AppStd/DigitalData.Core
Template
8
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

feat: Erweiterung der CryptFactory um RSA-Schlüsselerzeugung und Verschlüsselungsunterstützung

Browse Source 
- Hinzugefügt: Eigenschaften KeySizeInBits, Password, PbeEncryptionAlgorithm, PbeHashAlgorithmName, PbeIterationCount und EncryptedPrivateKeyPemLabel zur Unterstützung der Konfiguration von RSA-Schlüsselerzeugung und Verschlüsselung in der CryptFactory.

 - Hinzugefügt: Methoden CreateRSAPrivateKeyPem und CreateEncryptedPrivateKeyPem zur Erstellung von RSA-Privatschlüsseln und verschlüsselten Private-Key-PEMs.

 - Geändert: ICryptFactory-Schnittstelle um neue Eigenschaften und Methoden erweitert.
This commit is contained in:
Developer 02 2024-11-19 17:11:52 +01:00
parent cb9c5746b0
commit 7048f385ef
2 changed files with 73 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
DigitalData.Core.Abstractions/Security/ICryptFactory.cs
View File

@ -1,6 +1,30 @@
namespace DigitalData.Core.Abstractions.Security
using System.Security.Cryptography;
namespace DigitalData.Core.Abstractions.Security
{
public interface ICryptFactory
{
public int KeySizeInBits { get; init; }
public string Password { get; init; }
public PbeEncryptionAlgorithm PbeEncryptionAlgorithm { get; init; }
public HashAlgorithmName PbeHashAlgorithmName { get; init; }
public int PbeIterationCount { get; init; }
public PbeParameters PbeParameters { get; }
public string EncryptedPrivateKeyPemLabel { get; init; }
string CreateRSAPrivateKeyPem(int? keySizeInBits = null);
string CreateEncryptedPrivateKeyPem(
int? keySizeInBits = null,
string? password = null,
PbeEncryptionAlgorithm? pbeEncryptionAlgorithm = null,
HashAlgorithmName? hashAlgorithmName = null,
int? iterationCount = null);
}
}

48
DigitalData.Core.Security/CryptFactory.cs
View File

@ -1,4 +1,5 @@
using DigitalData.Core.Abstractions.Security;
using System.Security.Cryptography;
namespace DigitalData.Core.Security
{
@ -7,5 +8,52 @@ namespace DigitalData.Core.Security
private static readonly Lazy<CryptFactory> LazyInstance = new (() => new ());
public static CryptFactory Instance => LazyInstance.Value;
public int KeySizeInBits { get; init; } = 2048;
public string Password { get; init; }
public PbeEncryptionAlgorithm PbeEncryptionAlgorithm { get; init; } = PbeEncryptionAlgorithm.Aes256Cbc;
public HashAlgorithmName PbeHashAlgorithmName { get; init; } = HashAlgorithmName.SHA256;
public int PbeIterationCount { get; init; } = 100_000;
private readonly Lazy<PbeParameters> _lazyPbeParameters;
public PbeParameters PbeParameters => _lazyPbeParameters.Value;
public string EncryptedPrivateKeyPemLabel { get; init; } = "ENCRYPTED PRIVATE KEY";
public CryptFactory()
{
_lazyPbeParameters = new(() => new PbeParameters(PbeEncryptionAlgorithm, PbeHashAlgorithmName, PbeIterationCount));
}
public string CreateRSAPrivateKeyPem(int? keySizeInBits = null)
=> RSA.Create(keySizeInBits ?? KeySizeInBits).ExportRSAPrivateKeyPem();
public string CreateEncryptedPrivateKeyPem(
int? keySizeInBits = null,
string? password = null,
PbeEncryptionAlgorithm? pbeEncryptionAlgorithm = null,
HashAlgorithmName? hashAlgorithmName = null,
int? iterationCount = null)
{
password ??= Password;
var pbeParameters = (pbeEncryptionAlgorithm is null && hashAlgorithmName is null && iterationCount is null)
? new PbeParameters(
pbeEncryptionAlgorithm ?? PbeEncryptionAlgorithm,
hashAlgorithmName ?? PbeHashAlgorithmName,
iterationCount ?? PbeIterationCount)
: PbeParameters;
var encryptedPrivateKey = RSA.Create(keySizeInBits ?? KeySizeInBits).ExportEncryptedPkcs8PrivateKey(password.AsSpan(), pbeParameters);
var pemChars = PemEncoding.Write(EncryptedPrivateKeyPemLabel, encryptedPrivateKey);
return new string(pemChars);
}
}
}