public static void Test_Manual_Decryption_Rsa_To_AeadAes256CbcHmacSha512() { // Arrange var keyring = new Keyring(new IKey[] { new Key("publickey", Encoding.UTF8.GetBytes("!mysecretkey#9^5usdk39d&dlf)03sL")), new Key("hmacKey", Encoding.UTF8.GetBytes("mysecret")), new Key("upgrade-key", FakeKeyGenerator.GetKey(64)) }); var legacyJson = "{\"__crypt_bar\":{\"alg\":\"AES-256-CBC-HMAC-SHA256\",\"kid\":\"publickey\",\"ciphertext\":\"zOcxunCOdTSMxic4xz/F2w==\",\"sig\":\"7VYNnEBxuC8IvBu0egS3AM922NqWE6Mfy08KEghJ62Q=\",\"iv\":\"03AUmzwQqnbs/JhkWGrIkw==\"},\"foo\":2}"; var provider = new AeadAes256CbcHmacSha512Provider(new AeadAes256CbcHmacSha512Cipher(), keyring); var cryptoManager = DefaultCryptoManager.Builder() .LegacyAesDecrypters(keyring, "hmacKey") .DefaultEncrypter(provider.Encrypter("upgrade-key")) .Decrypter(provider.Decrypter()) .Build(); var jsonObject = JObject.Parse(legacyJson); jsonObject.DecryptLegacyAes256 <string>(cryptoManager, "hmacKey", "__crypt_bar"); Assert.Equal("bar", jsonObject.SelectToken("bar").Value <string>()); Assert.Equal(2, jsonObject.SelectToken("foo").Value <int>()); jsonObject.EncryptField(cryptoManager, "bar"); Assert.NotNull(jsonObject.SelectToken("encrypted$bar.ciphertext").Value <string>()); }
public void Test_Upgrade_From_Rsa_To_AeadAes256CbcHmacSha512() { var keyring = new Keyring(new IKey[] { new Key("MyKeyName", GetKey("./Docs/rsa-private.xml")), new Key("upgrade-key", FakeKeyGenerator.GetKey(64)) }); var provider = new AeadAes256CbcHmacSha512Provider( new AeadAes256CbcHmacSha512Cipher(), keyring); var cryptoManager = DefaultCryptoManager.Builder() .DefaultEncrypter(provider.Encrypter("upgrade-key")) .LegacyRsaDecrypter(keyring, "MyKeyName") .Build(); var jsonObject = JObject.Parse(File.ReadAllText("./Docs/poco-rsa.json")); jsonObject.DecryptLegacyRsa <string>(cryptoManager, "__crypt_bar"); jsonObject.DecryptLegacyRsa <int>(cryptoManager, "__crypt_foo"); jsonObject.DecryptLegacyRsa <PocoMoco>(cryptoManager, "__crypt_childObject"); jsonObject.DecryptLegacyRsa <List <int> >(cryptoManager, "__crypt_baz"); jsonObject.DecryptLegacyRsa <string[]>(cryptoManager, "__crypt_faz"); Assert.Equal("Bar", jsonObject.SelectToken("bar").Value <string>()); Assert.Equal(90, jsonObject.SelectToken("foo").Value <int>()); Assert.Equal("Bar2", jsonObject.SelectToken("childObject.Bar").Value <string>()); Assert.Equal(new List <int> { 3, 4 }, jsonObject.SelectToken("baz").Values <int>()); Assert.Equal(new[] { "ted", "alice", "bill" }, jsonObject.SelectToken("faz").Values <string>()); jsonObject.EncryptField(cryptoManager, "bar"); jsonObject.EncryptField(cryptoManager, "foo"); jsonObject.EncryptField(cryptoManager, "childObject"); jsonObject.EncryptField(cryptoManager, "baz"); jsonObject.EncryptField(cryptoManager, "faz"); Assert.NotEqual("Bar", jsonObject.SelectToken("encrypted$bar.ciphertext").Value <string>()); Assert.NotNull(jsonObject.SelectToken("encrypted$foo.ciphertext").Value <string>()); Assert.NotEqual("Bar2", jsonObject.SelectToken("encrypted$bar.ciphertext").Value <string>()); Assert.NotNull(jsonObject.SelectToken("encrypted$baz.ciphertext").Value <string>()); Assert.NotNull(jsonObject.SelectToken("encrypted$faz.ciphertext").Value <string>()); }
public void Test_Upgrade_With_Attributes() { // Arrange var keyring = new Keyring(new IKey[] { new Key("publickey", Encoding.UTF8.GetBytes("!mysecretkey#9^5usdk39d&dlf)03sL")), new Key("hmacKey", Encoding.UTF8.GetBytes("mysecret")), new Key("upgrade-key", FakeKeyGenerator.GetKey(64)) }); var legacyJson = "{\"__crypt_bar\":{\"alg\":\"AES-256-CBC-HMAC-SHA256\",\"kid\":\"publickey\",\"ciphertext\":\"zOcxunCOdTSMxic4xz/F2w==\",\"sig\":\"7VYNnEBxuC8IvBu0egS3AM922NqWE6Mfy08KEghJ62Q=\",\"iv\":\"03AUmzwQqnbs/JhkWGrIkw==\"},\"foo\":2}"; var provider = new AeadAes256CbcHmacSha512Provider(new AeadAes256CbcHmacSha512Cipher(), keyring); var cryptoManager = DefaultCryptoManager.Builder() .LegacyAesDecrypters(keyring, "hmacKey") .DefaultEncrypter(provider.Encrypter("upgrade-key")) .Decrypter(provider.Decrypter()) .Build(); //We will need separate settings for deserialize and serialize so that the prefix is correctly applied var deserializerSettings = new JsonSerializerSettings { ContractResolver = new LegacyEncryptedFieldContractResolver(cryptoManager, "__crypt_") }; var serializerSettings = new JsonSerializerSettings { ContractResolver = new EncryptedFieldContractResolver(cryptoManager)//uses the default "new" prefix for 2.0 "encrypted$" }; // Act var decryptedPoco = JsonConvert.DeserializeObject <Poco>(legacyJson, deserializerSettings); var encryptedJson = JsonConvert.SerializeObject(decryptedPoco, serializerSettings); // Assert Assert.Equal("bar", decryptedPoco.Bar); Assert.Contains("upgrade-key", encryptedJson); Assert.Contains("AEAD_AES_256_CBC_HMAC_SHA512", encryptedJson); Assert.Contains("encrypted$", encryptedJson); }