feat(RSAFactory): Formatierer für Schlüsselnamen entfernen

2024-12-05 00:23:28 +01:00 · 2024-12-05 00:23:28 +01:00 · c895d2df0e
commit c895d2df0e
parent 0c451cb834
1 changed files with 0 additions and 39 deletions
--- a/DigitalData.Core.Security/RSAFactory.cs
+++ b/DigitalData.Core.Security/RSAFactory.cs
@ -1,64 +1,25 @@
 using DigitalData.Core.Abstractions.Security;
 using Microsoft.Extensions.Options;
 using System.Security.Cryptography;
 using System.Text;
 namespace DigitalData.Core.Security
 {
    public class RSAFactory<TRSAFactoryParams> : IRSAFactory<TRSAFactoryParams> where TRSAFactoryParams : RSAFactoryParams
    {
        public static string DefaultRSAKeyNameFormatter(string separator, string issuer, string audience, string visibilityTag, DateOnly expiration, Version? passwordVersion = null)
        {
            var sb = new StringBuilder(issuer.Length + audience.Length + separator.Length * 2 + 20);
            sb.Append(issuer).Append(separator).Append(audience).Append(separator).Append(visibilityTag).Append(separator).Append(expiration);
            if (passwordVersion is not null)
                sb.Append(separator).Append(passwordVersion);
            return sb.ToString();
        }
        private static readonly Lazy<RSAFactory<RSAFactoryParams>> LazyInstance = new(() => new(Options.Create<RSAFactoryParams>(new())));
        public static RSAFactory<RSAFactoryParams> Static => LazyInstance.Value;
        protected readonly TRSAFactoryParams _params;
        private readonly IEnumerable<string> _lowerFileTags;
        private readonly PbeParameters _pbeParameters;
        public RSAFactory(IOptions<TRSAFactoryParams> options)
        {
            _params = options.Value;
            var keyFileTags = new string[] { _params.EncryptedPrivateKeyFileTag, _params.PrivateKeyFileTag, _params.PublicKeyFileTag };
            _lowerFileTags = keyFileTags.Select(tag => tag.ToLower());
            _pbeParameters = new PbeParameters(_params.PbeEncryptionAlgorithm, _params.PbeHashAlgorithmName, _params.PbeIterationCount);
        }
        //TODO: make the validation using regex
        public void ValidateFormatterParams(string issuer, string audience)
        {
            void ValidateForbidden(string value, string paramName)
            {
                if (Path.GetInvalidFileNameChars().Any(value.Contains) || _lowerFileTags.Any(tag => value.ToLower().Contains(tag)))
                    throw new ArgumentException($"RSA decryptor key name creation is forbidden. The {paramName} contains forbidden characters that are not allowed in file naming.", paramName);
            }
            static void ValidateSeparator(string value, string paramName, string separator)
            {
                if (value.Contains(separator))
                    throw new ArgumentException($"RSA decryptor key name creation is forbidden. The {paramName} contains separator characters ({separator}) that are not allowed in file naming.", paramName);
            }
            ValidateForbidden(issuer, nameof(issuer));
            ValidateForbidden(audience, nameof(audience));
            ValidateForbidden(_params.RSAKeyNameSeparator, nameof(_params.RSAKeyNameSeparator));
            ValidateSeparator(issuer, nameof(issuer), _params.RSAKeyNameSeparator);
            ValidateSeparator(audience, nameof(audience), _params.RSAKeyNameSeparator);
        }
        public string CreateRSAPrivateKeyPem(int? keySizeInBits = null)
            => RSA.Create(keySizeInBits ?? _params.KeySizeInBits).ExportRSAPrivateKeyPem();