public void CreateKey() { foreach (var algorithmAndExpectedResult in this.stretchedKeyBase64) { this.logger.WriteLine("Testing algorithm: {0}", algorithmAndExpectedResult.Key); var algorithm = WinRTCrypto.KeyDerivationAlgorithmProvider.OpenAlgorithm(algorithmAndExpectedResult.Key); ICryptographicKey key = algorithm.CreateKey(this.originalKey); Assert.NotNull(key); Assert.Equal(this.originalKey.Length * 8, key.KeySize); IKeyDerivationParameters parameters = WinRTCrypto.KeyDerivationParameters.BuildForPbkdf2(this.salt, this.iterations); Assert.Equal(this.iterations, parameters.IterationCount); CollectionAssertEx.AreEqual(this.salt, parameters.KdfGenericBinary); try { byte[] keyMaterial = WinRTCrypto.CryptographicEngine.DeriveKeyMaterial(key, parameters, 20); Assert.Equal(algorithmAndExpectedResult.Value, Convert.ToBase64String(keyMaterial)); } catch (NotSupportedException) { this.logger.WriteLine(" - Not supported on this platform"); } } }
public void PublicKeyRoundTrip(AsymmetricAlgorithm algorithm, int keySize, CryptographicPublicKeyBlobType format) { var keyAlgorithm = WinRTCrypto.AsymmetricKeyAlgorithmProvider.OpenAlgorithm(algorithm); using (var key = keyAlgorithm.CreateKeyPair(keySize)) { byte[] keyBlob = key.ExportPublicKey(format); using (var key2 = keyAlgorithm.ImportPublicKey(keyBlob, format)) { byte[] key2Blob = key2.ExportPublicKey(format); CollectionAssertEx.AreEqual(keyBlob, key2Blob); try { // We use a non-empty buffer here because monotouch's // Security.SecKey.Encrypt method has a bug that throws // IndexOutOfRangeException when given empty buffers. WinRTCrypto.CryptographicEngine.Encrypt(key2, new byte[1]); } catch (NotSupportedException) { // Some algorithms, such as ECDSA, only support signing/verifying. } this.logger.WriteLine(Convert.ToBase64String(keyBlob)); } } }
public void CreateDecryptor() { byte[] cipherText = Convert.FromBase64String(DataAesCiphertextBase64); var decryptor = WinRTCrypto.CryptographicEngine.CreateDecryptor(this.aesKey, IV); byte[] plaintext = decryptor.TransformFinalBlock(cipherText, 0, cipherText.Length); CollectionAssertEx.AreEqual(this.data, plaintext); }
public void EncryptAndDecrypt_AES_NoIV() { byte[] cipherText = WinRTCrypto.CryptographicEngine.Encrypt(this.aesKey, this.data, null); CollectionAssertEx.AreNotEqual(this.data, cipherText); Assert.Equal("oCSAA4sUCGa5ukwSJdeKWw==", Convert.ToBase64String(cipherText)); byte[] plainText = WinRTCrypto.CryptographicEngine.Decrypt(this.aesKey, cipherText, null); CollectionAssertEx.AreEqual(this.data, plainText); }
public void GenerateRandom() { byte[] buffer1 = WinRTCrypto.CryptographicBuffer.GenerateRandom(15); Assert.Equal(15, buffer1.Length); byte[] buffer2 = WinRTCrypto.CryptographicBuffer.GenerateRandom(15); Assert.Equal(15, buffer2.Length); CollectionAssertEx.AreNotEqual(buffer1, buffer2); }
public void GetBytes() { byte[] keyFromPassword = NetFxCrypto.DeriveBytes.GetBytes(Password1, Salt1, 5, 10, HashAlgorithmName.SHA1); byte[] keyFromBytes = NetFxCrypto.DeriveBytes.GetBytes(Encoding.UTF8.GetBytes(Password1), Salt1, 5, 10, HashAlgorithmName.SHA1); CollectionAssertEx.AreEqual(keyFromPassword, keyFromBytes); Assert.Equal(DerivedKey, Convert.ToBase64String(keyFromPassword)); byte[] keyWithOtherSalt = NetFxCrypto.DeriveBytes.GetBytes(Password1, Salt2, 5, 10, HashAlgorithmName.SHA1); CollectionAssertEx.AreNotEqual(keyFromPassword, keyWithOtherSalt); }
public void DeriveKeyMaterial() { var dh1 = NetFxCrypto.ECDiffieHellman.Create(); var dh2 = NetFxCrypto.ECDiffieHellman.Create(); byte[] secret1 = dh1.DeriveKeyMaterial(dh2.PublicKey); byte[] secret2 = dh2.DeriveKeyMaterial(dh1.PublicKey); CollectionAssertEx.AreEqual(secret1, secret2); }
public void EncryptAndDecrypt_RSA() { byte[] keyMaterialBytes = Convert.FromBase64String(AesKeyMaterial); byte[] cipherText = WinRTCrypto.CryptographicEngine.Encrypt( RsaEncryptingKey, keyMaterialBytes, null); CollectionAssertEx.AreNotEqual(keyMaterialBytes, cipherText); byte[] plainText = WinRTCrypto.CryptographicEngine.Decrypt(RsaEncryptingKey, cipherText, null); CollectionAssertEx.AreEqual(keyMaterialBytes, plainText); }
public void ImportExportPublicKey() { using (var dh = NetFxCrypto.ECDiffieHellman.Create()) { var publicKeyBytes = dh.PublicKey.ToByteArray(); var publicKey2 = NetFxCrypto.ECDiffieHellmanCngPublicKey.FromByteArray(publicKeyBytes); Assert.IsNotNull(publicKey2); var publicKey2Bytes = publicKey2.ToByteArray(); CollectionAssertEx.AreEqual(publicKeyBytes, publicKey2Bytes); } }
public void RSAParametersPrivateKeyRoundtrip() { IAsymmetricKeyAlgorithmProvider?rsa = WinRTCrypto.AsymmetricKeyAlgorithmProvider.OpenAlgorithm(AsymmetricAlgorithm.RsaOaepSha1); ICryptographicKey?keyPair = rsa.CreateKeyPair(512); RSAParameters parameters = keyPair.ExportParameters(includePrivateParameters: true); ICryptographicKey keyPair2 = rsa.ImportParameters(parameters); var blob1 = keyPair.Export(); var blob2 = keyPair2.Export(); CollectionAssertEx.AreEqual(blob1, blob2); }
public void EncryptAndDecrypt_AES_IV() { byte[] iv = IV; byte[] cipherText = WinRTCrypto.CryptographicEngine.Encrypt(this.aesKey, this.data, iv); CollectionAssertEx.AreNotEqual(this.data, cipherText); Assert.Equal(DataAesCiphertextBase64, Convert.ToBase64String(cipherText)); Assert.Equal <byte>(iv, IV); // ensure IV wasn't tampered with byte[] plainText = WinRTCrypto.CryptographicEngine.Decrypt(this.aesKey, cipherText, iv); CollectionAssertEx.AreEqual(this.data, plainText); Assert.Equal <byte>(iv, IV); // ensure IV wasn't tampered with }
public void RSAParametersPublicKeyRoundtrip() { var rsa = WinRTCrypto.AsymmetricKeyAlgorithmProvider.OpenAlgorithm(AsymmetricAlgorithm.RsaOaepSha1); var keyPair = rsa.CreateKeyPair(512); RSAParameters parameters = keyPair.ExportParameters(includePrivateParameters: false); Assert.Null(parameters.P); Assert.Null(parameters.InverseQ); Assert.Null(parameters.D); Assert.Null(parameters.Q); Assert.Null(parameters.DP); Assert.Null(parameters.DQ); ICryptographicKey publicKey = rsa.ImportParameters(parameters); var blob1 = keyPair.ExportPublicKey(); var blob2 = publicKey.ExportPublicKey(); CollectionAssertEx.AreEqual(blob1, blob2); }
private async Task PlayBobRoleAsync(ICryptographicKey ownSigningKey, ICryptographicKey othersSigningPublicKey, Stream channel, CancellationToken cancellationToken) { // Create ephemeral ECDH key pair, to prepare for the symmetric encryption key exchange. using (var ecdhKeyPair = NetFxCrypto.ECDiffieHellman.Create()) { // Send the ephemeral ECDH public key to Alice. var ecdhPublicKey = ecdhKeyPair.PublicKey.ToByteArray(); await WriteAsync(channel, ecdhPublicKey, cancellationToken); // Authenticate to Alice that this is really Bob's ephemeral public key. byte[] ecdhPublicKeySignature = WinRTCrypto.CryptographicEngine.Sign(ownSigningKey, ecdhPublicKey); await WriteAsync(channel, ecdhPublicKeySignature, cancellationToken); // Read Alice's reply. It consists of her own ephemeral public key and signature. byte[] alicePublicDH = await ReadAsync(channel, cancellationToken); byte[] aliceSignedDH = await ReadAsync(channel, cancellationToken); // Authenticate Alice's public key. Assert.IsTrue(WinRTCrypto.CryptographicEngine.VerifySignature(othersSigningPublicKey, alicePublicDH, aliceSignedDH)); // Deserialize Alice's public key and derive the shared secret from it. var aliceDHPK = NetFxCrypto.ECDiffieHellmanCngPublicKey.FromByteArray(alicePublicDH); byte[] encryptionKeyMaterial = ecdhKeyPair.DeriveKeyMaterial(aliceDHPK); var encryptionKey = WinRTCrypto.SymmetricKeyAlgorithmProvider.OpenAlgorithm(SymmetricAlgorithm.AesCbcPkcs7) .CreateSymmetricKey(encryptionKeyMaterial); // Bob reads Alice's secret message using the shared secret that both parties derived, // but never transmitted. using (var aes = CryptoStream.ReadFrom(channel, WinRTCrypto.CryptographicEngine.CreateDecryptor(encryptionKey))) { byte[] plaintext = await ReadAsync(aes, cancellationToken); // Assert that the plaintext is as it was expected to be. CollectionAssertEx.AreEqual(SecretMessage, plaintext); } channel.Dispose(); } }
public void DecodeFromHexString() { CollectionAssertEx.AreEqual(new byte[] { 0x00, 0x1, 0xf, 0xae, 0xff, 0xf0 }, WinRTCrypto.CryptographicBuffer.DecodeFromHexString("00010faefff0")); }
public void DecodeFromHexString_EmptyString() { CollectionAssertEx.AreEqual(new byte[0], WinRTCrypto.CryptographicBuffer.DecodeFromHexString(string.Empty)); }