public void EncryptDecrypt_ValidPasswordSalt_AreEqual() { AesCryptography aes = new AesCryptography(); byte[] cipherText = aes.Encrypt(SecurityIds.Password, Encoding.UTF8.GetBytes(SecurityIds.Salt), Encoding.UTF8.GetBytes(CLEAR_TEXT)); byte[] inClearText = aes.Decrypt(SecurityIds.Password, Encoding.UTF8.GetBytes(SecurityIds.Salt), cipherText); Assert.AreEqual(CLEAR_TEXT, Encoding.UTF8.GetString(inClearText)); try { // Now let's do some tampering... cipherText[30]++; aes.Decrypt(SecurityIds.Password, Encoding.UTF8.GetBytes(SecurityIds.Salt), cipherText); Assert.Fail("The 'Decrypt' method did not throw an exception eventhough data was tamered with!"); } catch (Exception ex) { Assert.IsTrue(ex is CryptographicException); } }
public void EncryptDecrypt_TamperingEncryptedData_ThrowsCryptographicException() { AesCryptography aes = new AesCryptography(); byte[] cipherText = aes.Encrypt(SecurityIds.Password, Encoding.UTF8.GetBytes(SecurityIds.Salt), Encoding.UTF8.GetBytes(CLEAR_TEXT)); byte[] inClearText = aes.Decrypt(SecurityIds.Password, Encoding.UTF8.GetBytes(SecurityIds.Salt), cipherText); // Now let's do some tampering... cipherText[30]++; aes.Decrypt(SecurityIds.Password, Encoding.UTF8.GetBytes(SecurityIds.Salt), cipherText); }