public void IsActuallyEncryptedTest() { // Make a key byte[] key; int ivLength; using (AesCryptoServiceProvider aes = new AesCryptoServiceProvider()) { key = aes.Key; ivLength = aes.BlockSize / 8; } // Make a provider IBlobCryptoProvider symmetricProvider = new SymmetricBlobCryptoProvider(key); var encryptedStream = symmetricProvider.EncryptedStream(streamSample); byte[] result = new byte[sampleStreamSize + ivLength]; encryptedStream.Read(result, 0, result.Length); Assert.IsFalse( result.SequenceEqual(streamSample.ToArray()), "Encrypted stream is not encrypted"); Assert.IsFalse( result.Take(5).SequenceEqual(streamSample.ToArray().Take(5)), "Encrypted stream is not encrypted"); }
public void BlockBlob_UploadDownload_File() { using (var file = new TemporaryFile(512)) { CloudStorageAccount storageAccount = CloudStorageAccount.DevelopmentStorageAccount; CloudBlobClient blobClient = storageAccount.CreateCloudBlobClient(); CloudBlobContainer container = blobClient.GetContainerReference("testcontainer"); container.CreateIfNotExists(); CloudBlockBlob blob = container.GetBlockBlobReference(file.fileInfo.Name); // Create provider var provider = new SymmetricBlobCryptoProvider(); // Upload file blob.UploadFromFileEncrypted(provider, file.fileInfo.FullName, FileMode.Open); // Download file string destinationFile = file.fileInfo.FullName + "decrypted"; blob.DownloadToFileEncrypted(provider, destinationFile, FileMode.Create); // Compare raw and decrypted files Assert.AreEqual(GetFileHash(file.fileInfo.FullName), GetFileHash(destinationFile)); // Download file again, without our library, to ensure it was actually encrypted string encryptedDestinationFile = file.fileInfo.FullName + "encrypted"; blob.DownloadToFile(encryptedDestinationFile, FileMode.Create); // Delete blob blob.DeleteIfExists(); // Compare raw and encrypted files Assert.AreNotEqual(GetFileHash(file.fileInfo.FullName), GetFileHash(encryptedDestinationFile)); // Cleanup if (File.Exists(destinationFile)) { File.Delete(destinationFile); } if (File.Exists(encryptedDestinationFile)) { File.Delete(encryptedDestinationFile); } } }
public static void UploadEncryptedFileSymmetric(string path, CloudBlobContainer container) { // Create a blob named after the file we are uploading CloudBlockBlob blob = container.GetBlockBlobReference("SymmetricUploadTest.jpg"); // Create an Azure Encryption Extensions symmetric encryption provider // We are not passing any key material so a 256-bit AES key will be generated for us. var provider = new SymmetricBlobCryptoProvider(); // Since we let the library generate a new key for us, we need to persist it somewhere // so we can decrypt our blob later. We can use a simple JSON storage format built into // the library to store our key on disk. // Remember: If we lose this key we can never retrieve our blob. provider.WriteKeyFile("symmetricKey.dat"); // Encrypt and upload the file to Azure, passing in our provider // The file will be prepended with a random IV and encrypted with AES256. // This 'Encrypted' extension method mirrors the native methods but takes a provider. blob.UploadFromFileEncrypted(provider, path, FileMode.Open); }
public void EncryptAndDecryptStreamTest() { // Make a key byte[] key; using (AesCryptoServiceProvider aes = new AesCryptoServiceProvider()) key = aes.Key; // Make a provider IBlobCryptoProvider symmetricProvider = new SymmetricBlobCryptoProvider(key); // In all cases we are READING from streams // (read from original, read from encrypted, read from decrypted). var encryptedStream = symmetricProvider.EncryptedStream(streamSample); var decryptedStream = symmetricProvider.DecryptedStream(encryptedStream); byte[] result = new byte[sampleStreamSize]; decryptedStream.Read(result, 0, result.Length); Assert.IsTrue( result.SequenceEqual(streamSample.ToArray()), "Decrypted data does not match original data"); }
public void BlockBlob_UploadDownload_Stream_KeyFileString() { // Prepare random memory stream Random random = new Random(); byte[] buffer = new byte[51200]; random.NextBytes(buffer); MemoryStream testStream = new MemoryStream(buffer); // Get a blob reference CloudStorageAccount storageAccount = CloudStorageAccount.DevelopmentStorageAccount; CloudBlobClient blobClient = storageAccount.CreateCloudBlobClient(); CloudBlobContainer container = blobClient.GetContainerReference("testcontainer"); container.CreateIfNotExists(); String blobId = Guid.NewGuid().ToString(); CloudBlockBlob blob = container.GetBlockBlobReference(blobId); // Create provider var provider = new SymmetricBlobCryptoProvider(); // Upload stream blob.UploadFromStreamEncrypted(provider, testStream); // Recreate provider from keyfile string var restoredProvider = ProviderFactory.CreateProviderFromKeyFileString(provider.ToKeyFileString()); // Download stream MemoryStream downloadedStream = new MemoryStream(); CloudBlockBlob blobRestored = container.GetBlockBlobReference(blobId); blobRestored.DownloadToStreamEncrypted(restoredProvider, downloadedStream); // Compare raw and decrypted streams Assert.IsTrue(testStream.ToArray().SequenceEqual(downloadedStream.ToArray())); // Download file again, without our library, to ensure it was actually encrypted MemoryStream encryptedStream = new MemoryStream(); blob.DownloadToStream(encryptedStream); // Delete blob blob.DeleteIfExists(); // Compare raw and encrypted streams Assert.IsFalse(testStream.ToArray().SequenceEqual(encryptedStream.ToArray())); }
public void BlockBlob_UploadDownload_File_Stream() { using (var file = new TemporaryFile(512)) { CloudStorageAccount storageAccount = CloudStorageAccount.DevelopmentStorageAccount; CloudBlobClient blobClient = storageAccount.CreateCloudBlobClient(); CloudBlobContainer container = blobClient.GetContainerReference("testcontainer"); container.CreateIfNotExists(); CloudBlockBlob blob = container.GetBlockBlobReference(file.fileInfo.Name); // Create provider var provider = new SymmetricBlobCryptoProvider(); // Upload file blob.UploadFromFileEncrypted(provider, file.fileInfo.FullName, FileMode.Open); // Download stream MemoryStream downloadedStream = new MemoryStream(); blob.DownloadToStreamEncrypted(provider, downloadedStream); // Compare raw and decrypted data Assert.AreEqual(GetFileHash(file.fileInfo.FullName), GetStreamHash(downloadedStream)); // Download file again, without our library, to ensure it was actually encrypted MemoryStream encryptedStream = new MemoryStream(); blob.DownloadToStream(encryptedStream); // Delete blob blob.DeleteIfExists(); } }
public void ToKeyFileStringAndBackTest() { IBlobCryptoProvider symmetricProvider = new SymmetricBlobCryptoProvider(); string keyString = symmetricProvider.ToKeyFileString(); IBlobCryptoProvider clonedProvider = ProviderFactory.CreateProviderFromKeyFileString(keyString); var encryptedStream = symmetricProvider.EncryptedStream(streamSample); var decryptedStream = clonedProvider.DecryptedStream(encryptedStream); byte[] result = new byte[sampleStreamSize]; decryptedStream.Read(result, 0, result.Length); Assert.IsTrue( result.SequenceEqual(streamSample.ToArray()), "Decrypted data does not match original data"); }