/// <summary>
/// Encrypt the specified clearText.
/// </summary>
/// <param name="context">Your Android Context, likely your Activity or Service</param>
/// <param name="alias">Alias is the name you are using for the key, use sensible name</param>
/// <param name="clearText">The content you want to encrypt</param>
public static EncryptedTuple Encrypt(Context context, string alias, string clearText)
{
var secretKeys = AesCbcWithIntegrity.GenerateKey();
var confidentialKeyWrapper = new SecretKeyWrapper(context, alias);
var encryptedSymmetricKey = confidentialKeyWrapper.EncryptedThenMac(secretKeys);
var encryptedBundle = AesCbcWithIntegrity.Encrypt(Encoding.UTF8.GetBytes(clearText), secretKeys);
return(new EncryptedTuple(encryptedBundle.ToString(), encryptedSymmetricKey));
}
public void TestSecretKeyWrapperRoundTrip()
{
var secretKeyWrapper = new SecretKeyWrapper(context, UnitTestAlias);
var secretKeys = AesCbcWithIntegrity.GenerateKey();
var wrappedKey = secretKeyWrapper.EncryptedThenMac(secretKeys);
Assert.False(AesCbcWithIntegrity.KeyString(secretKeys) == wrappedKey);
var unwrappedKey = secretKeyWrapper.CheckMacAndDecrypt(wrappedKey);
Assert.True(AesCbcWithIntegrity.KeyString(secretKeys) == AesCbcWithIntegrity.KeyString(unwrappedKey));
}
public void TestAesCbcWithIntegrityRoundTrip()
{
var privateKey = AesCbcWithIntegrity.GenerateKey();
var mySecretText = "This is my secret";
var mySecretBytes = Encoding.UTF8.GetBytes(mySecretText);
var cipherText = AesCbcWithIntegrity.Encrypt(mySecretBytes, privateKey);
Assert.False(AesCbcWithIntegrity.ConstantTimeEq(mySecretBytes, cipherText.GetCipherText()));
var decryptedBytes = AesCbcWithIntegrity.Decrypt(cipherText, privateKey);
var decryptedText = Encoding.UTF8.GetString(decryptedBytes);
Assert.True(mySecretText == decryptedText,
string.Format("Expect {0} but got {1}", mySecretText, decryptedText));
}