private void SaveKeyPair(KeyAlgorithmPair pair, string xmlToUse)
{
KeyAlgorithmStorageProviderFactory factory = new KeyAlgorithmStorageProviderFactory(CreateContext(xmlToUse));
IKeyAlgorithmPairStorageProvider provider = factory.Create();
provider.Save(pair);
}
public void ReadAndWriteToEncryptedConfiguration()
{
const string sectionName = "MyEncryptedConfig";
KeyAlgorithmPair keyAlgorithmPair = new KeyAlgorithmPair();
keyAlgorithmPair.Key = new SymmetricAlgorithmKeyCreator(typeof(RijndaelManaged).AssemblyQualifiedName).GenerateKey();
keyAlgorithmPair.AlgorithmTypeName = typeof(RijndaelManaged).AssemblyQualifiedName;
FileKeyAlgorithmPairStorageProvider provider = new FileKeyAlgorithmPairStorageProvider();
provider.ConfigurationName = "FileKeyAlgorithmPairStorageProviderData";
using (ConfigurationBuilder builder = new ConfigurationBuilder())
{
// change wher the file is
RuntimeConfigurationView view = new RuntimeConfigurationView(new ConfigurationContext(new NonDisposingWrapper(builder)));
FileKeyAlgorithmPairStorageProviderData fileData = (FileKeyAlgorithmPairStorageProviderData)view.GetKeyAlgorithmPairStorageProviderData();
fileData.Path = Path.GetTempFileName();
provider.Initialize(view);
provider.Save(keyAlgorithmPair);
builder.WriteConfiguration(sectionName, data);
MockConfigurationData myData = (MockConfigurationData)builder.ReadConfiguration(sectionName);
Assert.AreEqual(myData.ToString(), data.ToString());
builder.ClearSectionCache();
myData = (MockConfigurationData)builder.ReadConfiguration(sectionName);
Assert.AreEqual(myData.ToString(), data.ToString());
}
}
public void TestConstruction()
{
byte[] bytes = new byte[] { 1, 2, 3, 4 };
using (KeyAlgorithmPair pair = new KeyAlgorithmPair(bytes, "foo"))
{
Assert.AreEqual("foo", pair.AlgorithmTypeName);
Assert.IsTrue(CryptographyUtility.CompareBytes(bytes, pair.Key));
}
}
public void TestConstruction()
{
byte[] bytes = new byte[] {1, 2, 3, 4};
using (KeyAlgorithmPair pair = new KeyAlgorithmPair(bytes, "foo"))
{
Assert.AreEqual("foo", pair.AlgorithmTypeName);
Assert.IsTrue(CryptographyUtility.CompareBytes(bytes, pair.Key));
}
}
private void SetDataToBeEncrypted(ConfigurationContext context)
{
KeyAlgorithmStorageProviderFactory factory = new KeyAlgorithmStorageProviderFactory(context);
IKeyAlgorithmPairStorageProvider provider = factory.Create();
keyAlgorithmPair = provider.Load();
if (null == keyAlgorithmPair)
{
throw new InvalidOperationException(SR.ExceptionKeyAlgorithmPairLoad);
}
encrypted = true;
}
public void ConfigurationProtectorTestEncryptedButNoProvider()
{
RijndaelManaged myRijndael = new RijndaelManaged();
myRijndael.GenerateKey();
KeyAlgorithmPair pair = new KeyAlgorithmPair(myRijndael.Key, myRijndael.GetType().AssemblyQualifiedName);
SaveKeyPair(pair, xmlStringWithDpapi);
using (ConfigurationContext context = CreateContext(xmlStringNoStorageProvider))
{
using (ConfigurationProtector protector = new ConfigurationProtector())
{
protector.Load(context, sectionName);
}
}
}
public void ConfigurationProtectorTestWithDpapi()
{
string mySecret = "mary had a little lamb";
RijndaelManaged myRijndael = new RijndaelManaged();
myRijndael.GenerateKey();
KeyAlgorithmPair pair = new KeyAlgorithmPair(myRijndael.Key, myRijndael.GetType().AssemblyQualifiedName);
SaveKeyPair(pair, xmlStringWithDpapi);
ConfigurationContext context = CreateContext(xmlStringWithDpapi);
using (ConfigurationProtector protector = new ConfigurationProtector())
{
protector.Load(context, sectionName);
byte[] inBytes = UnicodeEncoding.Unicode.GetBytes(mySecret);
byte[] encryptedBytes = protector.Encrypt(inBytes);
byte[] decryptedBytes = protector.Decrypt(encryptedBytes);
Assert.AreEqual(mySecret, UnicodeEncoding.Unicode.GetString(decryptedBytes));
}
}
private bool SaveKeyAlgorithmPairWithNewDapiSettings(DpapiSettings newDpapiSettings, DpapiSettings originalDpapiSettings)
{
ConfigurationContext context = GetContext();
ConfigurationSettings settings = context.GetMetaConfiguration();
FileKeyAlgorithmPairStorageProvider loadProvider = new FileKeyAlgorithmPairStorageProvider();
FileKeyAlgorithmPairStorageProviderData loadData = new FileKeyAlgorithmPairStorageProviderData(
SR.DefaultFileKeyAlgorithmStorageProviderNodeName, currentNode.File, GetDpapiSettingsData(originalDpapiSettings));
settings.KeyAlgorithmPairStorageProviderData = loadData;
loadProvider.ConfigurationName = loadData.Name;
loadProvider.Initialize(new RuntimeConfigurationView(context));
FileKeyAlgorithmPairStorageProvider saveProvider = new FileKeyAlgorithmPairStorageProvider();
FileKeyAlgorithmPairStorageProviderData saveData = new FileKeyAlgorithmPairStorageProviderData(
SR.DefaultFileKeyAlgorithmStorageProviderNodeName, currentNode.File, GetDpapiSettingsData(newDpapiSettings));
settings.KeyAlgorithmPairStorageProviderData = saveData;
saveProvider.ConfigurationName = saveData.Name;
saveProvider.Initialize(new RuntimeConfigurationView(context));
try
{
KeyAlgorithmPair key = loadProvider.Load();
saveProvider.Save(key);
}
catch (Exception ex)
{
MessageBox.Show(
SR.FileKeyAlgorithmDpapiSettingsEditorUnableToSaveNewDpapiSettingsErrorMessage(ex.Message),
SR.FileKeyAlgorithmDpapiSettingsEditorUnableToSaveNewDpapiSettingsCaption,
MessageBoxButtons.OK,
MessageBoxIcon.Error
);
return(false);
}
return(true);
}
/// <summary>
/// Creates an instance.
/// </summary>
/// <param name="keyAlgorithmPair">The existing key algorithm pair. Pass <c>null</c> for opening an existing key algorithm pair.</param>
/// <param name="serviceProvider">
/// <para>The a mechanism for retrieving a service object; that is, an object that provides custom support to other objects.</para>
/// </param>
public FileKeyAlgorithmStorageProviderWizard(KeyAlgorithmPair keyAlgorithmPair, IServiceProvider serviceProvider)
{
openMode = (keyAlgorithmPair == null);
this.keyAlgorithmPair = keyAlgorithmPair;
this.provider = serviceProvider;
InitializeComponent();
if (openMode)
{
introLabel.Text = SR.FileKeyAlgorithmWizardLoadIntroText;
dpapiCheckBox.Text = SR.FileKeyAlgorithmWizardDpapiLoadLabelText;
}
else
{
introLabel.Text = SR.FileKeyAlgorithmWizardSaveIntroText;
dpapiCheckBox.Text = SR.FileKeyAlgorithmWizardDpapiSaveLabelText;
}
dpapiTextLabel.Text = SR.DpapiSettingsFirstRunInstructionMessage;
dpapiTextLabel.Enabled = false;
dpapiSettingsControl.Enabled = false;
}
private void SaveAndLoad(RuntimeConfigurationView configurationView)
{
FileKeyAlgorithmPairStorageProvider provider = new FileKeyAlgorithmPairStorageProvider();
provider.Initialize(configurationView);
provider.Save(DefaultKey);
KeyAlgorithmPair key = provider.Load();
Assert.IsNotNull(key);
Assert.AreEqual(DefaultKey.AlgorithmTypeName, key.AlgorithmTypeName);
Assert.IsTrue(CryptographyUtility.CompareBytes(DefaultKey.Key, key.Key));
FileKeyAlgorithmPairStorageProviderData data = (FileKeyAlgorithmPairStorageProviderData)configurationView.GetKeyAlgorithmPairStorageProviderData();
// If protected, ensure it's protected properly
if (null != data.DpapiSettings)
{
using (FileStream fs = new FileStream(filePath, FileMode.Open, FileAccess.Read))
{
BinaryFormatter formatter = new BinaryFormatter();
bool deserialized = true;
try
{
KeyAlgorithmPair deserializedKey = (KeyAlgorithmPair)formatter.Deserialize(fs);
Assert.IsNotNull(deserializedKey);
}
catch
{
deserialized = false;
}
// Shouldn't deserialize if it's DPAPI protected
Assert.IsFalse(deserialized);
}
}
}
