DigitalData.Core/DigitalData.Core.Abstractions/Security/IAsymCryptService.cs

using System.Security.Cryptography;

namespace DigitalData.Core.Abstractions.Security
{
    public interface IAsymCryptService
    {
        int KeySizeInBits { get; init; }

        string PbePassword { init; }

        PbeEncryptionAlgorithm PbeEncryptionAlgorithm { get; init; }

        HashAlgorithmName PbeHashAlgorithmName { get; init; }

        int PbeIterationCount { get; init; }

        PbeParameters PbeParameters { get; }

        string EncryptedPrivateKeyPemLabel { get; init; }

        /// <summary>
        /// Gets the formatter function for generating RSA key names.
        /// This formatter takes an issuer, audience, isPrivate, and optional version and separator
        /// to produce a formatted string used for the key naming convention.
        /// </summary>
        /// <param name="issuer">A string representing the issuer of the key. It should not contain invalid file name characters or the separator.</param>
        /// <param name="audience">A string representing the audience for which the key is intended. It should not contain invalid file name characters or the separator.</param>
        /// <param name="isPrivate">An bool to check if the key is private.</param>
        /// <param name="version">An instance of the <see cref="Version?"/> interface, which is used to keep the version of Pbe password.</param>
        /// <param name="separator">An optional string separator used to separate the issuer and audience. The default is "-_-". It should not be included in the issuer or audience strings.</param>
        /// <returns>A formatted string combining the issuer, audience, and separator, which adheres to valid file naming rules.</returns>
        /// <exception cref="ArgumentException">Thrown when the issuer, audience, or separator contains invalid characters or when the separator is present within the issuer or audience.</exception>
        Func<string, string, bool, Version?, string?, string> RSAKeyNameFormatter { get; }

        string CreateRSAPrivateKeyPem(int? keySizeInBits = null);

        string CreateEncryptedPrivateKeyPem(
            int? keySizeInBits = null,
            string? password = null,
            PbeEncryptionAlgorithm? pbeEncryptionAlgorithm = null,
            HashAlgorithmName? hashAlgorithmName = null,
            int? iterationCount = null);
        
        IRSADecryptor this[string key] { get; }

        bool TryGetRSADecryptor(string key, out IRSADecryptor? decryptor);
    }
}