public void UsesKeyVaultToDecryptKey()
{
var keyMock = new Mock <IKeyEncryptionKey>(MockBehavior.Strict);
keyMock.Setup(client => client.UnwrapKeyAsync("RSA-OAEP", It.IsAny <ReadOnlyMemory <byte> >(), default))
.ReturnsAsync((string _, ReadOnlyMemory <byte> data, CancellationToken __) => data.ToArray().Reverse().ToArray())
.Verifiable();
var mock = new Mock <IKeyEncryptionKeyResolver>();
mock.Setup(client => client.ResolveAsync("KeyId", default))
.ReturnsAsync((string _, CancellationToken __) => keyMock.Object)
.Verifiable();
var serviceCollection = new ServiceCollection();
serviceCollection.AddSingleton(mock.Object);
var encryptor = new AzureKeyVaultXmlDecryptor(serviceCollection.BuildServiceProvider());
var result = encryptor.Decrypt(XElement.Parse(
@"<encryptedKey>
<kid>KeyId</kid>
<key>Dw4NDAsKCQgHBgUEAwIBAA==</key>
<iv>AAECAwQFBgcICQoLDA0ODw==</iv>
<value>VfLYL2prdymawfucH3Goso0zkPbQ4/GKqUsj2TRtLzsBPz7p7cL1SQaY6I29xSlsPQf6IjxHSz4sDJ427GvlLQ==</value>
</encryptedKey>"));
mock.VerifyAll();
Assert.NotNull(result);
Assert.AreEqual("<Element />", result.ToString());
}
public void UsesKeyVaultToDecryptKey()
{
var mock = new Mock <IKeyVaultWrappingClient>();
mock.Setup(client => client.UnwrapKeyAsync("KeyId", JsonWebKeyEncryptionAlgorithm.RSAOAEP, It.IsAny <byte[]>()))
.Returns <string, string, byte[]>((_, __, data) => Task.FromResult(new KeyOperationResult(null, data.Reverse().ToArray())))
.Verifiable();
var serviceCollection = new ServiceCollection();
serviceCollection.AddSingleton(mock.Object);
var encryptor = new AzureKeyVaultXmlDecryptor(serviceCollection.BuildServiceProvider());
var result = encryptor.Decrypt(XElement.Parse(
@"<encryptedKey>
<kid>KeyId</kid>
<key>Dw4NDAsKCQgHBgUEAwIBAA==</key>
<iv>AAECAwQFBgcICQoLDA0ODw==</iv>
<value>VfLYL2prdymawfucH3Goso0zkPbQ4/GKqUsj2TRtLzsBPz7p7cL1SQaY6I29xSlsPQf6IjxHSz4sDJ427GvlLQ==</value>
</encryptedKey>"));
mock.VerifyAll();
Assert.NotNull(result);
Assert.Equal("<Element />", result.ToString());
}
