public void SecureFile_File_BadHash()
{
string originalName = Path.GetTempFileName();
string encryptName = Path.GetTempFileName();
string decryptName = Path.GetTempFileName();
string privateKey = AsymmetricCrypto.CreatePrivateKey(CryptoAlgorithm.RSA, 1024);
string publicKey = AsymmetricCrypto.GetPublicKey(CryptoAlgorithm.RSA, privateKey);
EnhancedStream original = null;
EnhancedStream encrypted = null;
SecureFile secure = null;
byte b;
try
{
original = new EnhancedFileStream(originalName, FileMode.Create, FileAccess.ReadWrite);
for (int i = 0; i < 100; i++)
{
original.WriteByte((byte)i);
}
original.Close();
original = null;
secure = new SecureFile(originalName, SecureFileMode.Encrypt, publicKey);
secure.EncryptTo(encryptName, CryptoAlgorithm.AES, 256);
secure.Close();
secure = null;
// Munge the last byte of the hash digest and then confirm
// that the bad hash is detected.
encrypted = new EnhancedFileStream(encryptName, FileMode.Open, FileAccess.ReadWrite);
encrypted.Position = encrypted.Length - 1;
b = (byte)encrypted.ReadByte();
encrypted.Position = encrypted.Length - 1;
encrypted.WriteByte((byte)(~b));
encrypted.Close();
encrypted = null;
ExtendedAssert.Throws <CryptographicException>(
() =>
{
secure = new SecureFile(encryptName, SecureFileMode.Decrypt, privateKey);
secure.DecryptTo(decryptName);
});
}
finally
{
if (original != null)
{
original.Close();
}
if (encrypted != null)
{
encrypted.Close();
}
try { System.IO.File.Delete(originalName); } catch { }
try { System.IO.File.Delete(encryptName); } catch { }
try { System.IO.File.Delete(decryptName); } catch { }
}
}
public void SecureFile_File_NoContent()
{
string originalName = Path.GetTempFileName();
string encryptName = Path.GetTempFileName();
string decryptName = Path.GetTempFileName();
string privateKey = AsymmetricCrypto.CreatePrivateKey(CryptoAlgorithm.RSA, 1024);
string publicKey = AsymmetricCrypto.GetPublicKey(CryptoAlgorithm.RSA, privateKey);
EnhancedStream original = null;
EnhancedStream encrypted = null;
EnhancedStream decrypted = null;
SecureFile secure = null;
DateTime createTime = Helper.UtcNowRounded - TimeSpan.FromMinutes(1);
DateTime writeTime = Helper.UtcNowRounded;
try
{
original = new EnhancedFileStream(originalName, FileMode.Create, FileAccess.ReadWrite);
original.Close();
original = null;
Directory.SetCreationTimeUtc(originalName, createTime);
Directory.SetLastWriteTimeUtc(originalName, writeTime);
secure = new SecureFile(originalName, SecureFileMode.Encrypt, publicKey);
secure.EncryptTo(encryptName, CryptoAlgorithm.AES, 256);
Assert.AreEqual(Path.GetFileName(originalName), secure.FileName);
Assert.AreEqual(createTime, secure.CreateTimeUtc);
Assert.AreEqual(writeTime, secure.WriteTimeUtc);
secure.Close();
secure = null;
secure = new SecureFile(encryptName, SecureFileMode.Decrypt, privateKey);
Assert.AreEqual(Path.GetFileName(originalName), secure.FileName);
Assert.AreEqual(createTime, secure.CreateTimeUtc);
Assert.AreEqual(writeTime, secure.WriteTimeUtc);
secure.DecryptTo(decryptName);
secure.Close();
secure = null;
Assert.AreEqual(createTime, Directory.GetCreationTimeUtc(decryptName));
Assert.AreEqual(writeTime, Directory.GetLastWriteTimeUtc(decryptName));
original = new EnhancedFileStream(originalName, FileMode.Open, FileAccess.Read);
encrypted = new EnhancedFileStream(encryptName, FileMode.Open, FileAccess.Read);
decrypted = new EnhancedFileStream(decryptName, FileMode.Open, FileAccess.Read);
original.Position = 0;
encrypted.Position = 0;
Assert.AreNotEqual(original.ReadBytesToEnd(), encrypted.ReadBytesToEnd());
original.Position = 0;
decrypted.Position = 0;
CollectionAssert.AreEqual(original.ReadBytesToEnd(), decrypted.ReadBytesToEnd());
}
finally
{
if (original != null)
{
original.Close();
}
if (encrypted != null)
{
encrypted.Close();
}
if (decrypted != null)
{
decrypted.Close();
}
System.IO.File.Delete(originalName);
System.IO.File.Delete(encryptName);
System.IO.File.Delete(decryptName);
}
}
public void SecureFile_Stream_KeyChain()
{
string privateKey = AsymmetricCrypto.CreatePrivateKey(CryptoAlgorithm.RSA, 1024);
string publicKey = AsymmetricCrypto.GetPublicKey(CryptoAlgorithm.RSA, privateKey);
EnhancedMemoryStream original = new EnhancedMemoryStream();
EnhancedMemoryStream encrypted = new EnhancedMemoryStream();
SecureFile secure = null;
for (int i = 0; i < 100; i++)
{
original.WriteByte((byte)i);
}
// Verify that SecureFile can find the correct private key in the key chain.
secure = new SecureFile(original, SecureFileMode.Encrypt, publicKey);
Assert.IsTrue(secure.SavePublicKey);
Assert.AreEqual(publicKey, secure.PublicKey);
original.Position = 0;
secure.EncryptTo(encrypted, CryptoAlgorithm.AES, 256);
secure.Close();
secure = null;
KeyChain keyChain = new KeyChain();
EnhancedMemoryStream decrypted = new EnhancedMemoryStream();
keyChain.Add(privateKey);
encrypted.Position = 0;
secure = new SecureFile(encrypted, keyChain);
secure.DecryptTo(decrypted);
secure.Close();
secure = null;
CollectionAssert.AreEqual(original.ToArray(), decrypted.ToArray());
// Verify that SecureFile throws a CryptographicException if the
// key is not present in the chain.
keyChain.Clear();
encrypted.Position = 0;
try
{
secure = new SecureFile(encrypted, keyChain);
secure.DecryptTo(decrypted);
Assert.Fail("Expecting a CryptographicException");
}
catch (CryptographicException)
{
// Expecting this
}
finally
{
if (secure != null)
{
secure.Close();
secure = null;
}
}
// Verify that SecureFile throws a CryptographicException if the
// public key was not saved to the file.
keyChain.Add(privateKey);
secure = new SecureFile(original, SecureFileMode.Encrypt, publicKey);
secure.SavePublicKey = false;
original.Position = 0;
encrypted = new EnhancedMemoryStream();
secure.EncryptTo(encrypted, CryptoAlgorithm.AES, 256);
secure.Close();
secure = null;
try
{
secure = new SecureFile(encrypted, keyChain);
secure.DecryptTo(decrypted);
Assert.Fail("Expecting a CryptographicException");
}
catch (CryptographicException) {
// Expecting this
}
finally
{
if (secure != null)
{
secure.Close();
secure = null;
}
}
}
