From 870d6063302d167ee852c6835fe28bc497682d98 Mon Sep 17 00:00:00 2001
From: Klaus Fischer <klaus.fischer@eloware.com>
Date: Thu, 7 Jul 2022 08:56:16 +0200
Subject: [PATCH] Ready to test
---
Encryption/FitEncryption.cs | 8 +++----
Encryption/IEncryptor.cs | 2 +-
Encryption/JoseEncryptor.cs | 4 ++--
EncryptionTests/EncryptionTests.csproj | 1 +
EncryptionTests/FileEncryptionTest.cs | 2 +-
EncryptionTests/JweTest.cs | 2 +-
...EncryptionWithSelfSignedCertificateTest.cs | 11 ++++------
.../SenderEncryptionWithoutCertificateTest.cs | 10 +++------
FitConnect/FluentSubscriber.cs | 21 +++++++++----------
FitConnect/Models/Submission.cs | 4 ++--
10 files changed, 29 insertions(+), 36 deletions(-)
diff --git a/Encryption/FitEncryption.cs b/Encryption/FitEncryption.cs
index 130cf855..911a5194 100644
--- a/Encryption/FitEncryption.cs
+++ b/Encryption/FitEncryption.cs
@@ -36,8 +36,8 @@ public class FitEncryption {
PublicKeyEncryption = keySet.PublicKeyEncryption;
PublicKeySignatureVerification = keySet.PublicKeySignatureVerification;
}
-
- public string Decrypt(string cypherText) {
+
+ public (string cypher, byte[] tag) Decrypt(string cypherText) {
if (PrivateKeyDecryption == null) {
throw new InvalidOperationException("PrivateKey is not provided");
}
@@ -50,7 +50,7 @@ public class FitEncryption {
throw new InvalidOperationException("PrivateKey is not provided");
}
- return _encryptor.Encrypt(plain, PrivateKeyDecryption);
+ return _encryptor.Encrypt( PrivateKeyDecryption, plain);
}
public string Encrypt(byte[] plain) {
@@ -58,6 +58,6 @@ public class FitEncryption {
throw new InvalidOperationException("PrivateKey is not provided");
}
- return _encryptor.Encrypt( PrivateKeyDecryption, plain);
+ return _encryptor.Encrypt(PrivateKeyDecryption, plain);
}
}
diff --git a/Encryption/IEncryptor.cs b/Encryption/IEncryptor.cs
index 636d2ae0..113cf579 100644
--- a/Encryption/IEncryptor.cs
+++ b/Encryption/IEncryptor.cs
@@ -7,6 +7,6 @@ namespace FitConnect.Encryption;
public interface IEncryptor {
public string Encrypt(string key, string plain);
- public string Decrypt(string key, string cipher);
+ public (string cypher, byte[] tag) Decrypt(string key, string cipher);
public string Encrypt(string key, byte[] plain);
}
\ No newline at end of file
diff --git a/Encryption/JoseEncryptor.cs b/Encryption/JoseEncryptor.cs
index af233555..5851f869 100644
--- a/Encryption/JoseEncryptor.cs
+++ b/Encryption/JoseEncryptor.cs
@@ -20,9 +20,9 @@ public class JoseEncryptor : IEncryptor {
return Encrypt(jwk, plain);
}
- public string Decrypt(string key, string cipher) {
+ public (string cypher, byte[] tag) Decrypt(string key, string cipher) {
var jwk = Jwk.FromJson(key, new Jose.JsonMapper());
- return Decrypt(jwk, cipher).cypher;
+ return Decrypt(jwk, cipher);
}
public string Encrypt(string key, byte[] plain) {
diff --git a/EncryptionTests/EncryptionTests.csproj b/EncryptionTests/EncryptionTests.csproj
index 0df409b4..6d8174f8 100644
--- a/EncryptionTests/EncryptionTests.csproj
+++ b/EncryptionTests/EncryptionTests.csproj
@@ -25,6 +25,7 @@
</ItemGroup>
<ItemGroup>
+ <Folder Include="assets" />
<Folder Include="Certificates" />
</ItemGroup>
diff --git a/EncryptionTests/FileEncryptionTest.cs b/EncryptionTests/FileEncryptionTest.cs
index 76c15b9e..75660b83 100644
--- a/EncryptionTests/FileEncryptionTest.cs
+++ b/EncryptionTests/FileEncryptionTest.cs
@@ -8,7 +8,7 @@ namespace SenderTest;
public class FileEncryptionTest {
private byte[] sourceFile = null!;
private FitEncryption _encryption;
- private byte[] _encryptedFile;
+ private string _encryptedFile;
[SetUp]
public void Setup() {
diff --git a/EncryptionTests/JweTest.cs b/EncryptionTests/JweTest.cs
index 0d16ac69..2a52b3b9 100644
--- a/EncryptionTests/JweTest.cs
+++ b/EncryptionTests/JweTest.cs
@@ -45,6 +45,6 @@ public class JweTest {
// Assert
- plain.Should().Be(dummyText);
+ plain.cypher.Should().Be(dummyText);
}
}
diff --git a/EncryptionTests/SenderEncryptionWithSelfSignedCertificateTest.cs b/EncryptionTests/SenderEncryptionWithSelfSignedCertificateTest.cs
index 19e25d49..47f53817 100644
--- a/EncryptionTests/SenderEncryptionWithSelfSignedCertificateTest.cs
+++ b/EncryptionTests/SenderEncryptionWithSelfSignedCertificateTest.cs
@@ -13,7 +13,7 @@ namespace SenderTest;
[Ignore("Encryption strategy does not match the one used on server")]
public class SenderEncryptionWithSelfSignedCertificateTest {
private const string ToEncrypt = "This is a test message";
- private static byte[]? cypher;
+ private static string? cypher;
private X509Certificate2 _certificate = null!;
private ILogger<SenderEncryptionWithSelfSignedCertificateTest> _logger = null!;
private Sender _sender = null!;
@@ -52,16 +52,13 @@ public class SenderEncryptionWithSelfSignedCertificateTest {
public void CryptWithOutPublicKeyImport() {
cypher = _sender.Encryption.Encrypt(Encoding.UTF8.GetBytes(ToEncrypt));
- _logger.LogInformation("Cypher: {}", Convert.ToBase64String(cypher));
+ _logger.LogInformation("Cypher: {}", cypher);
}
[Test]
[Order(20)]
public void Decrypt_ResultShouldMatchToEncrypt() {
- var result = _sender.Encryption.Decrypt(cypher!);
- Encoding.UTF8.GetString(result).Should().Be(ToEncrypt);
+ var (result, tag) = _sender.Encryption.Decrypt(cypher!);
+ result.Should().Be(ToEncrypt);
}
-
-
-
}
diff --git a/EncryptionTests/SenderEncryptionWithoutCertificateTest.cs b/EncryptionTests/SenderEncryptionWithoutCertificateTest.cs
index 2ae2dd76..a77c902f 100644
--- a/EncryptionTests/SenderEncryptionWithoutCertificateTest.cs
+++ b/EncryptionTests/SenderEncryptionWithoutCertificateTest.cs
@@ -33,19 +33,15 @@ public class SenderEncryptionWithoutCertificateTest {
[Order(10)]
public void EncryptData_ShouldNotThrowAnyException() {
var cypher = _sender.Encryption.Encrypt(Encoding.UTF8.GetBytes(ToEncrypt));
-
- _cypherText = Convert.ToBase64String(cypher);
- _logger.LogInformation("Cypher: {}", _cypherText);
+ _logger.LogInformation("Cypher: {}", cypher);
}
[Test]
[Order(20)]
public void DecryptData_ShouldMatchToEncrypt() {
- var cypher = Convert.FromBase64String(_cypherText);
- var plain = _sender.Encryption.Decrypt(cypher);
+ var (plain, tag) = _sender.Encryption.Decrypt(_cypherText);
- Encoding.UTF8.GetString(plain).Should().Be(ToEncrypt);
+ plain.Should().Be(ToEncrypt);
}
-
}
diff --git a/FitConnect/FluentSubscriber.cs b/FitConnect/FluentSubscriber.cs
index 60bf3342..86785e23 100644
--- a/FitConnect/FluentSubscriber.cs
+++ b/FitConnect/FluentSubscriber.cs
@@ -61,15 +61,16 @@ public class FluentSubscriber : Subscriber,
Authenticate(Owner.ClientId, Owner.ClientSecret);
var submission = (Submission)SubmissionService.GetSubmission(submissionId);
- var metaDataString = Encryption.Decrypt(submission.EncryptedMetadata);
- if (metaDataString != null)
- submission.Metadata =
- JsonConvert.DeserializeObject<Metadata>(metaDataString);
+ var (metaDataString, metaHash) = Encryption.Decrypt(submission.EncryptedMetadata);
+ submission.Metadata =
+ JsonConvert.DeserializeObject<Metadata>(metaDataString);
- var dataString = Encryption.Decrypt(submission.EncryptedData);
- if (dataString != null)
+ if (submission.EncryptedData != null) {
+ var (dataString, dataHash) = Encryption.Decrypt(submission.EncryptedData);
submission.Data =
JsonConvert.DeserializeObject<Data>(dataString);
+ }
+
Submission = submission;
return this;
}
@@ -90,13 +91,11 @@ public class FluentSubscriber : Subscriber,
foreach (var id in Submission!.Attachments.Select(a => a.Id)) {
var encryptedAttachment = SubmissionService.GetAttachment(Submission.Id, id);
- var content = _encryption.Decrypt(Convert.FromBase64String(encryptedAttachment));
+ var (content, hash) = _encryption.Decrypt(encryptedAttachment);
- // TODO where do I get the hash from the server to verify the attachment?
- var hash = MD5.Create(HashAlgorithmName.SHA512.ToString())?.ComputeHash(content) ??
- Array.Empty<byte>();
- attachments.Add(new Attachment(id, content, Convert.ToBase64String(hash), "dummy.pdf"));
+ attachments.Add(new Attachment(id, Convert.FromBase64String(content),
+ Convert.ToBase64String(hash), "dummy.pdf"));
}
Submission.Attachments = attachments;
diff --git a/FitConnect/Models/Submission.cs b/FitConnect/Models/Submission.cs
index 57b96428..59fc2ff9 100644
--- a/FitConnect/Models/Submission.cs
+++ b/FitConnect/Models/Submission.cs
@@ -32,8 +32,8 @@ public class Submission {
public Callback? Callback { get; set; }
public Metadata? Metadata { get; set; }
public Data? Data { get; set; }
- public string EncryptedMetadata { get; set; }
- public string EncryptedData { get; set; }
+ public string? EncryptedMetadata { get; set; }
+ public string? EncryptedData { get; set; }
public bool IsSubmissionReadyToAdd(out string? error) {
var innerError = "";
--
GitLab