public static void TestDispose()
{
KeyWrap keyWrap = new KeyWrap(_keyEncryptingKey, 6, KeyWrapMode.Specification);
keyWrap.Dispose();
Assert.Throws<ObjectDisposedException>(() =>
{
keyWrap.Wrap(new AesKey());
});
Assert.Throws<ObjectDisposedException>(() =>
{
keyWrap.Unwrap(new byte[16 + 8]);
});
Assert.DoesNotThrow(() =>
{
keyWrap.Dispose();
});
}
public byte[] UnwrapMasterKey(AesKey keyEncryptingKey, byte fileVersionMajor)
{
byte[] wrappedKeyData = GetKeyData();
KeyWrapSalt salt = Salt;
if (fileVersionMajor <= 1)
{
// Due to a bug in 1.1 and earlier we only used a truncated part of the key and salt :-(
// Compensate for this here. Users should be warned if FileVersionMajor <= 1 .
byte[] badKey = new byte[keyEncryptingKey.Length];
Array.Copy(keyEncryptingKey.GetBytes(), 0, badKey, 0, 4);
keyEncryptingKey = new AesKey(badKey);
byte[] badSalt = new byte[salt.Length];
Array.Copy(salt.GetBytes(), 0, badSalt, 0, 4);
salt = new KeyWrapSalt(badSalt);
}
byte[] unwrappedKeyData;
using (KeyWrap keyWrap = new KeyWrap(keyEncryptingKey, salt, Iterations, KeyWrapMode.AxCrypt))
{
unwrappedKeyData = keyWrap.Unwrap(wrappedKeyData);
}
return unwrappedKeyData;
}
public void TestUnwrapFromSimpleFile()
{
using (Stream testStream = FakeRuntimeFileInfo.ExpandableMemoryStream(Resources.helloworld_key_a_txt))
{
KeyWrap1HeaderBlock keyWrapHeaderBlock = null;
using (AxCryptReader axCryptReader = AxCryptReader.Create(testStream))
{
int headers = 0;
while (axCryptReader.Read())
{
switch (axCryptReader.CurrentItemType)
{
case AxCryptItemType.None:
break;
case AxCryptItemType.MagicGuid:
break;
case AxCryptItemType.HeaderBlock:
if (axCryptReader.CurrentHeaderBlock.HeaderBlockType == HeaderBlockType.KeyWrap1)
{
keyWrapHeaderBlock = (KeyWrap1HeaderBlock)axCryptReader.CurrentHeaderBlock;
++headers;
}
break;
case AxCryptItemType.Data:
break;
case AxCryptItemType.EndOfStream:
break;
default:
break;
}
}
Assert.That(headers, Is.EqualTo(1), "We're expecting exactly one KeyWrap1 block to be found!");
byte[] wrapped = keyWrapHeaderBlock.GetKeyData();
using (KeyWrap keyWrap = new KeyWrap(new Passphrase("a").DerivedPassphrase, keyWrapHeaderBlock.Salt, keyWrapHeaderBlock.Iterations, KeyWrapMode.AxCrypt))
{
byte[] unwrapped = keyWrap.Unwrap(wrapped);
Assert.That(unwrapped.Length, Is.Not.EqualTo(0), "An unwrapped key is invalid if it is returned as a zero-length array.");
}
}
}
}
public void TestKeyWrapConstructorWithBadArgument()
{
using (KeyWrap keyWrap = new KeyWrap(_keyEncryptingKey, 6, KeyWrapMode.Specification))
{
Assert.Throws<InternalErrorException>(() => { keyWrap.Unwrap(_keyData.GetBytes()); }, "Calling with too short wrapped data.");
}
Assert.Throws<InternalErrorException>(() =>
{
using (KeyWrap keyWrap = new KeyWrap(_keyEncryptingKey, new KeyWrapSalt(32), 6, KeyWrapMode.AxCrypt))
{
}
}, "Calling with too long salt.");
Assert.Throws<InternalErrorException>(() =>
{
using (KeyWrap keyWrap = new KeyWrap(_keyEncryptingKey, 5, KeyWrapMode.AxCrypt))
{
}
}, "Calling with too few iterations.");
Assert.Throws<InternalErrorException>(() =>
{
using (KeyWrap keyWrap = new KeyWrap(_keyEncryptingKey, 0, KeyWrapMode.AxCrypt))
{
}
}, "Calling with zero (too few) iterations.");
Assert.Throws<InternalErrorException>(() =>
{
using (KeyWrap keyWrap = new KeyWrap(_keyEncryptingKey, -100, KeyWrapMode.AxCrypt))
{
}
}, "Calling with negative number of iterations.");
Assert.Throws<InternalErrorException>(() =>
{
using (KeyWrap keyWrap = new KeyWrap(_keyEncryptingKey, 6, (KeyWrapMode)9999))
{
}
}, "Calling with bogus KeyWrapMode.");
Assert.Throws<ArgumentNullException>(() =>
{
using (KeyWrap keyWrap = new KeyWrap(null, new KeyWrapSalt(16), 6, KeyWrapMode.AxCrypt))
{
}
}, "Calling with null key argument.");
Assert.Throws<ArgumentNullException>(() =>
{
using (KeyWrap keyWrap = new KeyWrap(_keyEncryptingKey, null, 6, KeyWrapMode.Specification))
{
}
}, "Calling with null salt argument.");
}
public void TestWrapAndUnwrapSpecificationMode()
{
AesKey keyToWrap = new AesKey(new byte[] { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15 });
AesKey keyEncryptingKey = new AesKey(new byte[] { 15, 14, 13, 12, 11, 10, 9, 8, 7, 6, 5, 4, 3, 2, 1, 0 });
KeyWrapSalt salt = new KeyWrapSalt(new byte[] { 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31 });
long iterations = 23456;
byte[] wrapped;
using (KeyWrap keyWrap = new KeyWrap(keyEncryptingKey, salt, iterations, KeyWrapMode.Specification))
{
wrapped = keyWrap.Wrap(keyToWrap);
}
byte[] unwrapped;
using (KeyWrap keyWrap = new KeyWrap(keyEncryptingKey, salt, iterations, KeyWrapMode.Specification))
{
unwrapped = keyWrap.Unwrap(wrapped);
}
Assert.That(unwrapped, Is.EquivalentTo(keyToWrap.GetBytes()), "The unwrapped data should be equal to original.");
}
public void TestUnwrap()
{
byte[] unwrapped;
using (KeyWrap keyWrap = new KeyWrap(_keyEncryptingKey, 6, KeyWrapMode.Specification))
{
unwrapped = keyWrap.Unwrap(_wrapped);
}
Assert.That(unwrapped, Is.EquivalentTo(_keyData.GetBytes()), "Unwrapped the wrong data");
}