public MyKey(bool isRevoked = false, IAuthenticatedEncryptor expectedEncryptorInstance = null)
{
CreationDate = DateTimeOffset.Now;
ActivationDate = CreationDate + TimeSpan.FromHours(1);
ExpirationDate = CreationDate + TimeSpan.FromDays(30);
IsRevoked = isRevoked;
KeyId = Guid.NewGuid();
_encryptorFactory = () => expectedEncryptorInstance ?? new Mock <IAuthenticatedEncryptor>().Object;
}
/// <summary>
/// Performs a self-test of this encryptor by running a sample payload through an
/// encrypt-then-decrypt operation. Throws if the operation fails.
/// </summary>
public static void PerformSelfTest(this IAuthenticatedEncryptor encryptor)
{
// Arrange
var plaintextAsGuid = Guid.NewGuid();
var plaintextAsBytes = plaintextAsGuid.ToByteArray();
var aad = Guid.NewGuid().ToByteArray();
// Act
var protectedData = encryptor.Encrypt(new ArraySegment <byte>(plaintextAsBytes), new ArraySegment <byte>(aad));
var roundTrippedData = encryptor.Decrypt(new ArraySegment <byte>(protectedData), new ArraySegment <byte>(aad));
// Assert
CryptoUtil.Assert(roundTrippedData != null && roundTrippedData.Length == plaintextAsBytes.Length && plaintextAsGuid == new Guid(roundTrippedData),
"Plaintext did not round-trip properly through the authenticated encryptor.");
}
public IAuthenticatedEncryptor CreateEncryptor()
{
if (_encryptor == null)
{
foreach (var factory in _encryptorFactories)
{
var encryptor = factory.CreateEncryptorInstance(this);
if (encryptor != null)
{
_encryptor = encryptor;
break;
}
}
}
return(_encryptor);
}
/// <summary>
/// Sets up a mock such that given the name of a deserializer class and the XML node that class's
/// Import method should expect returns a descriptor which produces the given authenticator.
/// </summary>
public static void ReturnAuthenticatedEncryptorGivenDeserializerTypeNameAndInput(this Mock<IActivator> mockActivator, string typeName, string xml, IAuthenticatedEncryptor encryptor)
{
mockActivator
.Setup(o => o.CreateInstance(typeof(IAuthenticatedEncryptorDescriptorDeserializer), typeName))
.Returns(() =>
{
var mockDeserializer = new Mock<IAuthenticatedEncryptorDescriptorDeserializer>();
mockDeserializer
.Setup(o => o.ImportFromXml(It.IsAny<XElement>()))
.Returns<XElement>(el =>
{
// Only return the descriptor if the XML matches
XmlAssert.Equal(xml, el);
var mockDescriptor = new Mock<IAuthenticatedEncryptorDescriptor>();
mockDescriptor.Setup(o => o.CreateEncryptorInstance()).Returns(encryptor);
return mockDescriptor.Object;
});
return mockDeserializer.Object;
});
}
internal IAuthenticatedEncryptor GetEncryptorInstance(out bool isRevoked)
{
// simple double-check lock pattern
// we can't use LazyInitializer<T> because we don't have a simple value factory
IAuthenticatedEncryptor encryptor = Volatile.Read(ref _encryptor);
if (encryptor == null)
{
lock (this)
{
encryptor = Volatile.Read(ref _encryptor);
if (encryptor == null)
{
encryptor = _key.CreateEncryptorInstance();
Volatile.Write(ref _encryptor, encryptor);
}
}
}
isRevoked = _key.IsRevoked;
return(encryptor);
}
public IKey Key => _key; // change to implement IKeyRingStores
internal IAuthenticatedEncryptor GetEncryptorInstance(out bool isRevoked)
{
// simple double-check lock pattern
// we can't use LazyInitializer<T> because we don't have a simple value factory
IAuthenticatedEncryptor encryptor = Volatile.Read(ref _encryptor);
if (encryptor == null)
{
lock (_locker) // use object locker instead of this
{
encryptor = Volatile.Read(ref _encryptor);
if (encryptor == null)
{
encryptor = Key.CreateEncryptor();
Volatile.Write(ref _encryptor, encryptor);
}
}
}
isRevoked = Key.IsRevoked; // change to implement IKeyRingStores
return(encryptor);
}
public static byte[] Encrypt(this IAuthenticatedEncryptor encryptor, ArraySegment <byte> plaintext, ArraySegment <byte> additionalAuthenticatedData, uint preBufferSize, uint postBufferSize)
{
// Can we call the optimized version?
IOptimizedAuthenticatedEncryptor optimizedEncryptor = encryptor as IOptimizedAuthenticatedEncryptor;
if (optimizedEncryptor != null)
{
return(optimizedEncryptor.Encrypt(plaintext, additionalAuthenticatedData, preBufferSize, postBufferSize));
}
// Fall back to the unoptimized version
if (preBufferSize == 0 && postBufferSize == 0)
{
// optimization: call through to inner encryptor with no modifications
return(encryptor.Encrypt(plaintext, additionalAuthenticatedData));
}
else
{
byte[] temp = encryptor.Encrypt(plaintext, additionalAuthenticatedData);
byte[] retVal = new byte[checked (preBufferSize + temp.Length + postBufferSize)];
Buffer.BlockCopy(temp, 0, retVal, checked ((int)preBufferSize), temp.Length);
return(retVal);
}
}
public TestEncryptorFactory(IAuthenticatedEncryptorDescriptor associatedDescriptor = null, IAuthenticatedEncryptor expectedEncryptor = null)
{
_associatedDescriptor = associatedDescriptor;
_expectedEncryptor = expectedEncryptor;
}
/// <summary>
/// Sets up a mock such that given the name of a deserializer class and the XML node that class's
/// Import method should expect returns a descriptor which produces the given authenticator.
/// </summary>
public static void ReturnAuthenticatedEncryptorGivenDeserializerTypeNameAndInput(this Mock <IActivator> mockActivator, string typeName, string xml, IAuthenticatedEncryptor encryptor)
{
mockActivator
.Setup(o => o.CreateInstance(typeof(IAuthenticatedEncryptorDescriptorDeserializer), typeName))
.Returns(() =>
{
var mockDeserializer = new Mock <IAuthenticatedEncryptorDescriptorDeserializer>();
mockDeserializer
.Setup(o => o.ImportFromXml(It.IsAny <XElement>()))
.Returns <XElement>(el =>
{
// Only return the descriptor if the XML matches
XmlAssert.Equal(xml, el);
var mockDescriptor = new Mock <IAuthenticatedEncryptorDescriptor>();
mockDescriptor.Setup(o => o.CreateEncryptorInstance()).Returns(encryptor);
return(mockDescriptor.Object);
});
return(mockDeserializer.Object);
});
}
public MyKey(bool isRevoked = false, IAuthenticatedEncryptor expectedEncryptorInstance = null)
{
CreationDate = DateTimeOffset.Now;
ActivationDate = CreationDate + TimeSpan.FromHours(1);
ExpirationDate = CreationDate + TimeSpan.FromDays(30);
IsRevoked = isRevoked;
KeyId = Guid.NewGuid();
_encryptorFactory = () => expectedEncryptorInstance ?? new Mock<IAuthenticatedEncryptor>().Object;
}
