private void RoundTripGeneric(string testData, AeadEnvelopeCrypto aeadEnvelopeCrypto) { CryptoPolicy cryptoPolicy = new DummyCryptoPolicy(); using (SecureCryptoKeyDictionary <DateTimeOffset> secureCryptoKeyDictionary = new SecureCryptoKeyDictionary <DateTimeOffset>(cryptoPolicy.GetRevokeCheckPeriodMillis())) { IEnvelopeEncryption <JObject> envelopeEncryptionJsonImpl = new EnvelopeEncryptionJsonImpl( partition, metastore, secureCryptoKeyDictionary, new SecureCryptoKeyDictionary <DateTimeOffset>(cryptoPolicy.GetRevokeCheckPeriodMillis()), aeadEnvelopeCrypto, cryptoPolicy, keyManagementService); using (Session <JObject, JObject> sessionJsonImpl = new SessionJsonImpl <JObject>(envelopeEncryptionJsonImpl)) { Asherah.AppEncryption.Util.Json testJson = new Asherah.AppEncryption.Util.Json(); testJson.Put("Test", testData); string persistenceKey = sessionJsonImpl.Store(testJson.ToJObject(), dataPersistence); Option <JObject> testJson2 = sessionJsonImpl.Load(persistenceKey, dataPersistence); Assert.True(testJson2.IsSome); string resultData = ((JObject)testJson2)["Test"].ToObject <string>(); Assert.Equal(testData, resultData); } } }
public CachedSession( EnvelopeEncryptionJsonImpl envelopeEncryptionJsonImpl, string key, SessionFactory sessionFactory) { this.envelopeEncryptionJsonImpl = envelopeEncryptionJsonImpl; this.key = key; this.sessionFactory = sessionFactory; }
private static object[] GenerateMocks(KeyState cacheIK, KeyState metaIK, KeyState cacheSK, KeyState metaSK) { AppEncryptionPartition appEncryptionPartition = new AppEncryptionPartition( cacheIK + "CacheIK_" + metaIK + "MetaIK_" + DateTimeUtils.GetCurrentTimeAsUtcIsoDateTimeOffset() + "_" + Random.Next(), cacheSK + "CacheSK_" + metaSK + "MetaSK_" + DateTimeUtils.GetCurrentTimeAsUtcIsoDateTimeOffset() + "_" + Random.Next(), DefaultProductId); // TODO Update to create KeyManagementService based on config/param once we plug in AWS KMS KeyManagementService kms = new StaticKeyManagementServiceImpl(KeyManagementStaticMasterKey); CryptoKeyHolder cryptoKeyHolder = CryptoKeyHolder.GenerateIKSK(); // TODO Pass Metastore type to enable spy generation once we plug in external metastore types Mock <MemoryPersistenceImpl <JObject> > metastorePersistence = MetastoreMock.CreateMetastoreMock(appEncryptionPartition, kms, metaIK, metaSK, cryptoKeyHolder); CacheMock cacheMock = CacheMock.CreateCacheMock(cacheIK, cacheSK, cryptoKeyHolder); // Mimics (mostly) the old TimeBasedCryptoPolicyImpl settings CryptoPolicy cryptoPolicy = BasicExpiringCryptoPolicy.NewBuilder() .WithKeyExpirationDays(KeyExpiryDays) .WithRevokeCheckMinutes(int.MaxValue) .WithCanCacheIntermediateKeys(false) .WithCanCacheSystemKeys(false) .Build(); SecureCryptoKeyDictionary <DateTimeOffset> intermediateKeyCache = cacheMock.IntermediateKeyCache; SecureCryptoKeyDictionary <DateTimeOffset> systemKeyCache = cacheMock.SystemKeyCache; EnvelopeEncryptionJsonImpl envelopeEncryptionJson = new EnvelopeEncryptionJsonImpl( appEncryptionPartition, metastorePersistence.Object, systemKeyCache, new FakeSecureCryptoKeyDictionaryFactory <DateTimeOffset>(intermediateKeyCache), new BouncyAes256GcmCrypto(), cryptoPolicy, kms); IEnvelopeEncryption <byte[]> envelopeEncryptionByteImpl = new EnvelopeEncryptionBytesImpl(envelopeEncryptionJson); // Need to manually set a no-op metrics instance IMetrics metrics = new MetricsBuilder() .Configuration.Configure(options => options.Enabled = false) .Build(); MetricsUtil.SetMetricsInstance(metrics); return(new object[] { envelopeEncryptionByteImpl, metastorePersistence, cacheIK, metaIK, cacheSK, metaSK, appEncryptionPartition }); }
private object[] GenerateMocks(KeyState cacheIK, KeyState metaIK, KeyState cacheSK, KeyState metaSK) { Partition partition = new Partition( cacheIK + "CacheIK_" + metaIK + "MetaIK_" + DateTimeUtils.GetCurrentTimeAsUtcIsoDateTimeOffset() + "_" + Random.Next(), cacheSK + "CacheSK_" + metaSK + "MetaSK_" + DateTimeUtils.GetCurrentTimeAsUtcIsoDateTimeOffset() + "_" + Random.Next(), DefaultProductId); KeyManagementService kms = configFixture.KeyManagementService; CryptoKeyHolder cryptoKeyHolder = CryptoKeyHolder.GenerateIKSK(); Mock <IMetastore <JObject> > metastoreMock = MetastoreMock.CreateMetastoreMock( partition, kms, metaIK, metaSK, cryptoKeyHolder, configFixture.Metastore); CacheMock cacheMock = CacheMock.CreateCacheMock(cacheIK, cacheSK, cryptoKeyHolder); // Mimics (mostly) the old TimeBasedCryptoPolicyImpl settings CryptoPolicy cryptoPolicy = BasicExpiringCryptoPolicy.NewBuilder() .WithKeyExpirationDays(KeyExpiryDays) .WithRevokeCheckMinutes(int.MaxValue) .WithCanCacheIntermediateKeys(false) .WithCanCacheSystemKeys(false) .Build(); SecureCryptoKeyDictionary <DateTimeOffset> intermediateKeyCache = cacheMock.IntermediateKeyCache; SecureCryptoKeyDictionary <DateTimeOffset> systemKeyCache = cacheMock.SystemKeyCache; EnvelopeEncryptionJsonImpl envelopeEncryptionJson = new EnvelopeEncryptionJsonImpl( partition, metastoreMock.Object, systemKeyCache, new FakeSecureCryptoKeyDictionaryFactory <DateTimeOffset>(intermediateKeyCache), new BouncyAes256GcmCrypto(), cryptoPolicy, kms); IEnvelopeEncryption <byte[]> envelopeEncryptionByteImpl = new EnvelopeEncryptionBytesImpl(envelopeEncryptionJson); return(new object[] { envelopeEncryptionByteImpl, metastoreMock, cacheIK, metaIK, cacheSK, metaSK, partition }); }