.ToBase64String(Encoding.UTF8.GetBytes("[PLACEHOLDER]")); var descriptor = new CngGcmAuthenticatedEncryptorDescriptor( new CngGcmAuthenticatedEncryptorConfiguration() { EncryptionAlgorithm = Constants.BCRYPT_AES_ALGORITHM, EncryptionAlgorithmKeySize = 192, EncryptionAlgorithmProvider = null }, masterKey.ToSecret()); var control = CreateEncryptorInstanceFromDescriptor(descriptor); var xml = $@" <descriptor version='1' xmlns:enc='http://schemas.asp.net/2015/03/dataProtection'> <encryption algorithm='AES' keyLength='192' /> <masterKey enc:requiresEncryption='true'>{masterKey}</masterKey> </descriptor>"; var deserializedDescriptor = new CngGcmAuthenticatedEncryptorDescriptorDeserializer().ImportFromXml(XElement.Parse(xml)); var test = CreateEncryptorInstanceFromDescriptor(deserializedDescriptor as CngGcmAuthenticatedEncryptorDescriptor); // Act & assert byte[] plaintext = new byte[] { 1, 2, 3, 4, 5 }; byte[] aad = new byte[] { 2, 4, 6, 8, 0 }; byte[] ciphertext = control.Encrypt(new ArraySegment <byte>(plaintext), new ArraySegment <byte>(aad)); byte[] roundTripPlaintext = test.Decrypt(new ArraySegment <byte>(ciphertext), new ArraySegment <byte>(aad)); Assert.Equal(plaintext, roundTripPlaintext); }
public void ExportToXml_WithoutProviders_ProducesCorrectPayload() { // Arrange var masterKey = "k88VrwGLINfVAqzlAp7U4EAjdlmUG17c756McQGdjHU8Ajkfc/A3YOKdqlMcF6dXaIxATED+g2f62wkRRRRRzA==".ToSecret(); var descriptor = new CngGcmAuthenticatedEncryptorDescriptor(new CngGcmAuthenticatedEncryptionSettings() { EncryptionAlgorithm = "enc-alg", EncryptionAlgorithmKeySize = 2048 }, masterKey); // Act var retVal = descriptor.ExportToXml(); // Assert Assert.Equal(typeof(CngGcmAuthenticatedEncryptorDescriptorDeserializer), retVal.DeserializerType); const string expectedXml = @" <descriptor> <encryption algorithm='enc-alg' keyLength='2048' /> <masterKey enc:requiresEncryption='true' xmlns:enc='http://schemas.asp.net/2015/03/dataProtection'> <value>k88VrwGLINfVAqzlAp7U4EAjdlmUG17c756McQGdjHU8Ajkfc/A3YOKdqlMcF6dXaIxATED+g2f62wkRRRRRzA==</value> </masterKey> </descriptor>"; XmlAssert.Equal(expectedXml, retVal.SerializedDescriptorElement); }
public void ImportFromXml_CreatesAppropriateDescriptor() { // Arrange var control = new CngGcmAuthenticatedEncryptorDescriptor( new CngGcmAuthenticatedEncryptionSettings() { EncryptionAlgorithm = Constants.BCRYPT_AES_ALGORITHM, EncryptionAlgorithmKeySize = 192, EncryptionAlgorithmProvider = null }, "k88VrwGLINfVAqzlAp7U4EAjdlmUG17c756McQGdjHU8Ajkfc/A3YOKdqlMcF6dXaIxATED+g2f62wkRRRRRzA==".ToSecret()).CreateEncryptorInstance(); const string xml = @" <descriptor version='1' xmlns:enc='http://schemas.asp.net/2015/03/dataProtection'> <encryption algorithm='AES' keyLength='192' /> <masterKey enc:requiresEncryption='true'>k88VrwGLINfVAqzlAp7U4EAjdlmUG17c756McQGdjHU8Ajkfc/A3YOKdqlMcF6dXaIxATED+g2f62wkRRRRRzA==</masterKey> </descriptor>"; var test = new CngGcmAuthenticatedEncryptorDescriptorDeserializer().ImportFromXml(XElement.Parse(xml)).CreateEncryptorInstance(); // Act & assert byte[] plaintext = new byte[] { 1, 2, 3, 4, 5 }; byte[] aad = new byte[] { 2, 4, 6, 8, 0 }; byte[] ciphertext = control.Encrypt(new ArraySegment<byte>(plaintext), new ArraySegment<byte>(aad)); byte[] roundTripPlaintext = test.Decrypt(new ArraySegment<byte>(ciphertext), new ArraySegment<byte>(aad)); Assert.Equal(plaintext, roundTripPlaintext); }
public void ExportToXml_WithProviders_ProducesCorrectPayload() { // Arrange var masterKey = "k88VrwGLINfVAqzlAp7U4EAjdlmUG17c756McQGdjHU8Ajkfc/A3YOKdqlMcF6dXaIxATED+g2f62wkRRRRRzA==".ToSecret(); var descriptor = new CngGcmAuthenticatedEncryptorDescriptor(new CngGcmAuthenticatedEncryptionSettings() { EncryptionAlgorithm = "enc-alg", EncryptionAlgorithmKeySize = 2048, EncryptionAlgorithmProvider = "enc-alg-prov" }, masterKey); // Act var retVal = descriptor.ExportToXml(); // Assert Assert.Equal(typeof(CngGcmAuthenticatedEncryptorDescriptorDeserializer), retVal.DeserializerType); const string expectedXml = @" <descriptor> <encryption algorithm='enc-alg' keyLength='2048' provider='enc-alg-prov' /> <masterKey enc:requiresEncryption='true' xmlns:enc='http://schemas.asp.net/2015/03/dataProtection'> <value>k88VrwGLINfVAqzlAp7U4EAjdlmUG17c756McQGdjHU8Ajkfc/A3YOKdqlMcF6dXaIxATED+g2f62wkRRRRRzA==</value> </masterKey> </descriptor>"; XmlAssert.Equal(expectedXml, retVal.SerializedDescriptorElement); }
private static IAuthenticatedEncryptor CreateEncryptorInstanceFromDescriptor(CngGcmAuthenticatedEncryptorDescriptor descriptor) { var encryptorFactory = new CngGcmAuthenticatedEncryptorFactory(NullLoggerFactory.Instance); var key = new Key( keyId: Guid.NewGuid(), creationDate: DateTimeOffset.Now, activationDate: DateTimeOffset.Now + TimeSpan.FromHours(1), expirationDate: DateTimeOffset.Now + TimeSpan.FromDays(30), descriptor: descriptor, encryptorFactories: new[] { encryptorFactory }); return(key.CreateEncryptor()); }