public void TestDisposal() { // this test is still bad. // "default" disposal byte[] symkey = SecretBox.GenerateKey(); SymmetricEncrypter abc = new SymmetricEncrypter(symkey); abc.Dispose(); SymmetricEncrypter def; try { def = new SymmetricEncrypter("Not a valid base64 code triggering an exception!"); } catch (FormatException) { // disposal is called although constructor failed. } bool exceptionThrown = false; try { def = null; } catch (Exception) { exceptionThrown = true; } _ = new SymmetricEncrypter(symkey); Assert.IsFalse(exceptionThrown); }
public void ShowCaseTestSymmetric() { Assert.IsTrue(maLo.IsValid()); // as the encryption relies on serializing the BO invalid BOs cannot be encrypted. byte[] sharedSecret = Sodium.SecretBox.GenerateKey(); EncryptedObject encryptedBo; using (var encrypter = new SymmetricEncrypter(sharedSecret)) { encryptedBo = encrypter.Encrypt(maLo, "test case"); } Debug.Write(JsonConvert.SerializeObject(encryptedBo, new StringEnumConverter())); //{ // "boTyp": "ENCRYPTEDOBJECTAEAD", // "versionStruktur": 1, // "AssociatedData": "test case", // "encryptionScheme": "SodiumSymmetricAEAD", // "nonce": "hTbQKm/hAwY=", // "cipherText": "iORhQsADEviVhjDP3d ... fnGfLF+AsL1F" //} Marktlokation decryptedMaLo; using (var decrypter = new SymmetricEncrypter(sharedSecret)) { decryptedMaLo = decrypter.Decrypt <Marktlokation>(encryptedBo); } Assert.AreEqual(maLo.Lokationsadresse, decryptedMaLo.Lokationsadresse); }
public void TestBOEncryption() { //hubnet.StaticLogger.Logger = new Microsoft.Extensions.Logging.Debug.DebugLogger("Testlogger", (log, level) => { return true; }); string[] files = Directory.GetFiles($"encrypterTests/bo/", "*.json"); // foreach (string testFile in files) { JObject json; using (StreamReader r = new StreamReader(testFile)) { string jsonString = r.ReadToEnd(); json = JsonConvert.DeserializeObject <JObject>(jsonString); } Assert.IsNotNull(json, $"The content of file {testFile} seems to be no valid JSON."); string boType = (string)json["boTyp"]; Assert.IsNotNull(boType, $"The JSON content of file {testFile} is missing the obligatory 'boTyp' attribute."); BusinessObject bo = BO4E.BoMapper.MapObject(boType, json); Assert.IsNotNull(bo, $"The business object in file {testFile} is not a valid BO4E."); /******* symmetric test ******/ byte[] symkey = SecretBox.GenerateKey(); string symkeyString = Convert.ToBase64String(symkey); EncryptedObject eo; using (SymmetricEncrypter se0 = new SymmetricEncrypter(symkey)) { eo = se0.Encrypt(bo, "Associated"); } BusinessObject boDecrypted; using (SymmetricEncrypter se1 = new SymmetricEncrypter(symkeyString)) { boDecrypted = se1.Decrypt(eo); } string expectedString = JsonConvert.SerializeObject(bo); string actualString = JsonConvert.SerializeObject(boDecrypted); Assert.AreEqual(expectedString, actualString, "Original and encrypted->decrypted object do not match!"); /******* asymmetric test ******/ var asykeyPairSender = PublicKeyBox.GenerateKeyPair(); var asykeyPairRecipient = PublicKeyBox.GenerateKeyPair(); using (AsymmetricEncrypter asyenc = new AsymmetricEncrypter(asykeyPairSender)) { eo = asyenc.Encrypt(bo, Convert.ToBase64String(asykeyPairRecipient.PublicKey)); } using (AsymmetricEncrypter asydec = new AsymmetricEncrypter(asykeyPairRecipient.PrivateKey)) { boDecrypted = asydec.Decrypt(eo); } expectedString = JsonConvert.SerializeObject(bo); actualString = JsonConvert.SerializeObject(boDecrypted); Assert.AreEqual(expectedString, actualString, "Original and encrypted->decrypted object do not match!"); /******* X509 + RSA test ******/ // encrypt (without needing a private key) X509Certificate2 x509certPubl = new X509Certificate2(X509Certificate2.CreateFromCertFile("encrypterTests/publickey.cer")); using (X509AsymmetricEncrypter xasyEnc = new X509AsymmetricEncrypter(x509certPubl))// encrypter needs no private key! { eo = xasyEnc.Encrypt(bo); } // decrypt (using a private key) AsymmetricCipherKeyPair keyPair; using (var reader = File.OpenText(@"encrypterTests/privatekey.pem")) // file containing RSA PKCS1 private key { keyPair = (AsymmetricCipherKeyPair) new PemReader(reader).ReadObject(); } // openssl genrsa -out privatekey.pem 2048 // openssl req -new -x509 -key privatekey.pem -out publickey.cer -days 3650 using (X509AsymmetricEncrypter xasydec = new X509AsymmetricEncrypter(keyPair.Private)) { boDecrypted = xasydec.Decrypt(eo); } expectedString = JsonConvert.SerializeObject(bo); actualString = JsonConvert.SerializeObject(boDecrypted); Assert.IsTrue(expectedString == actualString, "Original and encrypted->decrypted object do not match!"); /********** X509 + RSA multiple recipients *******/ X509Certificate2 x509certPubl2 = new X509Certificate2(X509Certificate2.CreateFromCertFile("encrypterTests/publickey2.cer")); EncryptedObject eoMultiple; using (X509AsymmetricEncrypter xasyEncMultiple = new X509AsymmetricEncrypter(new HashSet <X509Certificate2> { x509certPubl, x509certPubl2 })) // encrypter needs not private key! { eoMultiple = xasyEncMultiple.Encrypt(bo); } // decrypt (using both private keys) AsymmetricCipherKeyPair keyPair2; using (var reader = File.OpenText(@"encrypterTests/privatekey2.pem")) // file containing RSA PKCS1 private key { keyPair2 = (AsymmetricCipherKeyPair) new PemReader(reader).ReadObject(); } using (X509AsymmetricEncrypter xasydecMultiple = new X509AsymmetricEncrypter(keyPair.Private)) { using X509AsymmetricEncrypter xasydecMultiple2 = new X509AsymmetricEncrypter(keyPair2.Private); boDecrypted = xasydecMultiple.Decrypt(eoMultiple); BusinessObject boDecrypted2 = xasydecMultiple2.Decrypt(eoMultiple); string actualString2 = JsonConvert.SerializeObject(boDecrypted2); Assert.AreEqual(expectedString, actualString2, "Original and encrypted->decrypted object do not match!"); } expectedString = JsonConvert.SerializeObject(bo); actualString = JsonConvert.SerializeObject(boDecrypted); Assert.AreEqual(expectedString, actualString, "Original and encrypted->decrypted object do not match!"); } }