AppStd/DigitalData.Core
Template
8
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

refactor(IRSADecryptor): Umbenennung in IAsymmetricPrivateKey

Browse Source
This commit is contained in:
Developer 02 2025-01-07 11:16:12 +01:00
parent 4f96d271f3
commit 5e1bf16b6d
10 changed files with 19 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
DigitalData.Core.Abstractions/Security/IAsymCryptHandler.cs
View File

@ -2,9 +2,9 @@
{ {
public interface IAsymCryptHandler : IRSAFactory public interface IAsymCryptHandler : IRSAFactory
{ {
IEnumerable<IRSADecryptor> Decryptors { get; } IEnumerable<IAsymmetricPrivateKey> PrivateKeys { get; }
IRSADecryptor Vault { get; } IAsymmetricPrivateKey VaultPrivateKey { get; }
IEnumerable<IRSAEncryptor> Encryptors { get; } IEnumerable<IRSAEncryptor> Encryptors { get; }
} }

2
DigitalData.Core.Abstractions/Security/IRSADecryptor.cs → DigitalData.Core.Abstractions/Security/IAsymmetricPrivateKey.cs
View File

@ -2,7 +2,7 @@
namespace DigitalData.Core.Abstractions.Security namespace DigitalData.Core.Abstractions.Security
{ {
public interface IRSADecryptor : IAsymmetricKey public interface IAsymmetricPrivateKey : IAsymmetricKey
{ {
public bool IsEncrypted { get; init; } public bool IsEncrypted { get; init; }

2
DigitalData.Core.Abstractions/Security/IRSAFactory.cs
View File

@ -18,6 +18,6 @@ namespace DigitalData.Core.Abstractions.Security
int? keySizeInBits = null, int? keySizeInBits = null,
string? password = null); string? password = null);
IRSADecryptor CreateDecryptor(string pem, string? issuer = null, string? audience = null, bool encrypt = false, RSAEncryptionPadding? padding = null); IAsymmetricPrivateKey CreatePrivateKey(string pem, string? issuer = null, string? audience = null, bool encrypt = false, RSAEncryptionPadding? padding = null);
} }
} }

12
DigitalData.Core.Security/AsymCryptHandler.cs
View File

@ -8,12 +8,12 @@ namespace DigitalData.Core.Security
{ {
public class AsymCryptHandler : RSAFactory<AsymCryptParams>, IAsymCryptHandler, IRSAFactory public class AsymCryptHandler : RSAFactory<AsymCryptParams>, IAsymCryptHandler, IRSAFactory
{ {
public IEnumerable<IRSADecryptor> Decryptors { get; } public IEnumerable<IAsymmetricPrivateKey> PrivateKeys { get; }
/// <summary> /// <summary>
/// It is a separate decryptor for permanently stored encrypted data. It is assigned to the first Default decryptor by default. /// It is a separate decryptor for permanently stored encrypted data. It is assigned to the first Default decryptor by default.
/// </summary> /// </summary>
public IRSADecryptor Vault { get; } public IAsymmetricPrivateKey VaultPrivateKey { get; }
private readonly Lazy<IEnumerable<IRSAEncryptor>> _lazyEncryptors; private readonly Lazy<IEnumerable<IRSAEncryptor>> _lazyEncryptors;
@ -25,18 +25,18 @@ namespace DigitalData.Core.Security
{ {
logger?.LogInformation("Core.Secrets version: {Version}, Created on: {CreationDate}.", Secrets.Version, Secrets.CreationDate.ToString("dd.MM.yyyy")); logger?.LogInformation("Core.Secrets version: {Version}, Created on: {CreationDate}.", Secrets.Version, Secrets.CreationDate.ToString("dd.MM.yyyy"));
if (!_params.Decryptors.Any()) if (!_params.PrivateKeys.Any())
throw new InvalidOperationException( throw new InvalidOperationException(
"Any decryptor is not found. Ensure that at least one decryptor is configured in the provided parameters. " + "Any decryptor is not found. Ensure that at least one decryptor is configured in the provided parameters. " +
"This issue typically arises if the configuration for decryptors is incomplete or missing. " + "This issue typically arises if the configuration for decryptors is incomplete or missing. " +
"Check the 'Decryptors' collection in the configuration and verify that it contains valid entries." "Check the 'Decryptors' collection in the configuration and verify that it contains valid entries."
); );
Decryptors = _params.Decryptors; PrivateKeys = _params.PrivateKeys;
Vault = _params.Vault ?? Decryptors.First(); VaultPrivateKey = _params.Vault ?? PrivateKeys.First();
_lazyEncryptors = new(Decryptors.Select(decryptor => decryptor.Encryptor)); _lazyEncryptors = new(PrivateKeys.Select(decryptor => decryptor.Encryptor));
} }
} }
} }

4
DigitalData.Core.Security/Config/AsymCryptParams.cs
View File

@ -40,7 +40,7 @@ namespace DigitalData.Core.Security.Config
/// </summary> /// </summary>
public string DateTagFormat { get; init; } = "MM//2"; public string DateTagFormat { get; init; } = "MM//2";
public IEnumerable<RSADecryptor> Decryptors { get; init; } = new List<RSADecryptor>(); public IEnumerable<RSADecryptor> PrivateKeys { get; init; } = new List<RSADecryptor>();
public RSADecryptor? Vault { get; init; } public RSADecryptor? Vault { get; init; }
@ -53,7 +53,7 @@ namespace DigitalData.Core.Security.Config
if (!Directory.Exists(PemDirectory)) if (!Directory.Exists(PemDirectory))
Directory.CreateDirectory(PemDirectory); Directory.CreateDirectory(PemDirectory);
foreach (var decryptor in Decryptors) foreach (var decryptor in PrivateKeys)
{ {
// set default path // set default path
if (decryptor.IsPemNull) if (decryptor.IsPemNull)

2
DigitalData.Core.Security/Cryptographer/RSADecryptor.cs
View File

@ -4,7 +4,7 @@ using System.Security.Cryptography;
namespace DigitalData.Core.Security.Cryptographer namespace DigitalData.Core.Security.Cryptographer
{ {
public class RSADecryptor : RSACryptographer, IRSADecryptor, IAsymmetricKey public class RSADecryptor : RSAKeyBase, IAsymmetricPrivateKey, IAsymmetricKey
{ {
private string? _pem; private string? _pem;

2
DigitalData.Core.Security/Cryptographer/RSAEncryptor.cs
View File

@ -2,7 +2,7 @@
namespace DigitalData.Core.Security.Cryptographer namespace DigitalData.Core.Security.Cryptographer
{ {
public class RSAEncryptor : RSACryptographer, IRSAEncryptor, IAsymmetricKey public class RSAEncryptor : RSAKeyBase, IRSAEncryptor, IAsymmetricKey
{ {
public override string Pem public override string Pem
{ {

2
DigitalData.Core.Security/Cryptographer/RSAFactory.cs
View File

@ -56,7 +56,7 @@ namespace DigitalData.Core.Security.Cryptographer
return new string(pemChars); return new string(pemChars);
} }
public IRSADecryptor CreateDecryptor(string pem, string? issuer = null, string? audience = null, bool encrypt = false, RSAEncryptionPadding? padding = null) => new RSADecryptor() public IAsymmetricPrivateKey CreatePrivateKey(string pem, string? issuer = null, string? audience = null, bool encrypt = false, RSAEncryptionPadding? padding = null) => new RSADecryptor()
{ {
Pem = pem, Pem = pem,
Issuer = issuer ?? string.Empty, Issuer = issuer ?? string.Empty,

5
DigitalData.Core.Security/Cryptographer/RSACryptographer.cs → DigitalData.Core.Security/Cryptographer/RSAKeyBase.cs
View File

@ -5,8 +5,7 @@ using System.Security.Cryptography;
namespace DigitalData.Core.Security.Cryptographer namespace DigitalData.Core.Security.Cryptographer
{ {
//TODO: Abstract RSA for future updates (using ECC, El Gamal or Lattice-based Cryptography) public class RSAKeyBase : IAsymmetricKey
public class RSACryptographer : IAsymmetricKey
{ {
public virtual string Pem { get; init; } public virtual string Pem { get; init; }
@ -30,7 +29,7 @@ namespace DigitalData.Core.Security.Cryptographer
public RsaSecurityKey RsaSecurityKey => _lazyRsaSecurityKey.Value; public RsaSecurityKey RsaSecurityKey => _lazyRsaSecurityKey.Value;
#pragma warning disable CS8618 // Non-nullable field must contain a non-null value when exiting constructor. Consider declaring as nullable. #pragma warning disable CS8618 // Non-nullable field must contain a non-null value when exiting constructor. Consider declaring as nullable.
internal RSACryptographer() internal RSAKeyBase()
{ {
_lazyRsaSecurityKey = new(() => new RsaSecurityKey(RSA)); _lazyRsaSecurityKey = new(() => new RsaSecurityKey(RSA));
} }

4
DigitalData.Core.Security/JwtSignatureHandler.cs
View File

@ -38,7 +38,7 @@ namespace DigitalData.Core.Security
var description = _params.Descriptions?.Get(issuer: issuer, audience: audience) var description = _params.Descriptions?.Get(issuer: issuer, audience: audience)
?? throw new InvalidOperationException($"No or multiple token description found for issuer '{issuer}' and audience '{audience}'."); ?? throw new InvalidOperationException($"No or multiple token description found for issuer '{issuer}' and audience '{audience}'.");
description.SigningCredentials = _cryptHandler.Decryptors description.SigningCredentials = _cryptHandler.PrivateKeys
.Get(issuer: issuer, audience: audience) .Get(issuer: issuer, audience: audience)
.CreateSigningCredentials(algorithm: description.SigningAlgorithm, digest: description.SigningDigest); .CreateSigningCredentials(algorithm: description.SigningAlgorithm, digest: description.SigningDigest);
@ -50,7 +50,7 @@ namespace DigitalData.Core.Security
var description = _params.Descriptions.SingleOrDefault(description => description.ApiRoute == apiRoute) var description = _params.Descriptions.SingleOrDefault(description => description.ApiRoute == apiRoute)
?? throw new InvalidOperationException($"No or multiple token description found for api route '{apiRoute}'."); ?? throw new InvalidOperationException($"No or multiple token description found for api route '{apiRoute}'.");
description.SigningCredentials = _cryptHandler.Decryptors description.SigningCredentials = _cryptHandler.PrivateKeys
.Get(issuer: description.Issuer, audience: description.Audience) .Get(issuer: description.Issuer, audience: description.Audience)
.CreateSigningCredentials(algorithm: description.SigningAlgorithm, digest: description.SigningDigest); .CreateSigningCredentials(algorithm: description.SigningAlgorithm, digest: description.SigningDigest);