From a9ebc406f323d19c5153b344616fa9487058bb2f Mon Sep 17 00:00:00 2001
From: Developer 02 <developer02@didaloghe.onmicrosoft.com>
Date: Fri, 13 Dec 2024 15:45:09 +0100
Subject: [PATCH] =?UTF-8?q?refactor(RSAFactory):=20Methode=20CreateEncrypt?=
 =?UTF-8?q?edPrivateKeyPem=20hinzugef=C3=BCgt,=20um=20mit=20direkt=20benut?=
 =?UTF-8?q?zerdefinierten=20pbeParametern=20zu=20erstellen.=20=20-=20Umben?=
 =?UTF-8?q?ennung=20der=20Methode=20CreateRSAPrivateKeyPem=20in=20CreatePr?=
 =?UTF-8?q?ivateKeyPem?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../Security/IRSAFactory.cs                   | 15 ++++++++-----
 .../Config/AsymCryptParams.cs                 |  5 ++---
 .../Cryptographer/RSAFactory.cs               | 22 +++++++++++++++----
 3 files changed, 30 insertions(+), 12 deletions(-)

diff --git a/DigitalData.Core.Abstractions/Security/IRSAFactory.cs b/DigitalData.Core.Abstractions/Security/IRSAFactory.cs
index 96ece10..d1347ff 100644
--- a/DigitalData.Core.Abstractions/Security/IRSAFactory.cs
+++ b/DigitalData.Core.Abstractions/Security/IRSAFactory.cs
@@ -4,14 +4,19 @@ namespace DigitalData.Core.Abstractions.Security
 {
     public interface IRSAFactory
     {
-        string CreateRSAPrivateKeyPem(int? keySizeInBits = null);
+        string CreatePrivateKeyPem(int? keySizeInBits = null);
 
-        string CreateEncryptedPrivateKeyPem(
-            int? keySizeInBits = null,
-            string? password = null,
+        public string CreateEncryptedPrivateKeyPem(
             PbeEncryptionAlgorithm? pbeEncryptionAlgorithm = null,
             HashAlgorithmName? hashAlgorithmName = null,
-            int? iterationCount = null);
+            int? iterationCount = null,
+            int? keySizeInBits = null,
+            string? password = null);
+
+        public string CreateEncryptedPrivateKeyPem(
+            PbeParameters pbeParameters,
+            int? keySizeInBits = null,
+            string? password = null);
     }
 
     public interface IRSAFactory<TParams> : IRSAFactory { }
diff --git a/DigitalData.Core.Security/Config/AsymCryptParams.cs b/DigitalData.Core.Security/Config/AsymCryptParams.cs
index 304397a..a2a2a24 100644
--- a/DigitalData.Core.Security/Config/AsymCryptParams.cs
+++ b/DigitalData.Core.Security/Config/AsymCryptParams.cs
@@ -16,9 +16,8 @@ namespace DigitalData.Core.Security.Config
         private string CreateFileName(params object[] objs) => string.Join(Separator, objs);
 
         private string CreatePem(bool isEncrypted) => isEncrypted
-            ? Instance.RSAFactory.CreateEncryptedPrivateKeyPem(keySizeInBits: KeySizeInBits, password: Secrets.PBE_PASSWORD,
-                pbeEncryptionAlgorithm: PbeEncryptionAlgorithm, hashAlgorithmName: PbeHashAlgorithmName, iterationCount: PbeIterationCount)
-            : Instance.RSAFactory.CreateRSAPrivateKeyPem(keySizeInBits: KeySizeInBits);
+            ? Instance.RSAFactory.CreateEncryptedPrivateKeyPem(pbeParameters: PbeParameters, keySizeInBits: KeySizeInBits, password: Secrets.PBE_PASSWORD)
+            : Instance.RSAFactory.CreatePrivateKeyPem(keySizeInBits: KeySizeInBits);
 
         public override void OnDeserialized()
         {
diff --git a/DigitalData.Core.Security/Cryptographer/RSAFactory.cs b/DigitalData.Core.Security/Cryptographer/RSAFactory.cs
index a6a4a88..9f10a06 100644
--- a/DigitalData.Core.Security/Cryptographer/RSAFactory.cs
+++ b/DigitalData.Core.Security/Cryptographer/RSAFactory.cs
@@ -11,15 +11,15 @@ namespace DigitalData.Core.Security.Cryptographer
 
         public RSAFactory(IOptions<TRSAFactoryParams> options) => _params = options.Value;
 
-        public string CreateRSAPrivateKeyPem(int? keySizeInBits = null)
+        public string CreatePrivateKeyPem(int? keySizeInBits = null)
             => RSA.Create(keySizeInBits ?? _params.KeySizeInBits).ExportRSAPrivateKeyPem();
 
         public string CreateEncryptedPrivateKeyPem(
-            int? keySizeInBits = null,
-            string? password = null,
             PbeEncryptionAlgorithm? pbeEncryptionAlgorithm = null,
             HashAlgorithmName? hashAlgorithmName = null,
-            int? iterationCount = null)
+            int? iterationCount = null,
+            int? keySizeInBits = null,
+            string? password = null)
         {
             password ??= _params.PbePassword;
 
@@ -36,5 +36,19 @@ namespace DigitalData.Core.Security.Cryptographer
 
             return new string(pemChars);
         }
+
+        public string CreateEncryptedPrivateKeyPem(
+            PbeParameters pbeParameters,
+            int? keySizeInBits = null,
+            string? password = null)
+        {
+            password ??= _params.PbePassword;
+
+            var encryptedPrivateKey = RSA.Create(keySizeInBits ?? _params.KeySizeInBits).ExportEncryptedPkcs8PrivateKey(password.AsSpan(), pbeParameters);
+
+            var pemChars = PemEncoding.Write(_params.EncryptedPrivateKeyPemLabel, encryptedPrivateKey);
+
+            return new string(pemChars);
+        }
     }
 }
\ No newline at end of file