diff --git a/DigitalData.Core.Abstractions/Security/IAsymCryptService.cs b/DigitalData.Core.Abstractions/Security/IAsymCryptService.cs index be07e1d..d832fc1 100644 --- a/DigitalData.Core.Abstractions/Security/IAsymCryptService.cs +++ b/DigitalData.Core.Abstractions/Security/IAsymCryptService.cs @@ -3,8 +3,6 @@ public interface IAsymCryptService : IRSAFactory { public IEnumerable Decryptors { get; } - - public IEnumerable Encryptors { get; } } public interface IAsymCryptService : IAsymCryptService, IRSAFactory { } diff --git a/DigitalData.Core.Security/AsymCryptService.cs b/DigitalData.Core.Security/AsymCryptService.cs index cf6f008..59254df 100644 --- a/DigitalData.Core.Security/AsymCryptService.cs +++ b/DigitalData.Core.Security/AsymCryptService.cs @@ -10,8 +10,6 @@ namespace DigitalData.Core.Security { public IEnumerable Decryptors => _params.Decryptors; - public IEnumerable Encryptors => _params.Encryptors; - public AsymCryptService(IOptions options, ILogger>? logger = null) : base(options) { logger?.LogInformation("Core.Secrets version: {Version}, Created on: {CreationDate}.", Secrets.Version, Secrets.CreationDate.ToString("dd.MM.yyyy")); diff --git a/DigitalData.Core.Security/Config/AsymCryptParams.cs b/DigitalData.Core.Security/Config/AsymCryptParams.cs index a7418b0..304397a 100644 --- a/DigitalData.Core.Security/Config/AsymCryptParams.cs +++ b/DigitalData.Core.Security/Config/AsymCryptParams.cs @@ -1,5 +1,4 @@ using DigitalData.Core.Security.Cryptographer; -using System.Security.Cryptography; namespace DigitalData.Core.Security.Config { @@ -9,43 +8,17 @@ namespace DigitalData.Core.Security.Config public string Separator { get; init; } = "_-_"; - public string EncryptorTag { get; init; } = "public"; - - public string DecryptorTag { get; init; } = "private"; - - public string EncryptedDecryptorTag { get; init; } = "enc-private"; - public IEnumerable Decryptors { get; init; } = new List(); - public IEnumerable Encryptors { get; init; } = new List(); - /// - /// 0: Issuer - 1: Audience - 2: Type tag - 3: Secret version + /// 0: Issuer - 1: Audience - 2: Secret version (if is encrypted) /// private string CreateFileName(params object[] objs) => string.Join(Separator, objs); - private static (bool IsDecryptor, bool IsEncrypted) StateOf(RSACryptographer crypt) => crypt switch - { - RSAEncryptor => (false, false), - RSADecryptor decryptor => (true, decryptor.Encrypt), - _ => throw new InvalidOperationException("Unknown cryptographer type. The crypt parameter must be either RSAEncryptor or RSADecryptor.") - }; - - private string TypeTagOf((bool IsDecryptor, bool IsEncrypted) stateOfCrypt) => stateOfCrypt switch - { - (false, false) => EncryptorTag, - (true, false) => DecryptorTag, - (true, true) => EncryptedDecryptorTag, - _ => throw new InvalidOperationException("Unknown cryptographer type. The crypt parameter must be either RSAEncryptor or RSADecryptor.") - }; - - private string CreatePem((bool IsDecryptor, bool IsEncrypted) stateOfCrypt) => stateOfCrypt switch - { - (true, false) => Instance.RSAFactory.CreateRSAPrivateKeyPem(keySizeInBits: KeySizeInBits), - (true, true) => Instance.RSAFactory.CreateEncryptedPrivateKeyPem(keySizeInBits: KeySizeInBits, password: Secrets.PBE_PASSWORD, - pbeEncryptionAlgorithm: PbeEncryptionAlgorithm, hashAlgorithmName: PbeHashAlgorithmName, iterationCount: PbeIterationCount), - _ => throw new InvalidOperationException("Unknown cryptographer type. The crypt parameter must be either RSAEncryptor or RSADecryptor.") - }; + private string CreatePem(bool isEncrypted) => isEncrypted + ? Instance.RSAFactory.CreateEncryptedPrivateKeyPem(keySizeInBits: KeySizeInBits, password: Secrets.PBE_PASSWORD, + pbeEncryptionAlgorithm: PbeEncryptionAlgorithm, hashAlgorithmName: PbeHashAlgorithmName, iterationCount: PbeIterationCount) + : Instance.RSAFactory.CreateRSAPrivateKeyPem(keySizeInBits: KeySizeInBits); public override void OnDeserialized() { @@ -55,18 +28,13 @@ namespace DigitalData.Core.Security.Config if (!Directory.Exists(PemDirectory)) Directory.CreateDirectory(PemDirectory); - // merge decryptors and encryptors to process under one loop - var cryptographers = Encryptors.Cast().Concat(Decryptors.Cast()); - - foreach (var crypt in cryptographers) + foreach (var crypt in Decryptors) { // set default path if (crypt.IsPemNull) { - var state = StateOf(crypt); - - var file_name_params = new List { crypt.Issuer, crypt.Audience, TypeTagOf(state) }; - if (state.IsEncrypted) + var file_name_params = new List { crypt.Issuer, crypt.Audience }; + if (crypt.Encrypt) file_name_params.Add(Secrets.Version); var file_name = CreateFileName(file_name_params); @@ -76,9 +44,9 @@ namespace DigitalData.Core.Security.Config crypt.SetPem(File.ReadAllText(path)); else { - var pem = CreatePem(state); + var pem = CreatePem(crypt.Encrypt); crypt.SetPem(File.ReadAllText(pem)); - Task.Run(async () => File.WriteAllTextAsync(path: path, pem)); + Task.Run(async () => await File.WriteAllTextAsync(path: path, pem)); } }