7048f385ef
- Hinzugefügt: Eigenschaften KeySizeInBits, Password, PbeEncryptionAlgorithm, PbeHashAlgorithmName, PbeIterationCount und EncryptedPrivateKeyPemLabel zur Unterstützung der Konfiguration von RSA-Schlüsselerzeugung und Verschlüsselung in der CryptFactory. - Hinzugefügt: Methoden CreateRSAPrivateKeyPem und CreateEncryptedPrivateKeyPem zur Erstellung von RSA-Privatschlüsseln und verschlüsselten Private-Key-PEMs. - Geändert: ICryptFactory-Schnittstelle um neue Eigenschaften und Methoden erweitert.
59 lines
2.3 KiB
C#
59 lines
2.3 KiB
C#
using DigitalData.Core.Abstractions.Security;
|
|
using System.Security.Cryptography;
|
|
|
|
namespace DigitalData.Core.Security
|
|
{
|
|
public class CryptFactory : ICryptFactory
|
|
{
|
|
private static readonly Lazy<CryptFactory> LazyInstance = new (() => new ());
|
|
|
|
public static CryptFactory Instance => LazyInstance.Value;
|
|
|
|
public int KeySizeInBits { get; init; } = 2048;
|
|
|
|
public string Password { get; init; }
|
|
|
|
public PbeEncryptionAlgorithm PbeEncryptionAlgorithm { get; init; } = PbeEncryptionAlgorithm.Aes256Cbc;
|
|
|
|
public HashAlgorithmName PbeHashAlgorithmName { get; init; } = HashAlgorithmName.SHA256;
|
|
|
|
public int PbeIterationCount { get; init; } = 100_000;
|
|
|
|
private readonly Lazy<PbeParameters> _lazyPbeParameters;
|
|
|
|
public PbeParameters PbeParameters => _lazyPbeParameters.Value;
|
|
|
|
public string EncryptedPrivateKeyPemLabel { get; init; } = "ENCRYPTED PRIVATE KEY";
|
|
|
|
public CryptFactory()
|
|
{
|
|
_lazyPbeParameters = new(() => new PbeParameters(PbeEncryptionAlgorithm, PbeHashAlgorithmName, PbeIterationCount));
|
|
}
|
|
|
|
public string CreateRSAPrivateKeyPem(int? keySizeInBits = null)
|
|
=> RSA.Create(keySizeInBits ?? KeySizeInBits).ExportRSAPrivateKeyPem();
|
|
|
|
public string CreateEncryptedPrivateKeyPem(
|
|
int? keySizeInBits = null,
|
|
string? password = null,
|
|
PbeEncryptionAlgorithm? pbeEncryptionAlgorithm = null,
|
|
HashAlgorithmName? hashAlgorithmName = null,
|
|
int? iterationCount = null)
|
|
{
|
|
password ??= Password;
|
|
|
|
var pbeParameters = (pbeEncryptionAlgorithm is null && hashAlgorithmName is null && iterationCount is null)
|
|
? new PbeParameters(
|
|
pbeEncryptionAlgorithm ?? PbeEncryptionAlgorithm,
|
|
hashAlgorithmName ?? PbeHashAlgorithmName,
|
|
iterationCount ?? PbeIterationCount)
|
|
: PbeParameters;
|
|
|
|
var encryptedPrivateKey = RSA.Create(keySizeInBits ?? KeySizeInBits).ExportEncryptedPkcs8PrivateKey(password.AsSpan(), pbeParameters);
|
|
|
|
var pemChars = PemEncoding.Write(EncryptedPrivateKeyPemLabel, encryptedPrivateKey);
|
|
|
|
return new string(pemChars);
|
|
}
|
|
}
|
|
} |