refactor(Privatekey): Die Klasse decryptor wurde erstellt und die Verschlüsselungsfunktionen für eine einfache und saubere Konfiguration dorthin verschoben.

DigitalData.Core.Abstractions/Security/IAsymmetricDecryptor.cs

@@ -0,0 +1,7 @@
+namespace DigitalData.Core.Abstractions.Security
+{
+    public interface IAsymmetricDecryptor : IAsymmetricPrivateKey
+    {
+        byte[] Decrypt(byte[] data);
+    }
+}

DigitalData.Core.Abstractions/Security/IAsymmetricPrivateKey.cs

@@ -9,11 +9,7 @@ namespace DigitalData.Core.Abstractions.Security
         IAsymmetricPublicKey PublicKey { get; }
 
         PrivateKeyTokenDescriptor? TokenDescriptor { get; init; }
-
-        byte[] Decrypt(byte[] data);
-
-        string Decrypt(string data);
-
+        
         SigningCredentials CreateSigningCredentials(string algorithm = SecurityAlgorithms.RsaSha256, string? digest = null);
     }
 }

DigitalData.Core.Abstractions/Security/ICryptograph.cs

@@ -2,9 +2,9 @@
 {
     public interface ICryptograph : IAsymmetricKeyFactory
     {
-        IEnumerable<IAsymmetricPrivateKey> PrivateKeys { get; }
+        IEnumerable<IAsymmetricDecryptor> Decryptors { get; }
 
-        IAsymmetricPrivateKey VaultPrivateKey { get; }
+        IAsymmetricDecryptor VaultDecryptor { get; }
 
         IEnumerable<IAsymmetricPublicKey> PublicKeys { get; }
     }

DigitalData.Core.Abstractions/Security/PrivateKeyTokenDescriptor.cs

@@ -17,7 +17,7 @@ namespace DigitalData.Core.Abstractions.Security
         /// <summary>
         /// Defines the compression algorithm that will be used to compress the JWT token payload.
         /// </summary>
-        public string CompressionAlgorithm { get; set; }
+        public string CompressionAlgorithm { get; set; }  
 
         /// <summary>
         /// Gets or sets the <see cref="EncryptingCredentials"/> used to create a encrypted security token.

DigitalData.Core.Abstractions/Security/SecurityExtensions.cs

@@ -1,4 +1,7 @@
-namespace DigitalData.Core.Abstractions.Security
+using System.Security.Cryptography;
+using System.Text;
+
+namespace DigitalData.Core.Abstractions.Security
 {
     public static class SecurityExtensions
     {
@@ -25,5 +28,12 @@
 
         public static bool TryMatch<TUniqueSecurityContext>(this IEnumerable<TUniqueSecurityContext> contextes, IUniqueSecurityContext lookupContext, out TUniqueSecurityContext context) where TUniqueSecurityContext : IUniqueSecurityContext
             => contextes.TryGet(lookupContext.Issuer, lookupContext.Audience, out context);
+
+        internal static byte[] Base64ToByte(this string base64String) => Convert.FromBase64String(base64String);
+
+        internal static string BytesToString(this byte[] bytes) => Encoding.UTF8.GetString(bytes);
+
+        public static string Decrypt(this IAsymmetricDecryptor decryptor, string data) => decryptor
+            .Decrypt(data.Base64ToByte()).BytesToString();
     }
 }