C# (CSharp) EncryptionKey.Generate примеры использования

Пример #1

        private static void ResumableUploadWithCustomerSuppliedEncryptionKeysTest_Common(StorageFixture fixture, SigningVersion signingVersion, [CallerMemberName] string caller = null)
        {
            var bucket          = fixture.SingleVersionBucket;
            var name            = IdGenerator.FromGuid();
            var requestTemplate = RequestTemplate
                                  .FromBucket(bucket)
                                  .WithObjectName(name)
                                  .WithHttpMethod(ResumableHttpMethod)
                                  .WithRequestHeaders(new Dictionary <string, IEnumerable <string> >
            {
                { "x-goog-encryption-algorithm", new [] { "AES256" } }
            });
            var    content = fixture.SmallContent;
            string url     = null;

            EncryptionKey key = EncryptionKey.Generate();

            fixture.RegisterDelayTest(
                s_duration,
                beforeDelay: async duration =>
            {
                url = fixture.UrlSigner.Sign(requestTemplate, Options.FromDuration(duration).WithSigningVersion(signingVersion));

                // Verify that the URL works initially.
                var uploader = SignedUrlResumableUpload.Create(
                    url,
                    new MemoryStream(content),
                    new ResumableUploadOptions {
                    ModifySessionInitiationRequest = key.ModifyRequest
                });
                var progress = await uploader.UploadAsync();
                Assert.Null(progress.Exception);
                Assert.Equal(UploadStatus.Completed, progress.Status);

                // Make sure the encryption succeeded.
                var downloadedData = new MemoryStream();
                await Assert.ThrowsAsync <GoogleApiException>(
                    () => fixture.Client.DownloadObjectAsync(bucket, name, downloadedData));

                await fixture.Client.DownloadObjectAsync(bucket, name, downloadedData, new DownloadObjectOptions {
                    EncryptionKey = key
                });
                AssertContentEqual(content, downloadedData.ToArray());
            },
                afterDelay: async() =>
            {
                var uploader = SignedUrlResumableUpload.Create(
                    url,
                    new MemoryStream(content),
                    new ResumableUploadOptions {
                    ModifySessionInitiationRequest = key.ModifyRequest
                });

                // Verify that the URL no longer works.
                var progress = await uploader.UploadAsync();
                Assert.Equal(UploadStatus.Failed, progress.Status);
                Assert.IsType <GoogleApiException>(progress.Exception);
            },
                caller);
        }

Пример #2

Файл: GenerateEncryptionKey.cs Проект: meteatamel/dotnet-docs-samples

    public string GenerateEncryptionKey()
    {
        var encryptionKey = EncryptionKey.Generate().Base64Key;

        Console.WriteLine($"Generated Base64-encoded AES-256 encryption key: {encryptionKey}");
        return(encryptionKey);
    }

Пример #3

        public void CustomerSuppliedEncryptionKeys()
        {
            var bucketName = _fixture.BucketName;

            // Sample: CustomerSuppliedEncryptionKeys
            // Use EncryptionKey.Create if you already have a key.
            EncryptionKey key = EncryptionKey.Generate();

            // This will affect all relevant object-based operations by default.
            var client  = StorageClient.Create(encryptionKey: key);
            var content = Encoding.UTF8.GetBytes("hello, world");

            client.UploadObject(bucketName, "encrypted.txt", "text/plain", new MemoryStream(content));

            // When downloading, either use a client with the same key...
            client.DownloadObject(bucketName, "encrypted.txt", new MemoryStream());

            // Or specify a key just for that operation.
            var client2 = StorageClient.Create();

            client2.DownloadObject(bucketName, "encrypted.txt", new MemoryStream(),
                                   new DownloadObjectOptions {
                EncryptionKey = key
            });
            // End sample
        }

Пример #4

        private static void PutWithCustomerSuppliedEncryptionKeysTest_Common(StorageFixture fixture, SigningVersion signingVersion, [CallerMemberName] string caller = null)
        {
            var    bucket  = fixture.SingleVersionBucket;
            var    name    = IdGenerator.FromGuid();
            var    content = fixture.SmallContent;
            string url     = null;

            EncryptionKey key = EncryptionKey.Generate();

            Func <HttpRequestMessage> createPutRequest = () =>
            {
                var request = new HttpRequestMessage
                {
                    Method  = HttpMethod.Put,
                    Content = new ByteArrayContent(content)
                };
                key.ModifyRequest(request);
                return(request);
            };

            fixture.RegisterDelayTest(
                s_duration,
                beforeDelay: async duration =>
            {
                var request         = createPutRequest();
                var requestTemplate = RequestTemplate
                                      .FromBucket(bucket)
                                      .WithObjectName(name)
                                      .WithHttpRequestMessage(request);
                url = fixture.UrlSigner.Sign(requestTemplate, Options.FromDuration(duration).WithSigningVersion(signingVersion));

                // Verify that the URL works initially.
                request.RequestUri = new Uri(url);
                var response       = await fixture.HttpClient.SendAsync(request);
                await VerifyResponseAsync(response);

                // Make sure the encryption succeeded.
                var downloadedContent = new MemoryStream();
                await Assert.ThrowsAsync <GoogleApiException>(
                    () => fixture.Client.DownloadObjectAsync(bucket, name, downloadedContent));

                await fixture.Client.DownloadObjectAsync(bucket, name, downloadedContent, new DownloadObjectOptions {
                    EncryptionKey = key
                });
                AssertContentEqual(content, downloadedContent.ToArray());
            },
                afterDelay: async() =>
            {
                // Verify that the URL no longer works.
                var request        = createPutRequest();
                request.RequestUri = new Uri(url);
                var response       = await fixture.HttpClient.SendAsync(request);
                Assert.Equal(HttpStatusCode.BadRequest, response.StatusCode);

                // Cleanup
                await fixture.Client.DeleteObjectAsync(bucket, name);
            },
                caller);
        }

Пример #5

Файл: UrlSignerTest.cs Проект: kleopatra999/google-cloud-dotnet

        private void ResumableUploadWithCustomerSuppliedEncryptionKeysTest_InitDelayTest()
        {
            var    bucket = _fixture.SingleVersionBucket;
            var    name   = GenerateName();
            var    data   = _fixture.SmallContent;
            string url    = null;

            EncryptionKey key = EncryptionKey.Generate();

            _fixture.RegisterDelayTest(_duration,
                                       beforeDelay: async duration =>
            {
                url = _fixture.UrlSigner.Sign(
                    bucket,
                    name,
                    duration,
                    UrlSigner.ResumableHttpMethod,
                    requestHeaders: new Dictionary <string, IEnumerable <string> > {
                    { "x-goog-encryption-algorithm", new [] { "AES256" } }
                });

                // Verify that the URL works initially.
                var uploader = SignedUrlResumableUpload.Create(
                    url,
                    new MemoryStream(data),
                    new ResumableUploadOptions {
                    ModifySessionInitiationRequest = key.ModifyRequest
                });
                var progress = await uploader.UploadAsync();
                Assert.Null(progress.Exception);
                Assert.Equal(UploadStatus.Completed, progress.Status);

                // Make sure the encryption succeeded.
                var downloadedData = new MemoryStream();
                await Assert.ThrowsAsync <GoogleApiException>(
                    () => _fixture.Client.DownloadObjectAsync(bucket, name, downloadedData));

                await _fixture.Client.DownloadObjectAsync(bucket, name, downloadedData, new DownloadObjectOptions {
                    EncryptionKey = key
                });
                Assert.Equal(data, downloadedData.ToArray());
            },
                                       afterDelay: async() =>
            {
                var uploader = SignedUrlResumableUpload.Create(
                    url,
                    new MemoryStream(data),
                    new ResumableUploadOptions {
                    ModifySessionInitiationRequest = key.ModifyRequest
                });

                // Verify that the URL no longer works.
                var progress = await uploader.UploadAsync();
                Assert.Equal(UploadStatus.Failed, progress.Status);
                Assert.IsType(typeof(GoogleApiException), progress.Exception);
            });
        }

Пример #6

Файл: UrlSignerTest.cs Проект: zoercai/google-cloud-dotnet

        private static void GetWithCustomerSuppliedEncryptionKeysTest_Common(StorageFixture fixture, SigningVersion signingVersion, [CallerMemberName] string caller = null)
        {
            var    bucket  = fixture.SingleVersionBucket;
            var    name    = IdGenerator.FromGuid();
            var    content = fixture.SmallContent;
            string url     = null;

            EncryptionKey key = EncryptionKey.Generate();

            Func <HttpRequestMessage> createGetRequest = () =>
            {
                var request = new HttpRequestMessage {
                    Method = HttpMethod.Get
                };
                key.ModifyRequest(request);
                return(request);
            };

            fixture.RegisterDelayTest(
                s_duration,
                beforeDelay: async duration =>
            {
                var encryptingClient = StorageClient.Create(encryptionKey: key);
                encryptingClient.UploadObject(bucket, name, "application/octet-stream", new MemoryStream(content));

                // We don't need to specify the encryption key headers explicitly in the signer template.
                // The request message we are using in the template already has them set
                // (by key.ModifyRequest(request)) and the signer will extract them from there.
                var request         = createGetRequest();
                var requestTemplate = RequestTemplate
                                      .FromBucket(bucket)
                                      .WithObjectName(name)
                                      .WithHttpRequestMessage(request);
                url = fixture.UrlSigner.Sign(requestTemplate, Options.FromDuration(duration).WithSigningVersion(signingVersion));
                request.RequestUri = new Uri(url);

                // Verify that the URL works initially.
                var response = await fixture.HttpClient.SendAsync(request);
                var result   = await response.Content.ReadAsByteArrayAsync();
                AssertContentEqual(content, result);
            },
                afterDelay: async() =>
            {
                // Verify that the URL no longer works.
                var request        = createGetRequest();
                request.RequestUri = new Uri(url);
                var response       = await fixture.HttpClient.SendAsync(request);
                Assert.Equal(HttpStatusCode.BadRequest, response.StatusCode);

                // Cleanup
                await fixture.Client.DeleteObjectAsync(bucket, name);
            },
                caller);
        }

Пример #7

        public void Generate()
        {
            EncryptionKey key1 = EncryptionKey.Generate();
            EncryptionKey key2 = EncryptionKey.Generate();

            Assert.NotNull(key1.Base64Key);
            Assert.NotNull(key1.Base64Hash);

            Assert.NotEqual(key1.Base64Key, key2.Base64Key);
            Assert.NotEqual(key1.Base64Hash, key2.Base64Hash);
        }

Пример #8

Файл: UrlSignerTest.cs Проект: kleopatra999/google-cloud-dotnet

        private void PutWithCustomerSuppliedEncryptionKeysTest_InitDelayTest()
        {
            var    bucket = _fixture.SingleVersionBucket;
            var    name   = GenerateName();
            var    data   = _fixture.SmallContent;
            string url    = null;

            EncryptionKey key = EncryptionKey.Generate();

            Func <HttpRequestMessage> createPutRequest = () =>
            {
                var request = new HttpRequestMessage
                {
                    Method  = HttpMethod.Put,
                    Content = new ByteArrayContent(data)
                };
                key.ModifyRequest(request);
                return(request);
            };

            _fixture.RegisterDelayTest(_duration,
                                       beforeDelay: async duration =>
            {
                var request = createPutRequest();
                url         = _fixture.UrlSigner.Sign(bucket, name, duration, request);

                // Verify that the URL works initially.
                request.RequestUri = new Uri(url);
                var response       = await _fixture.HttpClient.SendAsync(request);
                Assert.True(response.IsSuccessStatusCode);

                // Make sure the encryption succeeded.
                var downloadedData = new MemoryStream();
                await Assert.ThrowsAsync <GoogleApiException>(
                    () => _fixture.Client.DownloadObjectAsync(bucket, name, downloadedData));

                await _fixture.Client.DownloadObjectAsync(bucket, name, downloadedData, new DownloadObjectOptions {
                    EncryptionKey = key
                });
                Assert.Equal(data, downloadedData.ToArray());
            },
                                       afterDelay: async() =>
            {
                // Verify that the URL no longer works.
                var request        = createPutRequest();
                request.RequestUri = new Uri(url);
                var response       = await _fixture.HttpClient.SendAsync(request);
                Assert.Equal(HttpStatusCode.BadRequest, response.StatusCode);

                // Cleanup
                await _fixture.Client.DeleteObjectAsync(bucket, name);
            });
        }

Пример #9

Файл: EncryptionTest.cs Проект: zub786/google-cloud-dotnet

        public void DownloadWithoutKey()
        {
            var bucket      = _fixture.SingleVersionBucket;
            var data        = GenerateData(100);
            var key         = EncryptionKey.Generate();
            var contentType = "application/octet-stream";
            var client      = StorageClient.Create();

            var name = IdGenerator.FromGuid();

            client.UploadObject(bucket, name, contentType, data, new UploadObjectOptions {
                EncryptionKey = key
            });
            Assert.Throws <GoogleApiException>(() => client.DownloadObject(bucket, name, new MemoryStream()));
        }

Пример #10

Файл: UrlSignerTest.cs Проект: vkalaiselvan/google-cloud-dotnet

        private static void GetWithCustomerSuppliedEncryptionKeysTest_Common(StorageFixture fixture, UrlSigner signer, [CallerMemberName] string caller = null)
        {
            var    bucket  = fixture.SingleVersionBucket;
            var    name    = IdGenerator.FromGuid();
            var    content = fixture.SmallContent;
            string url     = null;

            EncryptionKey key = EncryptionKey.Generate();

            Func <HttpRequestMessage> createGetRequest = () =>
            {
                var request = new HttpRequestMessage {
                    Method = HttpMethod.Get
                };
                key.ModifyRequest(request);
                return(request);
            };

            fixture.RegisterDelayTest(
                s_duration,
                beforeDelay: async duration =>
            {
                var encryptingClient = StorageClient.Create(encryptionKey: key);
                encryptingClient.UploadObject(bucket, name, "application/octet-stream", new MemoryStream(content));

                var request        = createGetRequest();
                url                = signer.Sign(bucket, name, duration, request);
                request.RequestUri = new Uri(url);

                // Verify that the URL works initially.
                var response = await fixture.HttpClient.SendAsync(request);
                var result   = await response.Content.ReadAsByteArrayAsync();
                AssertContentEqual(content, result);
            },
                afterDelay: async() =>
            {
                // Verify that the URL no longer works.
                var request        = createGetRequest();
                request.RequestUri = new Uri(url);
                var response       = await fixture.HttpClient.SendAsync(request);
                Assert.Equal(HttpStatusCode.BadRequest, response.StatusCode);

                // Cleanup
                await fixture.Client.DeleteObjectAsync(bucket, name);
            },
                caller);
        }

Пример #11

Файл: EncryptionTest.cs Проект: zub786/google-cloud-dotnet

        public void NotNoneEquality()
        {
            var key1a = EncryptionKey.Generate();
            var key1b = EncryptionKey.Create(Convert.FromBase64String(key1a.Base64Key));
            var key2  = EncryptionKey.Generate();

            Assert.True(key1a.Equals(key1b));
            Assert.True(key1a.Equals((object)key1b));
            Assert.Equal(key1a.GetHashCode(), key1b.GetHashCode());

            Assert.False(key1a.Equals(key2));
            Assert.False(key1a.Equals((object)key2));
            Assert.NotEqual(key1a.GetHashCode(), key2.GetHashCode());

            Assert.False(key1a.Equals(null));
            Assert.False(key1a.Equals((object)null));
        }

Пример #12

        // Tworzy pod wskazaną ścieżką nowy plik archiwum i pozostawia go otwartym
        public static FileArchive Create(string filepath, string password, bool compression)
        {
            if (File.Exists(filepath))
            {
                throw new Exception("Plik pod wskazaną ścieżką już istnieje");
            }

            EncryptionKey key = EncryptionKey.Generate(password);

            FileArchive archive = new FileArchive();

            archive.FilePath     = filepath;
            archive.ArchiveKey   = key;
            archive.IsCompressed = compression;

            archive.CreateArchiveFile();

            return(archive);
        }

Пример #13

Файл: EncryptionTest.cs Проект: zub786/google-cloud-dotnet

        public void DownloadWithKey()
        {
            var bucket      = _fixture.SingleVersionBucket;
            var data        = GenerateData(100);
            var key         = EncryptionKey.Generate();
            var contentType = "application/octet-stream";
            var client      = StorageClient.Create(encryptionKey: key);

            var name = IdGenerator.FromGuid();

            client.UploadObject(bucket, name, contentType, data);
            // Client default key
            ValidateData(bucket, name, data, client);

            // Overridden
            ValidateData(bucket, name, data, null, new DownloadObjectOptions {
                EncryptionKey = key
            });
        }

Пример #14

Файл: EncryptionTest.cs Проект: zub786/google-cloud-dotnet

        public void GetMetadata()
        {
            var bucket      = _fixture.SingleVersionBucket;
            var data        = GenerateData(100);
            var key         = EncryptionKey.Generate();
            var contentType = "application/octet-stream";
            var client      = StorageClient.Create();
            var name        = IdGenerator.FromGuid();

            var uploaded = client.UploadObject(bucket, name, contentType, data, new UploadObjectOptions {
                EncryptionKey = key
            });
            var fetchedWithoutKey = client.GetObject(bucket, name);

            Assert.Null(fetchedWithoutKey.Md5Hash);
            var fetchedWithKey = client.GetObject(bucket, name, new GetObjectOptions {
                EncryptionKey = key
            });

            Assert.NotNull(fetchedWithKey.Md5Hash);
            Assert.Equal(uploaded.Md5Hash, fetchedWithKey.Md5Hash);
        }

Пример #15

Файл: EncryptionTest.cs Проект: zub786/google-cloud-dotnet

        public void RotateKeys()
        {
            var bucket      = _fixture.SingleVersionBucket;
            var data        = GenerateData(100);
            var key1        = EncryptionKey.Generate();
            var key2        = EncryptionKey.Generate();
            var contentType = "application/octet-stream";

            var name = IdGenerator.FromGuid();

            var client1 = StorageClient.Create(encryptionKey: key1);

            client1.UploadObject(_fixture.SingleVersionBucket, name, contentType, data);

            var client2 = StorageClient.Create(encryptionKey: key2);

            // We're copying over the top of the original object. We don't have to, but that's
            // probably typical for key rotation.
            client2.CopyObject(bucket, name, bucket, name, new CopyObjectOptions {
                SourceEncryptionKey = key1
            });
            ValidateData(bucket, name, data, client2);
        }

Пример #16

Файл: 1838616-54510533-190918655-4.cs Проект: shendongnian/code

        static void Main(string[] args)
        {
            // step 1 create customer encryption key
            var key           = EncryptionKey.Generate().Base64Key;
            var encryptionKey = EncryptionKey.Create(Convert.FromBase64String(key));
            // step 2 get you service Acount cert for auth
            string serviceAcountCert = "stackoverflow54387198-xxxxxxxx.json";
            // step 3 get you service Acount cert for auth
            string bucketName = "stackoverflow_54387198_bucket";
            string localPath  = "FileToUpload.txt";
            string objectName = null;

            // step 4 create a local text file to upload
            File.WriteAllText(localPath, "test");
            // step 5 Create Google Storage Client
            var storage = StorageClient.Create(
                GoogleCredential.FromJson(File.ReadAllText(serviceAcountCert)));

            // step 6 upload the file with the customer encryption key from step 1
            using (var f = File.OpenRead(localPath))
            {
                objectName = objectName ?? Path.GetFileName(localPath);
                storage.UploadObject(bucketName, objectName, null, f,
                                     new UploadObjectOptions()
                {
                    EncryptionKey = encryptionKey
                });
                Console.WriteLine($"Uploaded {objectName}.");
            }
            // step 7 create a url
            // step 7.1 create add x-goog-encryption-algorithm hear
            //to tell google you are using  customer encryption key
            var requestHeaders = new Dictionary <string, IEnumerable <string> >
            {
                {
                    "x-goog-encryption-algorithm", new [] { "AES256" }
                }
            };
            // step 7.2  set other parameters
            var expireAfter = TimeSpan.FromHours(30.0);
            var verb        = HttpMethod.Get;
            // step 7.3  create a Url Signer
            var urlSigner = UrlSigner.FromServiceAccountPath(serviceAcountCert);
            // step 7.4  create a secure url
            var url = urlSigner.Sign(
                bucketName,
                objectName,
                expireAfter,
                verb,
                requestHeaders);
            // step 8  use the Your Url
            // step 8.1 create HttpClient
            var client = new HttpClient();

            // step 8.1  add x-goog-encryption-algorithm header the same from step 7
            client.DefaultRequestHeaders.Add("x-goog-encryption-algorithm", "AES256");
            // step 8.2  add x-goog-encryption-key header with customer encryption key (Base64Hash)
            client.DefaultRequestHeaders.Add("x-goog-encryption-key", encryptionKey.Base64Key);
            // step 8.3  add x-goog-encryption-key header with customer encryption key (Base64Hash)
            client.DefaultRequestHeaders.Add("x-goog-encryption-key-sha256", encryptionKey.Base64Hash);
            // step 8.4  Download the file
            Task.Run(async() =>
            {
                var response = await client.GetAsync(url);
                var contents = await response.Content.ReadAsStringAsync();
                // contents == "test"
                Console.WriteLine($"contents=>{contents}");
            }).GetAwaiter().GetResult();
            Console.ReadLine();
        }

Пример #17

        // [END storage_generate_signed_url]

        // [START storage_generate_encryption_key]
        void GenerateEncryptionKey()
        {
            Console.Write(EncryptionKey.Generate().Base64Key);
        }