public void ImportFromXml_CustomType_CreatesAppropriateDescriptor()
{
// Arrange
var descriptor = new ManagedAuthenticatedEncryptorDescriptor(
new ManagedAuthenticatedEncryptorConfiguration()
{
EncryptionAlgorithmType = typeof(Aes),
EncryptionAlgorithmKeySize = 192,
ValidationAlgorithmType = typeof(HMACSHA384)
},
"k88VrwGLINfVAqzlAp7U4EAjdlmUG17c756McQGdjHU8Ajkfc/A3YOKdqlMcF6dXaIxATED+g2f62wkRRRRRzA==".ToSecret());
var control = CreateEncryptorInstanceFromDescriptor(descriptor);
string xml = string.Format(@"
<descriptor>
<encryption algorithm='{0}' keyLength='192' />
<validation algorithm='{1}' />
<masterKey enc:requiresEncryption='true' xmlns:enc='http://schemas.asp.net/2015/03/dataProtection'>
<value>k88VrwGLINfVAqzlAp7U4EAjdlmUG17c756McQGdjHU8Ajkfc/A3YOKdqlMcF6dXaIxATED+g2f62wkRRRRRzA==</value>
</masterKey>
</descriptor>",
typeof(Aes).AssemblyQualifiedName, typeof(HMACSHA384).AssemblyQualifiedName);
var deserializedDescriptor = new ManagedAuthenticatedEncryptorDescriptorDeserializer().ImportFromXml(XElement.Parse(xml));
var test = CreateEncryptorInstanceFromDescriptor(deserializedDescriptor as ManagedAuthenticatedEncryptorDescriptor);
// Act & assert
byte[] plaintext = new byte[] { 1, 2, 3, 4, 5 };
byte[] aad = new byte[] { 2, 4, 6, 8, 0 };
byte[] ciphertext = control.Encrypt(new ArraySegment <byte>(plaintext), new ArraySegment <byte>(aad));
byte[] roundTripPlaintext = test.Decrypt(new ArraySegment <byte>(ciphertext), new ArraySegment <byte>(aad));
Assert.Equal(plaintext, roundTripPlaintext);
}
public void ExportToXml_BuiltInTypes_ProducesCorrectPayload(Type encryptionAlgorithmType, Type validationAlgorithmType)
{
// Arrange
var masterKey = "k88VrwGLINfVAqzlAp7U4EAjdlmUG17c756McQGdjHU8Ajkfc/A3YOKdqlMcF6dXaIxATED+g2f62wkRRRRRzA==".ToSecret();
var descriptor = new ManagedAuthenticatedEncryptorDescriptor(new ManagedAuthenticatedEncryptorConfiguration()
{
EncryptionAlgorithmType = encryptionAlgorithmType,
EncryptionAlgorithmKeySize = 2048,
ValidationAlgorithmType = validationAlgorithmType
}, masterKey);
// Act
var retVal = descriptor.ExportToXml();
// Assert
Assert.Equal(typeof(ManagedAuthenticatedEncryptorDescriptorDeserializer), retVal.DeserializerType);
string expectedXml = string.Format(@"
<descriptor>
<encryption algorithm='{0}' keyLength='2048' />
<validation algorithm='{1}' />
<masterKey enc:requiresEncryption='true' xmlns:enc='http://schemas.asp.net/2015/03/dataProtection'>
<value>k88VrwGLINfVAqzlAp7U4EAjdlmUG17c756McQGdjHU8Ajkfc/A3YOKdqlMcF6dXaIxATED+g2f62wkRRRRRzA==</value>
</masterKey>
</descriptor>",
encryptionAlgorithmType.Name, validationAlgorithmType.Name);
XmlAssert.Equal(expectedXml, retVal.SerializedDescriptorElement);
}
public void ImportFromXml_CustomType_CreatesAppropriateDescriptor()
{
// Arrange
var control = new ManagedAuthenticatedEncryptorDescriptor(
new ManagedAuthenticatedEncryptionSettings()
{
EncryptionAlgorithmType = typeof(Aes),
EncryptionAlgorithmKeySize = 192,
ValidationAlgorithmType = typeof(HMACSHA384)
},
"k88VrwGLINfVAqzlAp7U4EAjdlmUG17c756McQGdjHU8Ajkfc/A3YOKdqlMcF6dXaIxATED+g2f62wkRRRRRzA==".ToSecret()).CreateEncryptorInstance();
string xml = String.Format(@"
<descriptor>
<encryption algorithm='{0}' keyLength='192' />
<validation algorithm='{1}' />
<masterKey enc:requiresEncryption='true' xmlns:enc='http://schemas.asp.net/2015/03/dataProtection'>
<value>k88VrwGLINfVAqzlAp7U4EAjdlmUG17c756McQGdjHU8Ajkfc/A3YOKdqlMcF6dXaIxATED+g2f62wkRRRRRzA==</value>
</masterKey>
</descriptor>",
typeof(Aes).AssemblyQualifiedName, typeof(HMACSHA384).AssemblyQualifiedName);
var test = new ManagedAuthenticatedEncryptorDescriptorDeserializer().ImportFromXml(XElement.Parse(xml)).CreateEncryptorInstance();
// Act & assert
byte[] plaintext = new byte[] { 1, 2, 3, 4, 5 };
byte[] aad = new byte[] { 2, 4, 6, 8, 0 };
byte[] ciphertext = control.Encrypt(new ArraySegment<byte>(plaintext), new ArraySegment<byte>(aad));
byte[] roundTripPlaintext = test.Decrypt(new ArraySegment<byte>(ciphertext), new ArraySegment<byte>(aad));
Assert.Equal(plaintext, roundTripPlaintext);
}
public void ImportFromXml_CustomType_CreatesAppropriateDescriptor()
{
// Arrange
var masterKey = Convert.ToBase64String(Encoding.UTF8.GetBytes("[PLACEHOLDER]"));
var descriptor = new ManagedAuthenticatedEncryptorDescriptor(
new ManagedAuthenticatedEncryptorConfiguration()
{
EncryptionAlgorithmType = typeof(Aes),
EncryptionAlgorithmKeySize = 192,
ValidationAlgorithmType = typeof(HMACSHA384)
},
masterKey.ToSecret());
var control = CreateEncryptorInstanceFromDescriptor(descriptor);
var xml = $@"
<descriptor>
<encryption algorithm='{typeof(Aes).AssemblyQualifiedName}' keyLength='192' />
<validation algorithm='{typeof(HMACSHA384).AssemblyQualifiedName}' />
<masterKey enc:requiresEncryption='true' xmlns:enc='http://schemas.asp.net/2015/03/dataProtection'>
<value>{masterKey}</value>
</masterKey>
</descriptor>";
var deserializedDescriptor = new ManagedAuthenticatedEncryptorDescriptorDeserializer().ImportFromXml(XElement.Parse(xml));
var test = CreateEncryptorInstanceFromDescriptor(deserializedDescriptor as ManagedAuthenticatedEncryptorDescriptor);
// Act & assert
byte[] plaintext = new byte[] { 1, 2, 3, 4, 5 };
byte[] aad = new byte[] { 2, 4, 6, 8, 0 };
byte[] ciphertext = control.Encrypt(new ArraySegment <byte>(plaintext), new ArraySegment <byte>(aad));
byte[] roundTripPlaintext = test.Decrypt(new ArraySegment <byte>(ciphertext), new ArraySegment <byte>(aad));
Assert.Equal(plaintext, roundTripPlaintext);
}
public void ExportToXml_BuiltInTypes_ProducesCorrectPayload(Type encryptionAlgorithmType, Type validationAlgorithmType)
{
// Arrange
var masterKey = Convert.ToBase64String(Encoding.UTF8.GetBytes("[PLACEHOLDER]"));
var descriptor = new ManagedAuthenticatedEncryptorDescriptor(new ManagedAuthenticatedEncryptorConfiguration()
{
EncryptionAlgorithmType = encryptionAlgorithmType,
EncryptionAlgorithmKeySize = 2048,
ValidationAlgorithmType = validationAlgorithmType
}, masterKey.ToSecret());
// Act
var retVal = descriptor.ExportToXml();
// Assert
Assert.Equal(typeof(ManagedAuthenticatedEncryptorDescriptorDeserializer), retVal.DeserializerType);
var expectedXml = $@"
<descriptor>
<encryption algorithm='{encryptionAlgorithmType.Name}' keyLength='2048' />
<validation algorithm='{validationAlgorithmType.Name}' />
<masterKey enc:requiresEncryption='true' xmlns:enc='http://schemas.asp.net/2015/03/dataProtection'>
<value>{masterKey}</value>
</masterKey>
</descriptor>";
XmlAssert.Equal(expectedXml, retVal.SerializedDescriptorElement);
}
public void ExportToXml_CustomTypes_ProducesCorrectPayload()
{
// Arrange
var masterKey = "k88VrwGLINfVAqzlAp7U4EAjdlmUG17c756McQGdjHU8Ajkfc/A3YOKdqlMcF6dXaIxATED+g2f62wkRRRRRzA==".ToSecret();
var descriptor = new ManagedAuthenticatedEncryptorDescriptor(new ManagedAuthenticatedEncryptionSettings()
{
EncryptionAlgorithmType = typeof(MySymmetricAlgorithm),
EncryptionAlgorithmKeySize = 2048,
ValidationAlgorithmType = typeof(MyKeyedHashAlgorithm)
}, masterKey);
// Act
var retVal = descriptor.ExportToXml();
// Assert
Assert.Equal(typeof(ManagedAuthenticatedEncryptorDescriptorDeserializer), retVal.DeserializerType);
string expectedXml = String.Format(@"
<descriptor>
<encryption algorithm='{0}' keyLength='2048' />
<validation algorithm='{1}' />
<masterKey enc:requiresEncryption='true' xmlns:enc='http://schemas.asp.net/2015/03/dataProtection'>
<value>k88VrwGLINfVAqzlAp7U4EAjdlmUG17c756McQGdjHU8Ajkfc/A3YOKdqlMcF6dXaIxATED+g2f62wkRRRRRzA==</value>
</masterKey>
</descriptor>",
typeof(MySymmetricAlgorithm).AssemblyQualifiedName, typeof(MyKeyedHashAlgorithm).AssemblyQualifiedName);
XmlAssert.Equal(expectedXml, retVal.SerializedDescriptorElement);
}
private static IAuthenticatedEncryptor CreateEncryptorInstanceFromDescriptor(ManagedAuthenticatedEncryptorDescriptor descriptor)
{
var encryptorFactory = new ManagedAuthenticatedEncryptorFactory(NullLoggerFactory.Instance);
var key = new Key(
Guid.NewGuid(),
DateTimeOffset.Now,
DateTimeOffset.Now + TimeSpan.FromHours(1),
DateTimeOffset.Now + TimeSpan.FromDays(30),
descriptor,
new[] { encryptorFactory });
return(key.CreateEncryptor());
}
