public void EncryptDecrypt_ValidPasswordSalt_AreEqual()
{
AesCryptography aes = new AesCryptography();
byte[] cipherText = aes.Encrypt(SecurityIds.Password, Encoding.UTF8.GetBytes(SecurityIds.Salt), Encoding.UTF8.GetBytes(CLEAR_TEXT));
byte[] inClearText = aes.Decrypt(SecurityIds.Password, Encoding.UTF8.GetBytes(SecurityIds.Salt), cipherText);
Assert.AreEqual(CLEAR_TEXT, Encoding.UTF8.GetString(inClearText));
try
{
// Now let's do some tampering...
cipherText[30]++;
aes.Decrypt(SecurityIds.Password, Encoding.UTF8.GetBytes(SecurityIds.Salt), cipherText);
Assert.Fail("The 'Decrypt' method did not throw an exception eventhough data was tamered with!");
}
catch (Exception ex)
{
Assert.IsTrue(ex is CryptographicException);
}
}
public void EncryptDecrypt_TamperingEncryptedData_ThrowsCryptographicException()
{
AesCryptography aes = new AesCryptography();
byte[] cipherText = aes.Encrypt(SecurityIds.Password, Encoding.UTF8.GetBytes(SecurityIds.Salt), Encoding.UTF8.GetBytes(CLEAR_TEXT));
byte[] inClearText = aes.Decrypt(SecurityIds.Password, Encoding.UTF8.GetBytes(SecurityIds.Salt), cipherText);
// Now let's do some tampering...
cipherText[30]++;
aes.Decrypt(SecurityIds.Password, Encoding.UTF8.GetBytes(SecurityIds.Salt), cipherText);
}
