From 7048f385ef5e2a2592ce1bc9c8a558400a40d49b Mon Sep 17 00:00:00 2001
From: Developer 02 <developer02@didaloghe.onmicrosoft.com>
Date: Tue, 19 Nov 2024 17:11:52 +0100
Subject: [PATCH] =?UTF-8?q?feat:=20Erweiterung=20der=20CryptFactory=20um?=
 =?UTF-8?q?=20RSA-Schl=C3=BCsselerzeugung=20und=20Verschl=C3=BCsselungsunt?=
 =?UTF-8?q?erst=C3=BCtzung?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

 - Hinzugefügt: Eigenschaften KeySizeInBits, Password, PbeEncryptionAlgorithm, PbeHashAlgorithmName, PbeIterationCount und EncryptedPrivateKeyPemLabel zur Unterstützung der Konfiguration von RSA-Schlüsselerzeugung und Verschlüsselung in der CryptFactory.

 - Hinzugefügt: Methoden CreateRSAPrivateKeyPem und CreateEncryptedPrivateKeyPem zur Erstellung von RSA-Privatschlüsseln und verschlüsselten Private-Key-PEMs.

 - Geändert: ICryptFactory-Schnittstelle um neue Eigenschaften und Methoden erweitert.
---
 .../Security/ICryptFactory.cs                 | 26 +++++++++-
 DigitalData.Core.Security/CryptFactory.cs     | 48 +++++++++++++++++++
 2 files changed, 73 insertions(+), 1 deletion(-)

diff --git a/DigitalData.Core.Abstractions/Security/ICryptFactory.cs b/DigitalData.Core.Abstractions/Security/ICryptFactory.cs
index f47513c..9cce682 100644
--- a/DigitalData.Core.Abstractions/Security/ICryptFactory.cs
+++ b/DigitalData.Core.Abstractions/Security/ICryptFactory.cs
@@ -1,6 +1,30 @@
-namespace DigitalData.Core.Abstractions.Security
+using System.Security.Cryptography;
+
+namespace DigitalData.Core.Abstractions.Security
 {
     public interface ICryptFactory
     {
+        public int KeySizeInBits { get; init; }
+
+        public string Password { get; init; }
+
+        public PbeEncryptionAlgorithm PbeEncryptionAlgorithm { get; init; }
+
+        public HashAlgorithmName PbeHashAlgorithmName { get; init; }
+
+        public int PbeIterationCount { get; init; }
+
+        public PbeParameters PbeParameters { get; }
+
+        public string EncryptedPrivateKeyPemLabel { get; init; }
+
+        string CreateRSAPrivateKeyPem(int? keySizeInBits = null);
+
+        string CreateEncryptedPrivateKeyPem(
+            int? keySizeInBits = null,
+            string? password = null,
+            PbeEncryptionAlgorithm? pbeEncryptionAlgorithm = null,
+            HashAlgorithmName? hashAlgorithmName = null,
+            int? iterationCount = null);
     }
 }
\ No newline at end of file
diff --git a/DigitalData.Core.Security/CryptFactory.cs b/DigitalData.Core.Security/CryptFactory.cs
index a70c5ed..9403d44 100644
--- a/DigitalData.Core.Security/CryptFactory.cs
+++ b/DigitalData.Core.Security/CryptFactory.cs
@@ -1,4 +1,5 @@
 using DigitalData.Core.Abstractions.Security;
+using System.Security.Cryptography;
 
 namespace DigitalData.Core.Security
 {
@@ -7,5 +8,52 @@ namespace DigitalData.Core.Security
         private static readonly Lazy<CryptFactory> LazyInstance = new (() => new ());
 
         public static CryptFactory Instance => LazyInstance.Value;
+
+        public int KeySizeInBits { get; init; } = 2048;
+
+        public string Password { get; init; }
+
+        public PbeEncryptionAlgorithm PbeEncryptionAlgorithm { get; init; } = PbeEncryptionAlgorithm.Aes256Cbc;
+
+        public HashAlgorithmName PbeHashAlgorithmName { get; init; } = HashAlgorithmName.SHA256;
+
+        public int PbeIterationCount { get; init; } = 100_000;
+
+        private readonly Lazy<PbeParameters> _lazyPbeParameters;
+
+        public PbeParameters PbeParameters => _lazyPbeParameters.Value;
+
+        public string EncryptedPrivateKeyPemLabel { get; init; } = "ENCRYPTED PRIVATE KEY";
+
+        public CryptFactory()
+        {
+            _lazyPbeParameters = new(() => new PbeParameters(PbeEncryptionAlgorithm, PbeHashAlgorithmName, PbeIterationCount));
+        }
+
+        public string CreateRSAPrivateKeyPem(int? keySizeInBits = null)
+            => RSA.Create(keySizeInBits ?? KeySizeInBits).ExportRSAPrivateKeyPem();
+
+        public string CreateEncryptedPrivateKeyPem(
+            int? keySizeInBits = null,
+            string? password = null,
+            PbeEncryptionAlgorithm? pbeEncryptionAlgorithm = null,
+            HashAlgorithmName? hashAlgorithmName = null,
+            int? iterationCount = null)
+        {
+            password ??= Password;
+
+            var pbeParameters = (pbeEncryptionAlgorithm is null && hashAlgorithmName is null && iterationCount is null)
+                ? new PbeParameters(
+                    pbeEncryptionAlgorithm ?? PbeEncryptionAlgorithm,
+                    hashAlgorithmName ?? PbeHashAlgorithmName,
+                    iterationCount ?? PbeIterationCount)
+                : PbeParameters;
+            
+            var encryptedPrivateKey = RSA.Create(keySizeInBits ?? KeySizeInBits).ExportEncryptedPkcs8PrivateKey(password.AsSpan(), pbeParameters);
+
+            var pemChars = PemEncoding.Write(EncryptedPrivateKeyPemLabel, encryptedPrivateKey);
+
+            return new string(pemChars);
+        }
     }
 }
\ No newline at end of file