Simplfying Crypto example (#1442)

* Fixed bad console output showing encrypted bytes Signed-off-by: Whit Waldo <[email protected]> * Simplified example so it doesn't require an Azure Key Vault instance and just uses a local set of keys Signed-off-by: Whit Waldo <[email protected]> * Updated README to include instructions for generating the private key Signed-off-by: Whit Waldo <[email protected]> * Added private RSA key to project for users that lack OpenSSL on their system - updated README to include warning calling out that this key shouldn't be used for anything but demonstration and testing purposes. Signed-off-by: Whit Waldo <[email protected]> --------- Signed-off-by: Whit Waldo <[email protected]>
dapr · Jan 14, 2025 · ef54d75 · ef54d75
1 parent 01b4833
commit ef54d75
Show file tree

Hide file tree

Showing 8 changed files with 90 additions and 49 deletions.
diff --git a/examples/Client/Cryptography/Components/azurekeyvault.yaml b/examples/Client/Cryptography/Components/azurekeyvault.yaml
diff --git a/examples/Client/Cryptography/Components/env-secretstore.yaml b/examples/Client/Cryptography/Components/env-secretstore.yaml
diff --git a/examples/Client/Cryptography/Components/local-storage.yaml b/examples/Client/Cryptography/Components/local-storage.yaml
@@ -0,0 +1,11 @@
+apiVersion: dapr.io/v1alpha1
+kind: Component
+metadata:
+  name: localstorage
+spec:
+  type: crypto.dapr.localstorage
+  version: v1
+  metadata:
+    - name: path
+      # Path is relative to the folder where the example is located
+      value: ./keys
diff --git a/examples/Client/Cryptography/Examples/EncryptDecryptFileStreamExample.cs b/examples/Client/Cryptography/Examples/EncryptDecryptFileStreamExample.cs
@@ -17,16 +17,13 @@
 
 namespace Cryptography.Examples
 {
-    internal class EncryptDecryptFileStreamExample : Example
+    internal class EncryptDecryptFileStreamExample(string componentName, string keyName) : Example
     {
         public override string DisplayName => "Use Cryptography to encrypt and decrypt a file";
         public override async Task RunAsync(CancellationToken cancellationToken)
         {
             using var client = new DaprClientBuilder().Build();
 
-            const string componentName = "azurekeyvault"; // Change this to match the name of the component containing your vault
-            const string keyName = "myKey";
-
             // The name of the file we're using as an example
             const string fileName = "file.txt";
 
@@ -35,7 +32,6 @@ public override async Task RunAsync(CancellationToken cancellationToken)
             {
                 Console.WriteLine(line);
             }
-            Console.WriteLine();
 
             //Encrypt from a file stream and buffer the resulting bytes to an in-memory buffer
             await using var encryptFs = new FileStream(fileName, FileMode.Open);
@@ -48,8 +44,8 @@ public override async Task RunAsync(CancellationToken cancellationToken)
                 bufferedEncryptedBytes.Write(bytes.Span);
             }
 
-            Console.WriteLine($"Encrypted bytes: {Convert.ToBase64String(bufferedEncryptedBytes.GetSpan())}");
-            Console.WriteLine();
+            Console.WriteLine("Encrypted bytes:");
+            Console.WriteLine(Convert.ToBase64String(bufferedEncryptedBytes.WrittenMemory.ToArray()));
 
             //We'll write to a temporary file via a FileStream
             var tempDecryptedFile = Path.GetTempFileName();
@@ -67,7 +63,7 @@ public override async Task RunAsync(CancellationToken cancellationToken)
 
             //Let's confirm the value as written to the file
             var decryptedValue = await File.ReadAllTextAsync(tempDecryptedFile, cancellationToken);
-            Console.WriteLine($"Decrypted value: ");
+            Console.WriteLine("Decrypted value: ");
             Console.WriteLine(decryptedValue);
 
             //And some cleanup to delete our temp file

diff --git a/examples/Client/Cryptography/Examples/EncryptDecryptStringExample.cs b/examples/Client/Cryptography/Examples/EncryptDecryptStringExample.cs
@@ -17,17 +17,13 @@
 
 namespace Cryptography.Examples
 {
-    internal class EncryptDecryptStringExample : Example
+    internal class EncryptDecryptStringExample(string componentName, string keyName) : Example
     {
         public override string DisplayName => "Using Cryptography to encrypt and decrypt a string";
 
         public override async Task RunAsync(CancellationToken cancellationToken)
         {
             using var client = new DaprClientBuilder().Build();
-
-            const string componentName = "azurekeyvault"; //Change this to match the name of the component containing your vault
-            const string keyName = "myKey"; //Change this to match the name of the key in your Vault
-
 
             const string plaintextStr = "This is the value we're going to encrypt today";
             Console.WriteLine($"Original string value: '{plaintextStr}'");
@@ -40,7 +36,7 @@ public override async Task RunAsync(CancellationToken cancellationToken)
             Console.WriteLine($"Encrypted bytes: '{Convert.ToBase64String(encryptedBytesResult.Span)}'");
 
             //Decrypt the string
-            var decryptedBytes = await client.DecryptAsync(componentName, encryptedBytesResult, keyName, new DecryptionOptions(), cancellationToken);
+            var decryptedBytes = await client.DecryptAsync(componentName, encryptedBytesResult, keyName, cancellationToken);
             Console.WriteLine($"Decrypted string: '{Encoding.UTF8.GetString(decryptedBytes.ToArray())}'");
         }
     }

diff --git a/examples/Client/Cryptography/Program.cs b/examples/Client/Cryptography/Program.cs
@@ -17,10 +17,13 @@ namespace Cryptography
 {
     class Program
     {
+        private const string ComponentName = "localstorage";
+        private const string KeyName = "rsa-private-key.pem"; //This should match the name of your generated key - this sample expects an RSA symmetrical key.
+
         private static readonly Example[] Examples = new Example[]
         {
-            new EncryptDecryptStringExample(),
-            new EncryptDecryptFileStreamExample()
+            new EncryptDecryptStringExample(ComponentName, KeyName),
+            new EncryptDecryptFileStreamExample(ComponentName, KeyName)
         };
 
         static async Task<int> Main(string[] args)
@@ -34,7 +37,7 @@ static async Task<int> Main(string[] args)
                 return 0;
             }
 
-            Console.WriteLine("Hello, please choose a sample to run:");
+            Console.WriteLine("Hello, please choose a sample to run by passing your selection's number into the arguments, e.g. 'dotnet run 0':");
             for (var i = 0; i < Examples.Length; i++)
             {
                 Console.WriteLine($"{i}: {Examples[i].DisplayName}");

diff --git a/examples/Client/Cryptography/README.md b/examples/Client/Cryptography/README.md
@@ -50,6 +50,21 @@ button. Ensuring that the "User, group or service principal" option is selected,
 Add to add this service principal to the list of members for the new role assignment and click Review + Assign twice to assign the role. This will take effect within a few seconds 
 or minutes. This step ensures that while Dapr can authenticate as your service principal, that it also has permission to access and use the key in your Key Vault.
 
+## Generating the Keys
+This sample requires a private RSA key to be generated and placed in the `/keys` directory within the project. 
+If you have OpenSSL installed on your machine, you can generate the key by navigating first
+into the project directory and then running the following command:
+
+```bash
+# Generates a private RSA 40960-bit key named 'rsa-private-key.pem'
+openssl genpkey -algorithm RSA -pkeyopt rsa_keygen_bits:4096 -out keys/rsa-private-key.pem
+```
+
+> **WARNING: This RSA key is included in this project strictly for demonstration and testing purposes.**
+> - Do **NOT** use this key in any production environment or for any real-world applications.
+> - This key is publicly available and should be considered compromised.
+> - Generating and using your own secure keys is essential for maintaining security in your projects.
+
 ## Running the example
 
 To run the sample locally, run this command in the DaprClient directory:

diff --git a/examples/Client/Cryptography/keys/rsa-private-key.pem b/examples/Client/Cryptography/keys/rsa-private-key.pem
@@ -0,0 +1,52 @@
+-----BEGIN PRIVATE KEY-----
+MIIJQQIBADANBgkqhkiG9w0BAQEFAASCCSswggknAgEAAoICAQC0URLpxZCqDv7S
+WfROh2Kei4VCEayNu/TK3NaD/QlIpip1rrsPKgTfTOZoRmkmG0Qj59srEJi2GEhL
+xpjvRQpA/C/OS+KELU8AeGrqHw7uN/a99NkoAr+zYDCyY9yckPeC5wGxc0/Q6HQT
+mWp+YcpR9wFO0PmTVlObssibagjjRNX7z/ZosecOOqjnAqlnYoHMavvoCD5fxM7y
+cm7so0JWooXwVaZKgehBEBg1W5F0q5e9ssAQk3lY6IUd5sOskiylTNf/+3r1JU0j
+YM8ik3a1/dyDALVXpLSfz7FM9VEj4QjiPF4UuXeBHPDFFiKWbiKfbjqvZ2Sz7Gl7
+c5rTk1Fozpr70E/wihrrv22Mxs0sEPdtemQgHXroQfRW8K4FhI0WHs7tR2gVxLHu
+OAU9LzCngz4yITh1eixVDmm/B5ZtNVrTQmaY84vGqhrFp+asyFNiXbhUAcT7D/q6
+w/c4aQ635ntCFSPYpWvhKqrqVDsoanD/5AWfc3+6Ek2/GVMyEQq+9tnCMM10EVSX
+8PsoAWHESDFude5zkHzn7IKy8mh6lfheEbBI5zN9z7WGexyiBgljmyUHXx6Pd8Uc
+yxpLRm94kynkDXD9SapQLzXmz+D+X/OYeADMIDWlbdXiIb1+2Q62H1lo6n10KVP7
+oEr8BHvcMFY89kwK4lKscUupn8xkzwIDAQABAoICACDuu78Rc8Hzeivt/PZIuMTP
+I5f1BWhffy571fwGP2dS3edfcc+rs3cbIuvBjFvG2BOcuYUsg0+isLWSQIVWvTAw
+PwT1DBpq8gZad+Bpqr7sXrbD3NN3aQ64TzyNi5HW0jXIviDsOBQmGGkp+G67qol8
+zPLZrPNxbVS++u+Tlqr3fAOBMHZfo50QLp/+dvUoYx90HKz8sHOqTMewCb1Tdf6/
+sSm7YuMxxbr4VwuLvU2rN0wQtQ5x+NQ5p3JWHr/KdLf+CGc6xXK3jNaczEf62dAU
+XO1aOESZEtorQy0Ukuy0IXy8XMx5MS/WGs1MJSYHWHB43+QARL6tu3guHYVt3wyv
+W6YTglQsSKc6uuK4JTZOx1VYZjjnSdeY/xiUmZGYp4ZiC9p8b9NvXmZT2EwqhCVt
+4OTcX4lkwGAsKcoEdLHi0K5CbBfYJsRgVVheDjP0xUFjCJCYqfqo2rE5YMXMTeY7
+clYEOXKGxwuy1Iu8nKqtWAV5r/eSmXBdxBqEBW9oxJfnnwNPG+yOk0Qkd1vaRj00
+mdKCOjgB2fOuPX2JRZ2z41Cem3gqhH0NQGrx3APV4egGrYAMClasgtZkUeUOIgK5
+xLlC/6svuHNyKXAKFpOubEy1FM8jz7111eNHxHRDP3+vH3u4CfAD2Sl+VDZdg51i
+WmVpT+B/DrnlHVSP2/XNAoIBAQD7F49oSdveKuO/lAyqkE9iF61i09G0b0ouDGUI
+qx+pd5/8vUcqi4upCxz+3AqMPWZRIqOyo8EUP7f4rSJrXn8U2SwnFfi4k2jiqmEA
+Wr0b8z5P1q5MH6BtVDa0Sr1R8xI9s3UgIs4pUKgBoQu9+U4Du4NSucQFcea8nIVY
+lLCqQcRhz8bCJPCNuHay5c77kK3Te197KPMasNurTNMOJcPMG95CZLB8Clf4A+pw
+fixvA1/fE4mFo1L7Ymxoz5lFYVWOTY9hh50Kqz57wxw4laU4ii+MaJj+YHuNR83N
+cO6FztUYKMR8BPgtl3/POTHTofSg7eIOiUYwcfRr6jbMWlsDAoIBAQC311xiMpho
+Hvdcvp3/urrIp2QhdD05n6TnZOPkpnd9kwGku2RA+occDQOg/BzADVwJaR/aE97F
+jbfRlfBesTZlUec0EwjKIFbeYh+QS/RmjQe9zpPQWMo1M7y0fMWU+yXRUcNBpcuy
+R6KlphK0k4xFkIAdC3QHmJQ0XvOpqvrhFy3i/Prc5Wlg29FYBBTAF0WZCZ4uCG34
+D0eG0CNaf8w9g9ClbU6nGLBCMcgjEOPYfyrJaedM+jXennLDPG6ySytrGwnwLAQc
+Okx+SrIiNHUpQGKteT88Kdpgo3F4KUX/pm84uGdxrOpDS7L0T9/G4CbjzCe1nHeS
+fJJsw5JN+Z9FAoIBAGn5S6FsasudtnnI9n+WYKq564fmdn986QX+XTYHY1mXD4MQ
+L9UZCFzUP+yg2iLOVzyvLf/bdUYijnb6O6itPV2DO0tTzqG4NXBVEJOhuGbvhsET
+joS6ZG9AN8ZoNPc9a9l2wFxL1E9Dp2Ton5gSfIa+wXJMzRqvM/8u4Gi+eMGi+Et/
+8hdGl/B4hkCDFZS/P14el/HXGqONOWlXB0zVS4n9yRSkgogXpYEbxfqshfxkpDX2
+fPhWMlO++ppR5BKQPhfNTFKRdgpms/xwIJ0RK6ZtTBwqmUfjWMIMKCQpIcJ/xRhp
+PGRLhKNZaawAK7Nyi1jQjbQs497WeZ6CP5aIHBkCggEALHyl83FQ5ilQLJZH/6E9
+H9854MqTIkWajxAgAa2yzqVrSWS7XuoBFe2kSimX/3V8Jx7UQV57kwy3RbVl5FQ3
+2I7YRwawItFulAPkpXNr4gEQtYKuzEUgMX2ilX54BZQ804lYmaM4Rp0FI9arQh1O
+XWsZRW4HFut6Oa4cgptIeH22ce5L+nZdaL3oy8a5Cr7W7bChIXySt+tioKHvXC/+
+yYgDTnTECrVzuaD4UFv+9t3XCcRh34PQ010+YjZWhzifehyh7AeKuxX0er8ymgpd
+q6zT9CyZ+8IZATer9qruMG4jDfO5vI1eZwiDdpF5klOdtZQqq80ANmeEu2McHVhh
+jQKCAQBbohPxMb3QYdukGp8IsIF04GfnTgaDbRgl4KeUyzdBN3nzvCKK0HDluptR
+4Ua64JksGG24gsTBy6yuQoGRCG0LJe0Ty3TRRnvZ8MpADoNMObspMSC8n8kk6ps+
+SoG1U9t6HYlIgQagvTc7mTmCmwYX1zlCoZp24yz5pDkKxqoPFDtrGlXxeUgOhpDT
+Mzi+DNTz9sH9vod4ibQiOseUxITwQpXHTJVrtNfvva6xjlhq+GGCuKIUwkUKOvBC
+ds7SR9demn69aWCyzXqD1cTnmxtn6bNPukwowg7a07ieUyKftcJ1icOWQ/bdQkEf
+dV1dhNiQEnqs4vDBVn40dnTKSSG2
+-----END PRIVATE KEY-----