From 77fc06991b9c0b85b4bda7e47ba06343bc1c564a Mon Sep 17 00:00:00 2001 From: Developer 02 Date: Tue, 19 Nov 2024 23:49:34 +0100 Subject: [PATCH] feat(CryptFactory): Erstellung einer separaten RSAFactory zur Erzeugung einer statischen Instanz --- DigitalData.Core.Security/CryptFactory.cs | 61 +++-------------------- DigitalData.Core.Security/RSAFactory.cs | 58 +++++++++++++++++++++ 2 files changed, 64 insertions(+), 55 deletions(-) create mode 100644 DigitalData.Core.Security/RSAFactory.cs diff --git a/DigitalData.Core.Security/CryptFactory.cs b/DigitalData.Core.Security/CryptFactory.cs index 6481d74..b341974 100644 --- a/DigitalData.Core.Security/CryptFactory.cs +++ b/DigitalData.Core.Security/CryptFactory.cs @@ -1,68 +1,19 @@ using DigitalData.Core.Abstractions.Security; using Microsoft.Extensions.Logging; -using System.Security.Cryptography; namespace DigitalData.Core.Security { - public class CryptFactory : ICryptFactory + public class CryptFactory : RSAFactory, ICryptFactory { - private static readonly Lazy LazyInstance = new (() => new ()); + private readonly IDictionary _decryptors; - public static CryptFactory Instance => LazyInstance.Value; + public IRSADecryptor this[string key] { get => _decryptors[key]; set => _decryptors[key] = value; } - public int KeySizeInBits { get; init; } = 2048; - - public string PbePassword { private get; init; } = Secrets.PBE_PASSWORD; - - public PbeEncryptionAlgorithm PbeEncryptionAlgorithm { get; init; } = PbeEncryptionAlgorithm.Aes256Cbc; - - public HashAlgorithmName PbeHashAlgorithmName { get; init; } = HashAlgorithmName.SHA256; - - public int PbeIterationCount { get; init; } = 100_000; - - private readonly Lazy _lazyPbeParameters; - - public PbeParameters PbeParameters => _lazyPbeParameters.Value; - - public string EncryptedPrivateKeyPemLabel { get; init; } = "ENCRYPTED PRIVATE KEY"; - - public IDictionary Decryptors { get; init; } - - public IRSADecryptor this[string key] { get => Decryptors[key]; set => Decryptors[key] = value; } - - public CryptFactory(ILogger? logger = null, IDictionary? decryptors = null) + public CryptFactory(ILogger logger, IDictionary decryptors) : base() { - _lazyPbeParameters = new(() => new PbeParameters(PbeEncryptionAlgorithm, PbeHashAlgorithmName, PbeIterationCount)); - - Decryptors = decryptors ?? new Dictionary(); - - logger?.LogInformation("CryptFactory initialized. Core.Secrets version: {Version}, Created on: {CreationDate}.", Secrets.Version, Secrets.CreationDate.ToString("dd.MM.yyyy")); - } - - public string CreateRSAPrivateKeyPem(int? keySizeInBits = null) - => RSA.Create(keySizeInBits ?? KeySizeInBits).ExportRSAPrivateKeyPem(); - - public string CreateEncryptedPrivateKeyPem( - int? keySizeInBits = null, - string? password = null, - PbeEncryptionAlgorithm? pbeEncryptionAlgorithm = null, - HashAlgorithmName? hashAlgorithmName = null, - int? iterationCount = null) - { - password ??= PbePassword; - - var pbeParameters = (pbeEncryptionAlgorithm is null && hashAlgorithmName is null && iterationCount is null) - ? new PbeParameters( - pbeEncryptionAlgorithm ?? PbeEncryptionAlgorithm, - hashAlgorithmName ?? PbeHashAlgorithmName, - iterationCount ?? PbeIterationCount) - : PbeParameters; - - var encryptedPrivateKey = RSA.Create(keySizeInBits ?? KeySizeInBits).ExportEncryptedPkcs8PrivateKey(password.AsSpan(), pbeParameters); - - var pemChars = PemEncoding.Write(EncryptedPrivateKeyPemLabel, encryptedPrivateKey); + _decryptors = decryptors ?? new Dictionary(); - return new string(pemChars); + logger?.LogInformation("Core.Secrets version: {Version}, Created on: {CreationDate}.", Secrets.Version, Secrets.CreationDate.ToString("dd.MM.yyyy")); } public bool TryGetRSADecryptor(string key, out IRSADecryptor? decryptor) => _decryptors.TryGetValue(key, out decryptor); diff --git a/DigitalData.Core.Security/RSAFactory.cs b/DigitalData.Core.Security/RSAFactory.cs new file mode 100644 index 0000000..d50522f --- /dev/null +++ b/DigitalData.Core.Security/RSAFactory.cs @@ -0,0 +1,58 @@ +using System.Security.Cryptography; + +namespace DigitalData.Core.Security +{ + public class RSAFactory + { + private static readonly Lazy LazyInstance = new(() => new()); + + public static RSAFactory Static => LazyInstance.Value; + + public int KeySizeInBits { get; init; } = 2048; + + public string PbePassword { private get; init; } = Secrets.PBE_PASSWORD; + + public PbeEncryptionAlgorithm PbeEncryptionAlgorithm { get; init; } = PbeEncryptionAlgorithm.Aes256Cbc; + + public HashAlgorithmName PbeHashAlgorithmName { get; init; } = HashAlgorithmName.SHA256; + + public int PbeIterationCount { get; init; } = 100_000; + + private readonly Lazy _lazyPbeParameters; + + public PbeParameters PbeParameters => _lazyPbeParameters.Value; + + public string EncryptedPrivateKeyPemLabel { get; init; } = "ENCRYPTED PRIVATE KEY"; + + internal RSAFactory() + { + _lazyPbeParameters = new(() => new PbeParameters(PbeEncryptionAlgorithm, PbeHashAlgorithmName, PbeIterationCount)); + } + + public string CreateRSAPrivateKeyPem(int? keySizeInBits = null) + => RSA.Create(keySizeInBits ?? KeySizeInBits).ExportRSAPrivateKeyPem(); + + public string CreateEncryptedPrivateKeyPem( + int? keySizeInBits = null, + string? password = null, + PbeEncryptionAlgorithm? pbeEncryptionAlgorithm = null, + HashAlgorithmName? hashAlgorithmName = null, + int? iterationCount = null) + { + password ??= PbePassword; + + var pbeParameters = (pbeEncryptionAlgorithm is null && hashAlgorithmName is null && iterationCount is null) + ? new PbeParameters( + pbeEncryptionAlgorithm ?? PbeEncryptionAlgorithm, + hashAlgorithmName ?? PbeHashAlgorithmName, + iterationCount ?? PbeIterationCount) + : PbeParameters; + + var encryptedPrivateKey = RSA.Create(keySizeInBits ?? KeySizeInBits).ExportEncryptedPkcs8PrivateKey(password.AsSpan(), pbeParameters); + + var pemChars = PemEncoding.Write(EncryptedPrivateKeyPemLabel, encryptedPrivateKey); + + return new string(pemChars); + } + } +} \ No newline at end of file