public void TestWriteWithHmac()
{
V2DocumentHeaders headers = new V2DocumentHeaders(new EncryptionParameters(new V2Aes256CryptoFactory().CryptoId, new Passphrase("v2passzz")), 20);
byte[] output;
V2HmacCalculator hmacCalculator = new V2HmacCalculator(new SymmetricKey(headers.GetHmacKey()));
using (V2HmacStream <MemoryStream> hmacStream = V2HmacStream.Create <MemoryStream>(hmacCalculator, new MemoryStream()))
{
headers.WriteStartWithHmac(hmacStream);
headers.WriteEndWithHmac(hmacCalculator, hmacStream, 0, 0);
hmacStream.Flush();
output = hmacStream.Chained.ToArray();
}
byte[] hmacBytesFromHeaders = new byte[V2Hmac.RequiredLength];
Array.Copy(output, output.Length - V2Hmac.RequiredLength, hmacBytesFromHeaders, 0, V2Hmac.RequiredLength);
V2Hmac hmacFromHeaders = new V2Hmac(hmacBytesFromHeaders);
byte[] dataToHmac = new byte[output.Length - (V2Hmac.RequiredLength + 5)];
Array.Copy(output, 0, dataToHmac, 0, dataToHmac.Length);
HMACSHA512 hmac = new HMACSHA512(headers.GetHmacKey());
hmac.TransformFinalBlock(dataToHmac, 0, dataToHmac.Length);
V2Hmac hmacFromCalculation = new V2Hmac(hmac.Hash);
Assert.That(hmacFromHeaders, Is.EqualTo(hmacFromCalculation));
}
public static async Task TestGetTwoAsymmetricCryptosFromHeaders(CryptoImplementation cryptoImplementation)
{
SetupAssembly.AssemblySetupCrypto(cryptoImplementation);
Headers headers = new Headers();
EncryptionParameters parameters = new EncryptionParameters(new V2Aes256CryptoFactory().CryptoId, new Passphrase("secrets"));
IAsymmetricPublicKey publicKey1 = New <IAsymmetricFactory>().CreatePublicKey(Resources.PublicKey1);
IAsymmetricPublicKey publicKey2 = New <IAsymmetricFactory>().CreatePublicKey(Resources.PublicKey2);
await parameters.AddAsync(new UserPublicKey[] { new UserPublicKey(EmailAddress.Parse("*****@*****.**"), publicKey1), new UserPublicKey(EmailAddress.Parse("*****@*****.**"), publicKey2), });
V2DocumentHeaders documentHeaders = new V2DocumentHeaders(parameters, 10);
using (V2HmacStream <MemoryStream> stream = V2HmacStream.Create <MemoryStream>(new V2HmacCalculator(new SymmetricKey(new byte[0])), new MemoryStream()))
{
documentHeaders.WriteStartWithHmac(stream);
stream.Flush();
stream.Chained.Position = 0;
using (V2AxCryptReader reader = new V2AxCryptReader(new LookAheadStream(stream.Chained)))
{
while (reader.Read())
{
if (reader.CurrentItemType == AxCryptItemType.HeaderBlock)
{
headers.HeaderBlocks.Add(reader.CurrentHeaderBlock);
}
}
SymmetricKey dataEncryptingKey = documentHeaders.Headers.FindHeaderBlock <V2KeyWrapHeaderBlock>().MasterKey;
IEnumerable <V2AsymmetricKeyWrapHeaderBlock> readerAsymmetricKeys = headers.HeaderBlocks.OfType <V2AsymmetricKeyWrapHeaderBlock>();
Assert.That(readerAsymmetricKeys.Count(), Is.EqualTo(2), "There should be two asymmetric keys in the headers.");
V2AsymmetricKeyWrapHeaderBlock asymmetricKey1 = readerAsymmetricKeys.First();
IAsymmetricPrivateKey privateKey1 = New <IAsymmetricFactory>().CreatePrivateKey(Resources.PrivateKey1);
asymmetricKey1.SetPrivateKey(new V2Aes256CryptoFactory(), privateKey1);
Assert.That(dataEncryptingKey, Is.EqualTo(asymmetricKey1.Crypto(0).Key), "The asymmetric wrapped key should be the one in the ICrypto instance.");
IAsymmetricPrivateKey privateKey2 = New <IAsymmetricFactory>().CreatePrivateKey(Resources.PrivateKey2);
asymmetricKey1.SetPrivateKey(new V2Aes256CryptoFactory(), privateKey2);
Assert.That(asymmetricKey1.Crypto(0), Is.Null, "The ICrypto instance should be null, since the private key was wrong.");
V2AsymmetricKeyWrapHeaderBlock asymmetricKey2 = readerAsymmetricKeys.Last();
asymmetricKey2.SetPrivateKey(new V2Aes256CryptoFactory(), privateKey2);
Assert.That(dataEncryptingKey, Is.EqualTo(asymmetricKey2.Crypto(0).Key), "The asymmetric wrapped key should be the one in the ICrypto instance.");
asymmetricKey2.SetPrivateKey(new V2Aes256CryptoFactory(), privateKey1);
Assert.That(asymmetricKey2.Crypto(0), Is.Null, "The ICrypto instance should be null, since the private key was wrong.");
}
}
}
public static void TestGetCryptoFromHeaders(CryptoImplementation cryptoImplementation)
{
SetupAssembly.AssemblySetupCrypto(cryptoImplementation);
Headers headers = new Headers();
V2DocumentHeaders documentHeaders = new V2DocumentHeaders(new EncryptionParameters(new V2Aes256CryptoFactory().CryptoId, new Passphrase("passphrase")), 10);
using (V2HmacStream <MemoryStream> stream = V2HmacStream.Create <MemoryStream>(new V2HmacCalculator(new SymmetricKey(new byte[0])), new MemoryStream()))
{
documentHeaders.WriteStartWithHmac(stream);
stream.Flush();
stream.Chained.Position = 0;
using (V2AxCryptReader reader = new V2AxCryptReader(new LookAheadStream(stream.Chained)))
{
while (reader.Read())
{
if (reader.CurrentItemType == AxCryptItemType.HeaderBlock)
{
headers.HeaderBlocks.Add(reader.CurrentHeaderBlock);
}
}
SymmetricKey dataEncryptingKey = documentHeaders.Headers.FindHeaderBlock <V2KeyWrapHeaderBlock>().MasterKey;
V2KeyWrapHeaderBlock keyWrap = headers.FindHeaderBlock <V2KeyWrapHeaderBlock>();
IDerivedKey key = new V2Aes256CryptoFactory().RestoreDerivedKey(new Passphrase("passphrase"), keyWrap.DerivationSalt, keyWrap.DerivationIterations);
keyWrap.SetDerivedKey(new V2Aes256CryptoFactory(), key);
Assert.That(dataEncryptingKey, Is.EqualTo(keyWrap.MasterKey));
key = new V2Aes256CryptoFactory().RestoreDerivedKey(new Passphrase("wrong"), keyWrap.DerivationSalt, keyWrap.DerivationIterations);
keyWrap.SetDerivedKey(new V2Aes256CryptoFactory(), key);
Assert.That(dataEncryptingKey, Is.Not.EqualTo(keyWrap.MasterKey));
}
}
}