public void GivenUsername_WhenCreatingContainer_ThenSetsAccessControlToReadOnlyForUser() { var container = $"{Guid.NewGuid()}"; var rsaEncryption = RSAEncryption.CreateSecureContainer(container, User); var rsaCryptoServiceProvider = new RSACryptoServiceProvider(new CspParameters() { KeyContainerName = container }); rsaEncryption.ExportKey(false); var path = Path.Combine(WellKnownPaths.RSA_MACHINEKEYS, rsaCryptoServiceProvider.CspKeyContainerInfo.UniqueKeyContainerName); FileSecurity fSecurity = new FileSecurity(path, AccessControlSections.Access); var accessRule = fSecurity.GetAccessRules(true, true, typeof(NTAccount)) .Cast <FileSystemAccessRule>() .SingleOrDefault(); var rights = accessRule.FileSystemRights .ToString() .Split(',') .Select(x => (FileSystemRights)Enum.Parse(typeof(FileSystemRights), x, true)); Assert.NotNull(rights); Assert.That(rights.Count(), Is.EqualTo(1)); Assert.That(rights.Any(systemRights => systemRights == FileSystemRights.FullControl)); }
public WhenEncryptingData() { _files = Directory.EnumerateFiles(WellKnownPaths.RSA_MACHINEKEYS) .ToArray(); var currentUser = WindowsIdentity.GetCurrent() .Name; var signatureContainer = "signature"; var encryptionContainer = "encryption"; var encryptionKey = RSAEncryption.CreateSecureContainer(encryptionContainer, currentUser); var encryptionPublicKey = encryptionKey.ExportKey(false); _hybridEncryption = HybridEncryption.Create(encryptionPublicKey, signatureContainer); }
public void GivenUsername_WhenCreatingContainer_ThenOnlyProvidedUserNameHasAccess() { var container = $"{Guid.NewGuid()}"; var rsaEncryption = RSAEncryption.CreateSecureContainer(container, User); rsaEncryption.ExportKey(false); var cspContainer = LoadCspKeyContainerInfo(container); var rule = cspContainer.CryptoKeySecurity.GetAccessRules(true, true, typeof(NTAccount)) .Cast <AuthorizationRule>() .SingleOrDefault(); Assert.That(rule, Is.Not.Null); Assert.That(rule.IdentityReference.Value, Is.EqualTo(User)); }
public void GivenContainerAlreadyExistsForCurrentUser_WhenCreatingContainerWithSameName_ThenLoadsContainer() { RSAEncryption.CreateSecureContainer("Container", User); Assert.DoesNotThrow(() => RSAEncryption.CreateContainer("Container")); }
public void GivenContainerAlreadyExistsForAnotherUser_WhenLoadingContainerWithSameName_ThenThrowsCryptographicException() { RSAEncryption.CreateSecureContainer("Container", "SYSTEM"); Assert.Throws <CryptographicException>(() => RSAEncryption.LoadContainer("Container")); }