feat (CryptFactory.RSADecryptorKeyFormatter): aktualisiert, um die erforderlichen Parameter als Eingabe zu nehmen, anstatt IRSADecryptor direkt als Eingabe zu nehmen

2024-11-20 16:37:09 +01:00 · 2024-11-20 16:37:09 +01:00 · 0ff0de8159
commit 0ff0de8159
parent 49b49271f3
3 changed files with 29 additions and 11 deletions
--- a/DigitalData.Core.Abstractions/Security/ICryptFactory.cs
+++ b/DigitalData.Core.Abstractions/Security/ICryptFactory.cs
@ -18,7 +18,19 @@ namespace DigitalData.Core.Abstractions.Security
        string EncryptedPrivateKeyPemLabel { get; init; }
-        Func<IRSADecryptor, string, string, string, string> RSADecryptorKeyFormatter { get; }
+        /// <summary>
        /// Gets the formatter function for generating RSA key names.
        /// This formatter takes an issuer, audience, isPrivate, and optional version and separator
        /// to produce a formatted string used for the key naming convention.
        /// </summary>
        /// <param name="issuer">A string representing the issuer of the key. It should not contain invalid file name characters or the separator.</param>
        /// <param name="audience">A string representing the audience for which the key is intended. It should not contain invalid file name characters or the separator.</param>
        /// <param name="isPrivate">An bool to check if the key is private.</param>
        /// <param name="version">An instance of the <see cref="Version?"/> interface, which is used to keep the version of Pbe password.</param>
        /// <param name="separator">An optional string separator used to separate the issuer and audience. The default is "-_-". It should not be included in the issuer or audience strings.</param>
        /// <returns>A formatted string combining the issuer, audience, and separator, which adheres to valid file naming rules.</returns>
        /// <exception cref="ArgumentException">Thrown when the issuer, audience, or separator contains invalid characters or when the separator is present within the issuer or audience.</exception>
        Func<string, string, bool, Version?, string, string> RSAKeyNameFormatter { get; }
        string CreateRSAPrivateKeyPem(int? keySizeInBits = null);
--- a/DigitalData.Core.Security/CryptFactory.cs
+++ b/DigitalData.Core.Security/CryptFactory.cs
@ -10,13 +10,13 @@ namespace DigitalData.Core.Security
        public IRSADecryptor this[string key] { get => _decryptors[key]; set => _decryptors[key] = value; }
-        public Func<IRSADecryptor, string, string, string, string> RSADecryptorKeyFormatter { get; }
+        public Func<string, string, bool, Version?, string, string> RSAKeyNameFormatter { get; }
-        public CryptFactory(ILogger<CryptFactory> logger, IDictionary<string, IRSADecryptor> decryptors, Func<IRSADecryptor, string, string, string, string> rsaDecryptorKeyFormatter) : base()
+        public CryptFactory(ILogger<CryptFactory> logger, IDictionary<string, IRSADecryptor> decryptors, Func<string, string, bool, Version?, string, string> rsaKeyNameFormatter) : base()
        {
            _decryptors = decryptors ?? new Dictionary<string, IRSADecryptor>();
-            RSADecryptorKeyFormatter = rsaDecryptorKeyFormatter;
+            RSAKeyNameFormatter = rsaKeyNameFormatter;
            logger?.LogInformation("Core.Secrets version: {Version}, Created on: {CreationDate}.", Secrets.Version, Secrets.CreationDate.ToString("dd.MM.yyyy"));
        }
@ -31,10 +31,12 @@ namespace DigitalData.Core.Security
        public static readonly IEnumerable<string> KeyFileTags = new string[] { DefaultEncryptedPrivateKeyFileTag, DefaultPrivateKeyFileTag, DefaultPublicKeyFileTag };
        public static readonly string PEMFileExtension = ".pem";
        private static readonly Lazy<IEnumerable<string>> LazyLowerFileTags = new(() => KeyFileTags.Select(tag => tag.ToLower()));
        //TODO: make the validation using regex
-        public static string DefaultRSADecryptorKeyFormatter(IRSADecryptor decryptor, string issuer, string audience, string separator = "-_-")
+        public static string DefaultRSAKeyNameFormatter(string issuer, string audience, bool isPrivate = true, Version? passwordVersion = null, string separator = "-_-")
        {
            void ValidateForbidden(string value, string paramName)
            {
@ -58,12 +60,16 @@ namespace DigitalData.Core.Security
            var sb = new StringBuilder(issuer.Length + audience.Length + separator.Length * 2 + 20);
            sb.Append(issuer).Append(separator).Append(audience).Append(separator);
-            if (decryptor.HasEncryptedPem)
+            if (passwordVersion is null && isPrivate)
-                sb.Append("e-private").Append(separator).Append(decryptor.PasswordVersion);
+                sb.Append(DefaultPrivateKeyFileTag);
            else if(isPrivate)
                sb.Append(DefaultEncryptedPrivateKeyFileTag).Append(separator).Append(passwordVersion);
            else if(passwordVersion is null)
                sb.Append(DefaultPublicKeyFileTag);
            else
-                sb.Append("private");
+                sb.Append(DefaultPublicKeyFileTag).Append(separator).Append(passwordVersion);
-            var rsaKey = sb.Append(".pem").ToString();                      
+            var rsaKey = sb.Append(PEMFileExtension).ToString();
            return rsaKey;
        }
--- a/DigitalData.Core.Security/RSADecryptor.cs
+++ b/DigitalData.Core.Security/RSADecryptor.cs
@ -17,7 +17,7 @@ namespace DigitalData.Core.Security
        private string? _password;
-        public Version? PasswordVersion { get; private init; }
+        public Version? PasswordVersion { get; private init; } = null;
        public bool HasEncryptedPem => _password is not null;