refactor(AsymCryptParams): unnötige Eigenschaften entfernt

- DI-Erweiterungsmethoden hinzugefügt

DigitalData.Core.Abstractions/Security/CryptographerExtensions.cs

@@ -0,0 +1,21 @@
+namespace DigitalData.Core.Abstractions.Security
+{
+    public static class CryptographerExtensions
+    {
+        public static IEnumerable<TRSACryptographer> GetByIssuer<TRSACryptographer>(this IEnumerable<TRSACryptographer> cryptographers, string issuer) where TRSACryptographer: IRSACryptographer
+            => cryptographers.Where(c => c.Issuer == issuer);
+
+        public static IEnumerable<TRSACryptographer> GetByAudience<TRSACryptographer>(this IEnumerable<TRSACryptographer> cryptographers, string audience) where TRSACryptographer : IRSACryptographer
+            => cryptographers.Where(c => c.Audience == audience);
+
+        public static TRSACryptographer Get<TRSACryptographer>(this IEnumerable<TRSACryptographer> cryptographers, string issuer, string audience) where TRSACryptographer : IRSACryptographer
+            => cryptographers.Where(c => c.Issuer == issuer && c.Audience == audience).SingleOrDefault()
+            ?? throw new InvalidOperationException($"No {typeof(TRSACryptographer).GetType().Name.TrimStart('I')} found with Issuer: {issuer} and Audience: {audience}.");
+
+        public static bool TryGet<TRSACryptographer>(this IEnumerable<TRSACryptographer> cryptographers, string issuer, string audience, out TRSACryptographer? cryptographer) where TRSACryptographer : IRSACryptographer
+        {
+            cryptographer = cryptographers.SingleOrDefault(c => c.Issuer == issuer && c.Audience == audience);
+            return cryptographer is not null;
+        }
+    }
+}

DigitalData.Core.Abstractions/Security/IAsymCryptService.cs

@@ -1,9 +1,9 @@
 namespace DigitalData.Core.Abstractions.Security
 {
     public interface IAsymCryptService<TParams> : IRSAFactory<TParams>
-    {        
+    {
-         IRSADecryptor this[string key] { get; }
+        public IEnumerable<IRSADecryptor> Decryptors { get; }
 
-        bool TryGetRSADecryptor(string key, out IRSADecryptor? decryptor);
+        public IEnumerable<IRSAEncryptor> Encryptors { get; }
     }
 }

DigitalData.Core.Abstractions/Security/IRSACryptographer.cs

@@ -7,5 +7,9 @@ namespace DigitalData.Core.Abstractions.Security
         public string Pem { get; init; }
 
         public RSAEncryptionPadding Padding { get; init; }
+
+        public string? Issuer { get; init; }
+
+        public string? Audience { get; init; }
     }
 }

DigitalData.Core.Security/AsymCryptParams.cs

@@ -1,7 +0,0 @@
-namespace DigitalData.Core.Security
-{
-    public class AsymCryptParams : RSAFactoryParams
-    {
-        public IEnumerable<ReadOrCreateDirectory> ReadOrCreateDirs { get; init; } = new List<ReadOrCreateDirectory>();
-    }
-}

DigitalData.Core.Security/AsymCryptService.cs

@@ -1,4 +1,6 @@
 using DigitalData.Core.Abstractions.Security;
+using DigitalData.Core.Security.Config;
+using DigitalData.Core.Security.Cryptographer;
 using Microsoft.Extensions.Logging;
 using Microsoft.Extensions.Options;
 
@@ -6,16 +8,13 @@ namespace DigitalData.Core.Security
 {
     public class AsymCryptService<TAsymCryptParams> : RSAFactory<TAsymCryptParams>, IAsymCryptService<TAsymCryptParams>, IRSAFactory<TAsymCryptParams> where TAsymCryptParams : AsymCryptParams
     {
-        private readonly Dictionary<string, IRSADecryptor> _decryptors;
+        public IEnumerable<IRSADecryptor> Decryptors => _params.Decryptors;
 
-        public IRSADecryptor this[string key] { get => _decryptors[key]; set => _decryptors[key] = value; }
+        public IEnumerable<IRSAEncryptor> Encryptors => _params.Encryptors;
 
         public AsymCryptService(IOptions<TAsymCryptParams> options, ILogger<AsymCryptService<TAsymCryptParams>>? logger = null) : base(options)
         {
-            _decryptors = new();
             logger?.LogInformation("Core.Secrets version: {Version}, Created on: {CreationDate}.", Secrets.Version, Secrets.CreationDate.ToString("dd.MM.yyyy"));
         }
-
-        public bool TryGetRSADecryptor(string key, out IRSADecryptor? decryptor) => _decryptors.TryGetValue(key, out decryptor);
     }
 }

DigitalData.Core.Security/Config/AsymCryptParams.cs

@@ -0,0 +1,11 @@
+using DigitalData.Core.Abstractions.Security;
+
+namespace DigitalData.Core.Security.Config
+{
+    public class AsymCryptParams : RSAFactoryParams
+    {
+        public IEnumerable<IRSADecryptor> Decryptors { get; init; } = new List<IRSADecryptor>();
+
+        public IEnumerable<IRSAEncryptor> Encryptors { get; init; } = new List<IRSAEncryptor>();
+    }
+}

DigitalData.Core.Security/Config/RSAFactoryParams.cs

@@ -0,0 +1,27 @@
+using System.Security.Cryptography;
+using System.Text.Json.Serialization;
+
+namespace DigitalData.Core.Security.Config
+{
+    public class RSAFactoryParams : IJsonOnDeserialized
+    {
+        public int KeySizeInBits { get; init; } = 2048;
+
+        public string PbePassword { internal get; init; } = Secrets.PBE_PASSWORD;
+
+        public PbeEncryptionAlgorithm PbeEncryptionAlgorithm { get; init; } = PbeEncryptionAlgorithm.Aes256Cbc;
+
+        public HashAlgorithmName PbeHashAlgorithmName { get; init; } = HashAlgorithmName.SHA256;
+
+        public int PbeIterationCount { get; init; } = 100_000;
+
+        public string EncryptedPrivateKeyPemLabel { get; init; } = "ENCRYPTED PRIVATE KEY";
+
+        private PbeParameters? _pbeParameters;
+
+        [JsonIgnore]
+        public PbeParameters PbeParameters => _pbeParameters!;
+
+        public void OnDeserialized() => _pbeParameters = new PbeParameters(PbeEncryptionAlgorithm, PbeHashAlgorithmName, PbeIterationCount);
+    }
+}

DigitalData.Core.Security/Cryptographer/RSACryptographer.cs

@@ -0,0 +1,20 @@
+using DigitalData.Core.Abstractions.Security;
+using System.Security.Cryptography;
+
+namespace DigitalData.Core.Security.Cryptographer
+{
+    public class RSACryptographer : IRSACryptographer
+    {
+        public required virtual string Pem { get; init; }
+
+        public RSAEncryptionPadding Padding { get; init; } = RSAEncryptionPadding.OaepSHA256;
+
+        protected virtual RSA RSA { get; } = RSA.Create();
+
+        public string? Issuer { get; init; }
+
+        public string? Audience { get; init; }
+
+        internal RSACryptographer() { }
+    }
+}

DigitalData.Core.Security/Cryptographer/RSADecryptor.cs

@@ -2,7 +2,7 @@
 using DigitalData.Core.Security.Extensions;
 using System.Security.Cryptography;
 
-namespace DigitalData.Core.Security
+namespace DigitalData.Core.Security.Cryptographer
 {
     public class RSADecryptor : RSACryptographer, IRSADecryptor, IRSACryptographer
     {
@@ -31,7 +31,7 @@ namespace DigitalData.Core.Security
 
         protected override RSA RSA => lazyRSA.Value;
 
-        public RSADecryptor() 
+        public RSADecryptor()
         {
             _lazyEncryptor = new(() => new RSAEncryptor()
             {
@@ -50,7 +50,7 @@ namespace DigitalData.Core.Security
                 return rsa;
             });
         }
-        
+
         public byte[] Decrypt(byte[] data) => RSA.Decrypt(data, Padding);
 
         public string Decrypt(string data) => RSA.Decrypt(data.Base64ToByte(), Padding).BytesToString();

DigitalData.Core.Security/Cryptographer/RSAEncryptor.cs

@@ -1,13 +1,13 @@
 using DigitalData.Core.Abstractions.Security;
 using DigitalData.Core.Security.Extensions;
 
-namespace DigitalData.Core.Security
+namespace DigitalData.Core.Security.Cryptographer
 {
     public class RSAEncryptor : RSACryptographer, IRSAEncryptor, IRSACryptographer
     {
         public override required string Pem
-        { 
+        {
-            get => base.Pem;            
+            get => base.Pem;
             init
             {
                 RSA.ImportFromPem(base.Pem);

DigitalData.Core.Security/Cryptographer/RSAFactory.cs

@@ -1,8 +1,9 @@
 using DigitalData.Core.Abstractions.Security;
+using DigitalData.Core.Security.Config;
 using Microsoft.Extensions.Options;
 using System.Security.Cryptography;
 
-namespace DigitalData.Core.Security
+namespace DigitalData.Core.Security.Cryptographer
 {
     public class RSAFactory<TRSAFactoryParams> : IRSAFactory<TRSAFactoryParams> where TRSAFactoryParams : RSAFactoryParams
     {
@@ -11,7 +12,7 @@ namespace DigitalData.Core.Security
         public static RSAFactory<RSAFactoryParams> Static => LazyInstance.Value;
 
         protected readonly TRSAFactoryParams _params;
-        
+
         public RSAFactory(IOptions<TRSAFactoryParams> options) => _params = options.Value;
 
         public string CreateRSAPrivateKeyPem(int? keySizeInBits = null)
@@ -26,13 +27,13 @@ namespace DigitalData.Core.Security
         {
             password ??= _params.PbePassword;
 
-            var pbeParameters = (pbeEncryptionAlgorithm is null && hashAlgorithmName is null && iterationCount is null)
+            var pbeParameters = pbeEncryptionAlgorithm is null && hashAlgorithmName is null && iterationCount is null
                 ? new PbeParameters(
                     pbeEncryptionAlgorithm ?? _params.PbeEncryptionAlgorithm,
                     hashAlgorithmName ?? _params.PbeHashAlgorithmName,
                     iterationCount ?? _params.PbeIterationCount)
                 : _params.PbeParameters;
-            
+
             var encryptedPrivateKey = RSA.Create(keySizeInBits ?? _params.KeySizeInBits).ExportEncryptedPkcs8PrivateKey(password.AsSpan(), pbeParameters);
 
             var pemChars = PemEncoding.Write(_params.EncryptedPrivateKeyPemLabel, encryptedPrivateKey);
@@ -46,7 +47,7 @@ namespace DigitalData.Core.Security
 
             (string Value, Version Version)? versionedPassword = null;
 
-            if(version is not null)
+            if (version is not null)
             {
                 if (version != Secrets.Version)
                     throw new InvalidOperationException($"The provided version {version} does not match the expected version {Secrets.Version}.");

DigitalData.Core.Security/CryptographicKeyType.cs

@@ -1,12 +0,0 @@
-namespace DigitalData.Core.Security
-{
-    namespace DigitalData.Core.Security
-    {
-        public enum CryptographicKeyType
-        {
-            PrivateKey,
-            EncryptedPrivateKey,
-            PublicKey
-        }
-    }
-}

DigitalData.Core.Security/DIExtensions.cs

@@ -1,13 +1,27 @@
 using DigitalData.Core.Abstractions.Security;
+using DigitalData.Core.Security.Config;
+using DigitalData.Core.Security.Cryptographer;
 using Microsoft.Extensions.Configuration;
 using Microsoft.Extensions.DependencyInjection;
 using Microsoft.Extensions.DependencyInjection.Extensions;
 using Microsoft.Extensions.Options;
+using System.Text.Json;
+using System.Text.Json.Serialization;
 
 namespace DigitalData.Core.Security
 {
     public static class DIExtensions
     {
+        public static JsonSerializerOptions AddCryptographerConverter(this JsonSerializerOptions options)
+        {
+            if (!options.Converters.OfType<HashAlgorithmNameConverter>().Any())
+                options.Converters.Add(new HashAlgorithmNameConverter());
+
+            if (!options.Converters.OfType<JsonStringEnumConverter>().Any())
+                options.Converters.Add(new JsonStringEnumConverter());
+            return options;
+        }
+
         private static IServiceCollection AddAsymCryptService<TAsymCryptParams>(this IServiceCollection services)
             where TAsymCryptParams : AsymCryptParams
         {

DigitalData.Core.Security/HashAlgorithmNameConverter.cs

@@ -0,0 +1,13 @@
+using System.Security.Cryptography;
+using System.Text.Json.Serialization;
+using System.Text.Json;
+
+namespace DigitalData.Core.Security
+{
+    public class HashAlgorithmNameConverter : JsonConverter<HashAlgorithmName>
+    {
+        public override HashAlgorithmName Read(ref Utf8JsonReader reader, Type typeToConvert, JsonSerializerOptions options) => new(reader.GetString() ?? string.Empty);
+
+        public override void Write(Utf8JsonWriter writer, HashAlgorithmName value, JsonSerializerOptions options) => writer.WriteStringValue(value.Name);
+    }
+}

DigitalData.Core.Security/RSACryptographer.cs

@@ -1,50 +0,0 @@
-using DigitalData.Core.Abstractions.Security;
-using System.Security.Cryptography;
-using System.Text.Json;
-
-namespace DigitalData.Core.Security
-{
-    public class RSACryptographer : IRSACryptographer
-    {
-        public required virtual string Pem { get; init; }
-
-        public RSAEncryptionPadding Padding { get; init; } = RSAEncryptionPadding.OaepSHA256;
-
-        protected virtual RSA RSA { get; } = RSA.Create();
-
-        public string? Issuer { get; init; }
-
-        public string? Audience { get; init; }
-
-        private DateOnly? _expiration;
-
-        public DateOnly? Expiration
-        {
-            get => _expiration;
-            init
-            {
-                
-                if (value <= DateOnly.FromDateTime(DateTime.Now))
-                    throw new InvalidOperationException($"Cryptographer expiration date has already passed. Cryptographer: {JsonSerializer.Serialize(this)}");
-
-                _expiration = value;
-            }
-        }
-
-        private Version? _version;
-
-        public Version? Version
-        {
-            get => _version;
-            init
-            {
-                if (value != Secrets.Version)
-                    throw new InvalidOperationException($"Cryptographer version ({value}) does not match the expected version ({Secrets.Version}). Cryptographer: {JsonSerializer.Serialize(this)}");
-
-                _version = value;
-            }
-        }
-
-        internal RSACryptographer() { }
-    }
-}

DigitalData.Core.Security/RSAFactoryParams.cs

@@ -1,34 +0,0 @@
-using System.Security.Cryptography;
-
-namespace DigitalData.Core.Security
-{
-    public class RSAFactoryParams
-    {
-        public string EncryptedPrivateKeyFileTag { get; init; } = "enc-private";
-
-        public string PrivateKeyFileTag { get; init; } = "private";
-
-        public string PublicKeyFileTag { get; init; } = "public";
-
-        public string RSAKeyNameSeparator { get; init; } = "-_-";
-
-        public int KeySizeInBits { get; init; } = 2048;
-
-        public string PbePassword { internal get; init; } = Secrets.PBE_PASSWORD;
-
-        public PbeEncryptionAlgorithm PbeEncryptionAlgorithm { get; init; } = PbeEncryptionAlgorithm.Aes256Cbc;
-
-        public HashAlgorithmName PbeHashAlgorithmName { get; init; } = HashAlgorithmName.SHA256;
-
-        public int PbeIterationCount { get; init; } = 100_000;
-
-        public string EncryptedPrivateKeyPemLabel { get; init; } = "ENCRYPTED PRIVATE KEY";
-
-        private readonly Lazy<PbeParameters> _lazyPbeParameters;
-
-        public PbeParameters PbeParameters => _lazyPbeParameters.Value;
-
-        public RSAFactoryParams()
-            => _lazyPbeParameters = new(() => new PbeParameters(PbeEncryptionAlgorithm, PbeHashAlgorithmName, PbeIterationCount));
-    }
-}

DigitalData.Core.Security/ReadOrCreateDirectory.cs

@@ -1,9 +0,0 @@
-namespace DigitalData.Core.Security
-{
-    public class ReadOrCreateDirectory
-    {
-        public required string Dir { get; init; }
-
-        public IEnumerable<string> ReadOrCreateFiles { get; init; } = new List<string>();
-    }
-}