示例#1
0
        public void CanCreateWithPublicKeyOnly()
        {
            var cert = RSACertificateBuilder.CreateNewCertificate(new RSACertificateBuilderOptions {
                FullSubjectName = "CN=Test", KeySize = 1024
            });
            var publicCert = new X509Certificate2(cert.Export(X509ContentType.Cert));

            var blob = AESBlob.CreateBlob(AESKeySize.AES256, publicCert);
        }
示例#2
0
        public void AES192CreatesWorkableKey()
        {
            var cert = RSACertificateBuilder.CreateNewCertificate(new RSACertificateBuilderOptions {
                FullSubjectName = "CN=Test", KeySize = 1024
            });
            var blob      = AESBlob.CreateBlob(AESKeySize.AES192, cert);
            var encryptor = AESBlob.CreateEncryptor(blob, cert);

            var data = Encoding.UTF8.GetBytes("Super secret secret");

            encryptor.Encrypt(data);
        }
示例#3
0
        public void CannotDecrpytWithoutPrivateKey()
        {
            Assert.Throws(typeof(InvalidOperationException), () =>
            {
                var cert = RSACertificateBuilder.CreateNewCertificate(new RSACertificateBuilderOptions {
                    FullSubjectName = "CN=Test", KeySize = 1024
                });
                var publicCert = new X509Certificate2(cert.Export(X509ContentType.Cert));

                var blob = AESBlob.CreateBlob(AESKeySize.AES256, publicCert);
                AESBlob.CreateEncryptor(blob, publicCert);
            });
        }
示例#4
0
        public static async Task <IEncryptor> CreateEncryptor(IOptimisticStore store, StoreLocation keyLocation, RSA rsaCert)
        {
            bool isFound;

            byte[] blob;
            do
            {
                var data = await store.LoadData(keyLocation);

                if (data == null)
                {
                    // Have to create a new key
                    blob = AESBlob.CreateBlob(DefaultKeySize, rsaCert);
                    var ct = CancellationToken.None;

                    // We use an optimistic write so that it will only create the file IF THE FILE DOES NOT EXIST
                    // This will catch rare cases where two server calls may try to create two keys
                    var result = await store.TryOptimisticWrite(keyLocation, null, null, async (s) =>
                    {
                        await s.WriteAsync(blob, 0, blob.Length, ct);
                        return(blob.Length);
                    }, ct);

                    isFound = result.Result;
                }
                else
                {
                    blob = await data.Stream.ReadBytes();

                    isFound = true;
                }
            } while (!isFound);

            var encryptor = AESBlob.CreateEncryptor(blob, rsaCert);

            return(new CertProtectedEncryptor(keyLocation.Container, encryptor));
        }