feat(AsymCryptService): Vault.get RSADecryptor hinzugefügt

- Optionen aktualisiert, um Vault-Parameter hinzufügen zu können. Wenn es null ist, ist Vault der erste Entschlüsseler. - Standard-Entschlüssler entfernt.
2024-12-16 12:56:30 +01:00 · 2024-12-16 12:56:30 +01:00 · 4aacc3f650
commit 4aacc3f650
parent f40c86ed63
4 changed files with 21 additions and 9 deletions
--- a/DigitalData.Core.Abstractions/Security/IAsymCryptService.cs
+++ b/DigitalData.Core.Abstractions/Security/IAsymCryptService.cs
@ -4,7 +4,7 @@
    {
        IEnumerable<IRSADecryptor> Decryptors { get; }

-        IRSADecryptor Default { get; }
+        IRSADecryptor Vault { get; }

        IRSADecryptor this[string key] { get; }

--- a/DigitalData.Core.Security/AsymCryptService.cs
+++ b/DigitalData.Core.Security/AsymCryptService.cs
@ -10,14 +10,12 @@ namespace DigitalData.Core.Security
    public class AsymCryptService<TAsymCryptParams> : RSAFactory<TAsymCryptParams>, IAsymCryptService<TAsymCryptParams>, IRSAFactory<TAsymCryptParams>, IEnumerable<IRSADecryptor>
        where TAsymCryptParams : AsymCryptParams
    {
-        public IEnumerable<IRSADecryptor> Decryptors => _params.Decryptors;
+        public IEnumerable<IRSADecryptor> Decryptors { get; }
        
-        public IRSADecryptor Default => Decryptors.FirstOrDefault()
-            ?? throw new InvalidOperationException(
-                "No default decryptor is available. Ensure that at least one decryptor is configured in the provided parameters. " +
-                "This issue typically arises if the configuration for decryptors is incomplete or missing. " +
-                "Check the 'Decryptors' collection in the configuration and verify that it contains valid entries."
-            );
+        /// <summary>
+        /// It is a separate decryptor for permanently stored encrypted data. It is assigned to the first Default decryptor by default.
+        /// </summary>
+        public IRSADecryptor Vault { get; }

        public IRSADecryptor this[string key]
        {
@ -36,6 +34,17 @@ namespace DigitalData.Core.Security
        public AsymCryptService(IOptions<TAsymCryptParams> options, ILogger<AsymCryptService<TAsymCryptParams>>? logger = null) : base(options)
        {
            logger?.LogInformation("Core.Secrets version: {Version}, Created on: {CreationDate}.", Secrets.Version, Secrets.CreationDate.ToString("dd.MM.yyyy"));
+
+            if (!_params.Decryptors.Any())
+                throw new InvalidOperationException(
+                    "Any decryptor is not found. Ensure that at least one decryptor is configured in the provided parameters. " +
+                    "This issue typically arises if the configuration for decryptors is incomplete or missing. " +
+                    "Check the 'Decryptors' collection in the configuration and verify that it contains valid entries."
+                );
+
+            Decryptors = _params.Decryptors;
+
+            Vault = _params.Vault ?? Decryptors.First();
        }

        public IEnumerator<IRSADecryptor> GetEnumerator() => Decryptors.GetEnumerator();
--- a/DigitalData.Core.Security/Config/AsymCryptParams.cs
+++ b/DigitalData.Core.Security/Config/AsymCryptParams.cs
@ -36,6 +36,8 @@ namespace DigitalData.Core.Security.Config

        public IEnumerable<RSADecryptor> Decryptors { get; init; } = new List<RSADecryptor>();

+        public RSADecryptor? Vault { get; init; }
+
        public override void OnDeserialized()
        {
            base.OnDeserialized();
--- a/DigitalData.Core.Security/Cryptographer/RSACryptographer.cs
+++ b/DigitalData.Core.Security/Cryptographer/RSACryptographer.cs
@ -3,6 +3,7 @@ using System.Security.Cryptography;

 namespace DigitalData.Core.Security.Cryptographer
 {
+    //TODO: Abstract RSA for future updates (using ECC, El Gamal or Lattice-based Cryptography)
    public class RSACryptographer : IRSACryptographer
    {
        public virtual string Pem { get; init; }