public void TestBasicEncryption() { // tests key creation and exchange // - between 2 clients using (Reference <ILogger> loggerRef = Reference <ILogger> .Create(new TraceLogger(true))) { using (CoreServer server = new CoreServer(loggerRef, "UTT", NodeType.Router)) { server.Start(); using (ICoreClient sender = new CoreClientFactory(loggerRef).SetEnv("UTT").Create()) using (ICoreClient recver = new CoreClientFactory(loggerRef).SetEnv("UTT").Create()) { // check un-encrypted traffic Guid evtId1 = sender.SaveObject <TestData>(new TestData("1", 1), "test", null, TimeSpan.MaxValue); List <ICoreItem> recdList1 = recver.LoadItems <TestData>(Expr.ALL); Assert.AreEqual <int>(1, recdList1.Count); ICoreItem recdItem1 = recdList1[0]; Assert.AreEqual <Guid>(evtId1, recdItem1.Id); Assert.IsNull(recdItem1.TranspKeyId); Assert.IsNull(recdItem1.SenderKeyId); Assert.IsNull(recdItem1.RecverKeyId); // generate keys string senderKeyId = sender.CryptoManager.GenerateNewKeys(); string recverKeyId = recver.CryptoManager.GenerateNewKeys(); // send encrypted message and check receiver fails to decrypt ICoreItem sentItem2 = sender.MakeObject <TestData>(new TestData("2", 2), "test", null); sentItem2.TranspKeyId = senderKeyId; sentItem2.SenderKeyId = senderKeyId; Guid evtId2 = sender.SaveItem(sentItem2); List <ICoreItem> recdList2 = recver.LoadItems <TestData>(Expr.ALL); Assert.AreEqual <int>(1, recdList2.Count); ICoreItem recdItem2 = recdList2[0]; Assert.AreEqual <Guid>(evtId2, recdItem2.Id); Assert.AreEqual <Guid>(evtId2, recdItem2.Id); Assert.AreEqual <string>(senderKeyId, recdItem2.TranspKeyId); Assert.AreEqual <string>(senderKeyId, recdItem2.SenderKeyId); Assert.IsNull(recver.CryptoManager.GetTranspKey(senderKeyId)); // set public key at receiver and check authentication recver.CryptoManager.SetPublicKey(senderKeyId, sender.CryptoManager.GetPublicKey(senderKeyId)); Assert.IsTrue(recdItem2.IsSigned); Assert.IsFalse(recdItem2.IsSecret); // set transport key at receiver and recheck decryption recver.CryptoManager.SetTranspKey(senderKeyId, sender.CryptoManager.GetTranspKey(senderKeyId)); object data2 = recdItem2.Data; Assert.IsNotNull(data2); Assert.AreEqual <Type>(typeof(TestData), data2.GetType()); } server.Stop(); } } }
public void TestSecretKeyExchange() { // tests key creation and exchange // - between 2 clients using (Reference <ILogger> loggerRef = Reference <ILogger> .Create(new TraceLogger(true))) { using (CoreServer server = new CoreServer(loggerRef, "UTT", NodeType.Router)) { server.Start(); using (ICoreClient sender = new CoreClientFactory(loggerRef).SetEnv("UTT").Create()) using (ICoreClient recver = new CoreClientFactory(loggerRef).SetEnv("UTT").Create()) { // generate keys string senderKeyId = sender.CryptoManager.GenerateNewKeys(); string recverKeyId = recver.CryptoManager.GenerateNewKeys(); // hardcode the public key exchange sender.CryptoManager.SetPublicKey(recverKeyId, recver.CryptoManager.GetPublicKey(recverKeyId)); recver.CryptoManager.SetPublicKey(senderKeyId, sender.CryptoManager.GetPublicKey(senderKeyId)); sender.DefaultLifetime = TimeSpan.FromMinutes(5); // send secret message containing transport key ICoreItem item1 = sender.MakeObject <string>("", "key", null); TestData sendXKey = new TestData(); sendXKey.field1 = senderKeyId; sendXKey.array1 = new string[1] { sender.CryptoManager.GetTranspKey(senderKeyId) }; item1.SetData(sendXKey); //evt1.ItemName = "key"; item1.SenderKeyId = senderKeyId; item1.RecverKeyId = recverKeyId; Guid evtIdXKey = sender.SaveItem(item1); // send encrypted message ICoreItem item2 = sender.MakeObject <string>("", "data", null); string text2 = XmlSerializerHelper.SerializeToString(new TestData("data", 1)); item2.SetText(text2, typeof(TestData)); item2.TranspKeyId = senderKeyId; item2.SenderKeyId = senderKeyId; Guid evtIdData = sender.SaveItem(item2); // check sender // note: // - although sender published the key, sender cannot see it // - however, sender can see the data ICoreItem sentItemXKey = sender.LoadItem <TestData>("key"); Assert.IsNotNull(sentItemXKey); Assert.AreEqual <Guid>(evtIdXKey, sentItemXKey.Id); Assert.AreEqual <string>("key", sentItemXKey.Name); Assert.IsTrue(sentItemXKey.IsSigned); Assert.IsTrue(sentItemXKey.IsSecret); //object sentTempXKey = sentItemXKey.Data; // this will fail ICoreItem sentItemData = sender.LoadItem <TestData>("data"); Assert.IsNotNull(sentItemData); Assert.AreEqual <Guid>(evtIdData, sentItemData.Id); Assert.AreEqual <string>("data", sentItemData.Name); Assert.IsTrue(sentItemData.IsSigned); Assert.IsFalse(sentItemData.IsSecret); object sentTempData = sentItemData.Data; Assert.IsNotNull(sentTempData); Assert.AreEqual <Type>(typeof(TestData), sentTempData.GetType()); TestData sentTestData = (TestData)sentTempData; Assert.AreEqual <string>("data", sentTestData.field1); Assert.AreEqual <int>(1, sentTestData.field2); // check that secret transport key is received by recver ICoreItem recdItemXKey = recver.LoadItem <TestData>("key"); Assert.IsNotNull(recdItemXKey); Assert.AreEqual <Guid>(evtIdXKey, recdItemXKey.Id); Assert.AreEqual <string>("key", recdItemXKey.Name); Assert.IsTrue(recdItemXKey.IsSigned); Assert.IsTrue(recdItemXKey.IsSecret); object recdTempXKey = recdItemXKey.Data; Assert.IsNotNull(recdTempXKey); Assert.AreEqual <Type>(typeof(TestData), recdTempXKey.GetType()); TestData recdTestXKey = (TestData)recdTempXKey; Assert.AreEqual <string>(recdTestXKey.field1, senderKeyId); Assert.IsNotNull(recdTestXKey.array1); Assert.AreEqual <int>(1, recdTestXKey.array1.Length); Assert.AreEqual <string>(recdTestXKey.array1[0], sender.CryptoManager.GetTranspKey(senderKeyId)); // set the transport key and receive the 2nd data message recver.CryptoManager.SetTranspKey(recdTestXKey.field1, recdTestXKey.array1[0]); ICoreItem recdItemData = recver.LoadItem <TestData>("data"); Assert.IsNotNull(recdItemData); Assert.AreEqual <Guid>(evtIdData, recdItemData.Id); Assert.AreEqual <string>("data", recdItemData.Name); Assert.IsTrue(recdItemData.IsSigned); Assert.IsFalse(recdItemData.IsSecret); object recdTempData = recdItemData.Data; Assert.IsNotNull(recdTempData); Assert.AreEqual <Type>(typeof(TestData), recdTempData.GetType()); TestData recdTestData = (TestData)recdTempData; Assert.AreEqual <string>("data", recdTestData.field1); Assert.AreEqual <int>(1, recdTestData.field2); } server.Stop(); } } }