public void TestAsymmetricEncryptionNonPersistedKey()
{
byte[] plainBytes = ByteUtil.Utf8NoBOM.GetBytes("Secret String For Testing");
AsymmetricEncryption.GenerateNewKeys(out string publicKey, out string privateKey);
byte[] encryptedBytes = AsymmetricEncryption.EncryptWithKey(publicKey, plainBytes);
Assert.IsFalse(ByteUtil.ByteArraysMatch(plainBytes, encryptedBytes));
byte[] decryptedBytes = AsymmetricEncryption.DecryptWithKey(privateKey, encryptedBytes);
Assert.IsTrue(ByteUtil.ByteArraysMatch(plainBytes, decryptedBytes));
// Try encrypting with the private key (usually done with only the public key).
byte[] encryptedBytes2 = AsymmetricEncryption.EncryptWithKey(privateKey, plainBytes);
Assert.IsFalse(ByteUtil.ByteArraysMatch(plainBytes, encryptedBytes2));
// Try decrypting with the public key (should fail)
try
{
byte[] decryptedBytes2 = AsymmetricEncryption.DecryptWithKey(publicKey, encryptedBytes);
Assert.Fail("Expected exception when trying to decrypt with public key.");
}
catch { }
// Verify that private-key-encryption worked as intended
byte[] decryptedBytes3 = AsymmetricEncryption.DecryptWithKey(privateKey, encryptedBytes);
Assert.IsTrue(ByteUtil.ByteArraysMatch(plainBytes, decryptedBytes3));
}
/// <summary>
/// Returns true if the specified address is the same as any of this server's addresses.
/// </summary>
/// <param name="address"></param>
/// <returns></returns>
public bool IsSameMachine(IPAddress address)
{
if (address.AddressFamily == AddressFamily.InterNetwork)
{
byte[] addressBytes = address.GetAddressBytes();
foreach (byte[] localAddress in localIPv4Addresses)
{
if (ByteUtil.ByteArraysMatch(addressBytes, localAddress))
{
return(true);
}
}
}
else if (address.AddressFamily == AddressFamily.InterNetworkV6)
{
foreach (IPAddress localAddress in localIPv6Addresses)
{
if (address.Equals(localAddress))
{
return(true);
}
}
}
return(false);
}
public void TestGetInverse()
{
byte[] array1 = new byte[] { 0b00000001, 0b00000010, 0b00000100, 0b00001000, 0b00010000, 0b00100000, 0b01000000, 0b10000000, 0b11110000, 0b10101010 };
byte[] expected = new byte[] { 0b11111110, 0b11111101, 0b11111011, 0b11110111, 0b11101111, 0b11011111, 0b10111111, 0b01111111, 0b00001111, 0b01010101 };
byte[] actual = ByteUtil.GetInverse(array1);
Assert.IsTrue(ByteUtil.ByteArraysMatch(expected, actual));
Assert.IsNull(ByteUtil.GetInverse(null));
}
public void TestInvertBits()
{
byte[] array1 = new byte[] { 0b00000001, 0b00000010, 0b00000100, 0b00001000, 0b00010000, 0b00100000, 0b01000000, 0b10000000, 0b11110000, 0b10101010 };
byte[] expected = new byte[] { 0b11111110, 0b11111101, 0b11111011, 0b11110111, 0b11101111, 0b11011111, 0b10111111, 0b01111111, 0b00001111, 0b01010101 };
ByteUtil.InvertBits(array1);
Assert.IsTrue(ByteUtil.ByteArraysMatch(expected, array1));
// Passing null does not throw exception.
ByteUtil.InvertBits(null);
}
private void TestRSAPayloadSizeLimitAtKeySize(int keySize, int expectedPayloadSizeLimit, int startTestAt = -1)
{
AsymmetricKeypair keys = GetStaticKeys(keySize);
if (startTestAt < 1)
{
startTestAt = expectedPayloadSizeLimit;
}
int expectedFailureAt = expectedPayloadSizeLimit + 1;
for (int i = startTestAt; i <= expectedFailureAt; i++)
{
byte[] plainBytes = new byte[i];
SecureRandom.NextBytes(plainBytes);
byte[] encryptedBytes = null;
try
{
encryptedBytes = AsymmetricEncryption.EncryptWithKey(keys.publicKey, plainBytes);
}
catch (Exception ex)
{
if (i == expectedFailureAt)
{
return;
}
Assert.Fail(keySize + "-bit key failed at payload size " + i + " bytes. Expected failure at " + expectedFailureAt + "-byte payload size. Exception: " + ex.ToString());
}
if (i == expectedFailureAt)
{
Assert.Fail("Expected exception when encrypting " + expectedFailureAt + "-byte payload size. Did not get exception. " + keySize + "-bit key test failed.");
}
Assert.IsFalse(ByteUtil.ByteArraysMatch(plainBytes, encryptedBytes));
byte[] decryptedBytes = AsymmetricEncryption.DecryptWithKey(keys.privateKey, encryptedBytes);
Assert.IsTrue(ByteUtil.ByteArraysMatch(plainBytes, decryptedBytes));
}
}
public void TestByteArraysMatch()
{
byte[] array1 = new byte[] { 0b00000001, 0b00000010, 0b00000100, 0b00001000, 0b00010000, 0b00100000, 0b01000000, 0b10000000, 0b11110000, 0b10101010 };
byte[] array2 = new byte[] { 0b11111110, 0b11111101, 0b11111011, 0b11110111, 0b11101111, 0b11011111, 0b10111111, 0b01111111, 0b00001111, 0b01010101 };
byte[] array3 = new byte[] { 0b11111110 };
byte[] array1_copy = new byte[] { 0b00000001, 0b00000010, 0b00000100, 0b00001000, 0b00010000, 0b00100000, 0b01000000, 0b10000000, 0b11110000, 0b10101010 };
byte[] array2_copy = new byte[] { 0b11111110, 0b11111101, 0b11111011, 0b11110111, 0b11101111, 0b11011111, 0b10111111, 0b01111111, 0b00001111, 0b01010101 };
Assert.IsTrue(ByteUtil.ByteArraysMatch(array1, array1));
Assert.IsTrue(ByteUtil.ByteArraysMatch(array1, array1_copy));
Assert.IsTrue(ByteUtil.ByteArraysMatch(array1_copy, array1));
Assert.IsTrue(ByteUtil.ByteArraysMatch(array2, array2_copy));
Assert.IsFalse(ByteUtil.ByteArraysMatch(array1, array2));
Assert.IsFalse(ByteUtil.ByteArraysMatch(array2, array1));
Assert.IsFalse(ByteUtil.ByteArraysMatch(array2, array3));
Assert.IsFalse(ByteUtil.ByteArraysMatch(array3, array2));
Assert.IsFalse(ByteUtil.ByteArraysMatch(null, array1));
Assert.IsFalse(ByteUtil.ByteArraysMatch(array1, null));
Assert.IsTrue(ByteUtil.ByteArraysMatch(null, null));
}
private void TestAsymmetricEncryptionWithKeystore(Keystore correctKeystore, string correctKeyContainerName, Keystore wrongKeystore, string wrongKeyContainerName)
{
CleanupKeystores();
byte[] plainBytes = ByteUtil.Utf8NoBOM.GetBytes("Secret String For Testing");
try
{
// Key should be automatically generated
byte[] encryptedBytes = AsymmetricEncryption.EncryptWithKeyFromKeystore(correctKeystore, correctKeyContainerName, plainBytes);
Assert.IsFalse(ByteUtil.ByteArraysMatch(plainBytes, encryptedBytes));
byte[] decryptedBytes = AsymmetricEncryption.DecryptWithKeyFromKeystore(correctKeystore, correctKeyContainerName, encryptedBytes);
Assert.IsTrue(ByteUtil.ByteArraysMatch(plainBytes, decryptedBytes));
// Key should be retrievable from correct keystore
string publicKeyLoaded = AsymmetricEncryption.GetKeyFromKeystore(correctKeystore, correctKeyContainerName, false);
Assert.IsNotNull(publicKeyLoaded);
// Key should NOT be retrievable from incorrect keystore
string publicKeyFromWrongKeystore = AsymmetricEncryption.GetKeyFromKeystore(wrongKeystore, correctKeyContainerName, false);
Assert.IsNull(publicKeyFromWrongKeystore);
Assert.IsTrue(KeystoreContainsKeyContainer(correctKeystore, correctKeyContainerName));
Assert.IsFalse(KeystoreContainsKeyContainer(wrongKeystore, correctKeyContainerName));
Assert.IsFalse(KeystoreContainsKeyContainer(correctKeystore, wrongKeyContainerName));
Assert.IsFalse(KeystoreContainsKeyContainer(wrongKeystore, wrongKeyContainerName));
// Test encryption using exported public key.
byte[] encryptedBytes2 = AsymmetricEncryption.EncryptWithKey(publicKeyLoaded, plainBytes);
Assert.IsFalse(ByteUtil.ByteArraysMatch(plainBytes, encryptedBytes2));
byte[] decryptedBytes2 = AsymmetricEncryption.DecryptWithKeyFromKeystore(correctKeystore, correctKeyContainerName, encryptedBytes2);
Assert.IsTrue(ByteUtil.ByteArraysMatch(plainBytes, decryptedBytes2));
// Should be possible to replace existing keys by calling GenerateNewKeysInKeystore
AsymmetricEncryption.GenerateNewKeysInKeystore(correctKeystore, correctKeyContainerName, out string publicKey2);
Assert.AreNotEqual(publicKeyLoaded, publicKey2);
// Getting the key should now return the new key
string publicKeyLoaded2 = AsymmetricEncryption.GetKeyFromKeystore(correctKeystore, correctKeyContainerName, false);
Assert.AreEqual(publicKey2, publicKeyLoaded2);
// Delete the key
AsymmetricEncryption.DeletePublicKeyFromKeystore(correctKeystore, correctKeyContainerName);
Assert.IsNull(AsymmetricEncryption.GetKeyFromKeystore(correctKeystore, correctKeyContainerName, false));
// Try to generate a new one using the "Get" method.
string publicKeyLoaded3 = AsymmetricEncryption.GetKeyFromKeystore(correctKeystore, correctKeyContainerName, true);
Assert.AreNotEqual(publicKeyLoaded, publicKeyLoaded3);
Assert.AreNotEqual(publicKey2, publicKeyLoaded3);
}
finally
{
AsymmetricEncryption.DeletePublicKeyFromKeystore(correctKeystore, correctKeyContainerName);
Assert.IsFalse(KeystoreContainsKeyContainer(correctKeystore, correctKeyContainerName));
// Confirm the delete can be done redundantly without negative effect
AsymmetricEncryption.DeletePublicKeyFromKeystore(correctKeystore, correctKeyContainerName);
Assert.IsFalse(KeystoreContainsKeyContainer(correctKeystore, correctKeyContainerName));
Assert.IsFalse(KeystoreContainsKeyContainer(wrongKeystore, correctKeyContainerName));
Assert.IsFalse(KeystoreContainsKeyContainer(correctKeystore, wrongKeyContainerName));
Assert.IsFalse(KeystoreContainsKeyContainer(wrongKeystore, wrongKeyContainerName));
}
}
