public override void Load(Stream stream)
{
byte[] encryptedData;
using (MemoryStream memoryStream = new MemoryStream())
{
stream.CopyTo(memoryStream);
encryptedData = memoryStream.ToArray();
}
var base64Array = Encoding.UTF8.GetString(encryptedData).Split('.');
var sessionKeyBlob = Convert.FromBase64String(base64Array[0]);
var encryptedConfigData = Convert.FromBase64String(base64Array[1]);
var sessionKey = SessionKeyContainer.FromBlob(sessionKeyBlob);
var hybridDecryption = HybridDecryption.Create(_containerName, _signatureKey);
var data = hybridDecryption.DecryptData(sessionKey, encryptedConfigData);
using (MemoryStream memoryStream = new MemoryStream(data))
{
var configurationFileParser = new JsonConfigurationFileParser();
this.Data = configurationFileParser.Parse(memoryStream);
}
}
public void GivenEncryptingData_WhenDecryptingData_FromImportedKey_ThenDataIsDecrypted()
{
var currentUser = WindowsIdentity.GetCurrent()
.Name;
var target = new RSAEncryption("target", currentUser);
var signatureContainer = new RSAEncryption("signatureContainer", currentUser);
var signaturePublicKey = signatureContainer.ExportKey(false);
var targetPublicKey = target.ExportKey(false);
HybridEncryption hybridEncryption = HybridEncryption.CreateEncryption(targetPublicKey, "signatureContainer");
HybridDecryption hybridDecryption = HybridDecryption.CreateDecryption("target", signaturePublicKey);
RandomNumberGenerator random = new RNGCryptoServiceProvider();
var data = new byte[512];
var sessionKey = new byte[32];
var iv = new byte[16];
random.GetBytes(sessionKey);
random.GetBytes(iv);
random.GetBytes(data);
(EncryptionSettings key, byte[] encryptedData)encryptedResult = hybridEncryption.EncryptData(sessionKey, data, iv);
var keyBlob = encryptedResult.key.ExportToBlob();
var keyFromBlob = EncryptionSettings.FromBlob(keyBlob);
var decryptedData = hybridDecryption.DecryptData(keyFromBlob, encryptedResult.encryptedData);
Assert.That(decryptedData, Is.EqualTo(data));
}
public WhenDecryptingData()
{
_files = Directory.EnumerateFiles(WellKnownPaths.RSA_MACHINEKEYS)
.ToArray();
var currentUser = WindowsIdentity.GetCurrent()
.Name;
var signatureContainer = "signature";
var encryptionContainer = "encryption";
var encryptionKey = RSAEncryption.CreateSecureContainer(encryptionContainer, currentUser);
var signingKey = RSAEncryption.CreateSecureContainer(signatureContainer, currentUser);
var signaturePublicKey = signingKey.ExportKey(false);
var encryptionPublicKey = encryptionKey.ExportKey(false);
_hybridEncryption = HybridEncryption.Create(encryptionPublicKey, signatureContainer);
_hybridDecryption = HybridDecryption.Create(encryptionContainer, signaturePublicKey);
}
public void ThenEncryptedFileCanBeDecryptedWithKey()
{
var encryptedFile = $"{Guid.NewGuid()}";
Program.Main(new[] { "encrypt",
$"-{WellKnownCommandArguments.IMPORT_KEY}", _keyFile,
$"-{WellKnownCommandArguments.SIGNATURE_CONTAINER}", _signatureContainerName,
$"-{WellKnownCommandArguments.FILE_PATH}", "appsettings.json",
$"-{WellKnownCommandArguments.ENCRYPTED_FILE_OUT}", encryptedFile });
var expectedFile = File.ReadAllBytes("appsettings.json");
var encryptedKey = EncryptionSettings.FromBlob(File.ReadAllBytes("decryptionkey"));
var encryptedData = File.ReadAllBytes(encryptedFile);
IHybridDecryption hybridDecryption = HybridDecryption.CreateDecryption(_containerName, File.ReadAllText(_signaturekeyFile));
var decryptedFile = hybridDecryption.DecryptData(encryptedKey, encryptedData);
Assert.That(expectedFile, Is.EqualTo(decryptedFile));
}
