public void TestRoundTripWithCSPAndCertStoreProvider() { const string providerName = "Microsoft Enhanced RSA and AES Cryptographic Provider"; string providerType = "24"; string certificateName = string.Format(@"AETest - {0}", providerName); CertificateUtilityWin.CreateCertificate(certificateName, StoreLocation.CurrentUser.ToString(), providerName, providerType); try { X509Certificate2 cert = CertificateUtilityWin.GetCertificate(certificateName, StoreLocation.CurrentUser); string cspPath = CertificateUtilityWin.GetCspPathFromCertificate(cert); string certificatePath = String.Concat(@"CurrentUser/my/", cert.Thumbprint); SqlColumnEncryptionCertificateStoreProvider certProvider = new SqlColumnEncryptionCertificateStoreProvider(); SqlColumnEncryptionCspProvider cspProvider = new SqlColumnEncryptionCspProvider(); byte[] columnEncryptionKey = DatabaseHelper.GenerateRandomBytes(32); byte[] encryptedColumnEncryptionKeyUsingCert = certProvider.EncryptColumnEncryptionKey(certificatePath, @"RSA_OAEP", columnEncryptionKey); byte[] columnEncryptionKeyReturnedCert2CSP = cspProvider.DecryptColumnEncryptionKey(cspPath, @"RSA_OAEP", encryptedColumnEncryptionKeyUsingCert); Assert.True(columnEncryptionKey.SequenceEqual(columnEncryptionKeyReturnedCert2CSP)); byte[] encryptedColumnEncryptionKeyUsingCSP = cspProvider.EncryptColumnEncryptionKey(cspPath, @"RSA_OAEP", columnEncryptionKey); byte[] columnEncryptionKeyReturnedCSP2Cert = certProvider.DecryptColumnEncryptionKey(certificatePath, @"RSA_OAEP", encryptedColumnEncryptionKeyUsingCSP); Assert.True(columnEncryptionKey.SequenceEqual(columnEncryptionKeyReturnedCSP2Cert)); } finally { CertificateUtilityWin.RemoveCertificate(certificateName, StoreLocation.CurrentUser); } }
public void ThrowExceptionWithInvalidParameterWhileDecryptingColumnEncryptionKey(string errorMsg, Type exceptionType, string masterKeyPath, string encryptionAlgorithm, byte[] bytes) { var provider = new SqlColumnEncryptionCspProvider(); Exception ex = Assert.Throws(exceptionType, () => provider.DecryptColumnEncryptionKey(masterKeyPath, encryptionAlgorithm, bytes)); Assert.Matches(errorMsg, ex.Message); }
public void ThrowPlatformNotSupportedExceptionInUnix() { var provider = new SqlColumnEncryptionCspProvider(); Assert.Throws <PlatformNotSupportedException>(() => provider.EncryptColumnEncryptionKey("", "", new byte[] { })); Assert.Throws <PlatformNotSupportedException>(() => provider.DecryptColumnEncryptionKey("", "", new byte[] { })); Assert.Throws <PlatformNotSupportedException>(() => provider.SignColumnMasterKeyMetadata("", false)); Assert.Throws <PlatformNotSupportedException>(() => provider.VerifyColumnMasterKeyMetadata("", false, new byte[] { })); }
public void EncryptKeyAndThenDecryptItSuccessfully(int dataSize) { var provider = new SqlColumnEncryptionCspProvider(); var columnEncryptionKey = new byte[dataSize]; var randomNumberGenerator = new Random(); randomNumberGenerator.NextBytes(columnEncryptionKey); byte[] encryptedData = provider.EncryptColumnEncryptionKey(MASTER_KEY_PATH, ENCRYPTION_ALGORITHM, columnEncryptionKey); byte[] decryptedData = provider.DecryptColumnEncryptionKey(MASTER_KEY_PATH, ENCRYPTION_ALGORITHM, encryptedData); Assert.Equal(columnEncryptionKey, decryptedData); }