From d013d3edfa46bbdcd45010dd14036609738f0f2e Mon Sep 17 00:00:00 2001 From: Developer 02 Date: Fri, 13 Dec 2024 15:38:50 +0100 Subject: [PATCH] =?UTF-8?q?refactor(AsymCryptService):=20Verschl=C3=BCssel?= =?UTF-8?q?ungen=20entfernen,=20da=20sie=20von=20Entschl=C3=BCsselungen=20?= =?UTF-8?q?erzeugt=20werden=20m=C3=BCssen.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../Security/IAsymCryptService.cs | 2 - DigitalData.Core.Security/AsymCryptService.cs | 2 - .../Config/AsymCryptParams.cs | 52 ++++--------------- 3 files changed, 10 insertions(+), 46 deletions(-) diff --git a/DigitalData.Core.Abstractions/Security/IAsymCryptService.cs b/DigitalData.Core.Abstractions/Security/IAsymCryptService.cs index be07e1d..d832fc1 100644 --- a/DigitalData.Core.Abstractions/Security/IAsymCryptService.cs +++ b/DigitalData.Core.Abstractions/Security/IAsymCryptService.cs @@ -3,8 +3,6 @@ public interface IAsymCryptService : IRSAFactory { public IEnumerable Decryptors { get; } - - public IEnumerable Encryptors { get; } } public interface IAsymCryptService : IAsymCryptService, IRSAFactory { } diff --git a/DigitalData.Core.Security/AsymCryptService.cs b/DigitalData.Core.Security/AsymCryptService.cs index cf6f008..59254df 100644 --- a/DigitalData.Core.Security/AsymCryptService.cs +++ b/DigitalData.Core.Security/AsymCryptService.cs @@ -10,8 +10,6 @@ namespace DigitalData.Core.Security { public IEnumerable Decryptors => _params.Decryptors; - public IEnumerable Encryptors => _params.Encryptors; - public AsymCryptService(IOptions options, ILogger>? logger = null) : base(options) { logger?.LogInformation("Core.Secrets version: {Version}, Created on: {CreationDate}.", Secrets.Version, Secrets.CreationDate.ToString("dd.MM.yyyy")); diff --git a/DigitalData.Core.Security/Config/AsymCryptParams.cs b/DigitalData.Core.Security/Config/AsymCryptParams.cs index a7418b0..304397a 100644 --- a/DigitalData.Core.Security/Config/AsymCryptParams.cs +++ b/DigitalData.Core.Security/Config/AsymCryptParams.cs @@ -1,5 +1,4 @@ using DigitalData.Core.Security.Cryptographer; -using System.Security.Cryptography; namespace DigitalData.Core.Security.Config { @@ -9,43 +8,17 @@ namespace DigitalData.Core.Security.Config public string Separator { get; init; } = "_-_"; - public string EncryptorTag { get; init; } = "public"; - - public string DecryptorTag { get; init; } = "private"; - - public string EncryptedDecryptorTag { get; init; } = "enc-private"; - public IEnumerable Decryptors { get; init; } = new List(); - public IEnumerable Encryptors { get; init; } = new List(); - /// - /// 0: Issuer - 1: Audience - 2: Type tag - 3: Secret version + /// 0: Issuer - 1: Audience - 2: Secret version (if is encrypted) /// private string CreateFileName(params object[] objs) => string.Join(Separator, objs); - private static (bool IsDecryptor, bool IsEncrypted) StateOf(RSACryptographer crypt) => crypt switch - { - RSAEncryptor => (false, false), - RSADecryptor decryptor => (true, decryptor.Encrypt), - _ => throw new InvalidOperationException("Unknown cryptographer type. The crypt parameter must be either RSAEncryptor or RSADecryptor.") - }; - - private string TypeTagOf((bool IsDecryptor, bool IsEncrypted) stateOfCrypt) => stateOfCrypt switch - { - (false, false) => EncryptorTag, - (true, false) => DecryptorTag, - (true, true) => EncryptedDecryptorTag, - _ => throw new InvalidOperationException("Unknown cryptographer type. The crypt parameter must be either RSAEncryptor or RSADecryptor.") - }; - - private string CreatePem((bool IsDecryptor, bool IsEncrypted) stateOfCrypt) => stateOfCrypt switch - { - (true, false) => Instance.RSAFactory.CreateRSAPrivateKeyPem(keySizeInBits: KeySizeInBits), - (true, true) => Instance.RSAFactory.CreateEncryptedPrivateKeyPem(keySizeInBits: KeySizeInBits, password: Secrets.PBE_PASSWORD, - pbeEncryptionAlgorithm: PbeEncryptionAlgorithm, hashAlgorithmName: PbeHashAlgorithmName, iterationCount: PbeIterationCount), - _ => throw new InvalidOperationException("Unknown cryptographer type. The crypt parameter must be either RSAEncryptor or RSADecryptor.") - }; + private string CreatePem(bool isEncrypted) => isEncrypted + ? Instance.RSAFactory.CreateEncryptedPrivateKeyPem(keySizeInBits: KeySizeInBits, password: Secrets.PBE_PASSWORD, + pbeEncryptionAlgorithm: PbeEncryptionAlgorithm, hashAlgorithmName: PbeHashAlgorithmName, iterationCount: PbeIterationCount) + : Instance.RSAFactory.CreateRSAPrivateKeyPem(keySizeInBits: KeySizeInBits); public override void OnDeserialized() { @@ -55,18 +28,13 @@ namespace DigitalData.Core.Security.Config if (!Directory.Exists(PemDirectory)) Directory.CreateDirectory(PemDirectory); - // merge decryptors and encryptors to process under one loop - var cryptographers = Encryptors.Cast().Concat(Decryptors.Cast()); - - foreach (var crypt in cryptographers) + foreach (var crypt in Decryptors) { // set default path if (crypt.IsPemNull) { - var state = StateOf(crypt); - - var file_name_params = new List { crypt.Issuer, crypt.Audience, TypeTagOf(state) }; - if (state.IsEncrypted) + var file_name_params = new List { crypt.Issuer, crypt.Audience }; + if (crypt.Encrypt) file_name_params.Add(Secrets.Version); var file_name = CreateFileName(file_name_params); @@ -76,9 +44,9 @@ namespace DigitalData.Core.Security.Config crypt.SetPem(File.ReadAllText(path)); else { - var pem = CreatePem(state); + var pem = CreatePem(crypt.Encrypt); crypt.SetPem(File.ReadAllText(pem)); - Task.Run(async () => File.WriteAllTextAsync(path: path, pem)); + Task.Run(async () => await File.WriteAllTextAsync(path: path, pem)); } }