/// <summary>
/// Imports the <see cref="AuthenticatedEncryptorDescriptor"/> from serialized XML.
/// </summary>
public IAuthenticatedEncryptorDescriptor ImportFromXml(XElement element)
{
if (element == null)
{
throw new ArgumentNullException(nameof(element));
}
// <descriptor>
// <encryption algorithm="..." />
// <validation algorithm="..." /> <!-- only if not GCM -->
// <masterKey requiresEncryption="true">...</masterKey>
// </descriptor>
var options = new AuthenticatedEncryptionOptions();
var encryptionElement = element.Element("encryption");
options.EncryptionAlgorithm = (EncryptionAlgorithm)Enum.Parse(typeof(EncryptionAlgorithm), (string)encryptionElement.Attribute("algorithm"));
// only read <validation> if not GCM
if (!AuthenticatedEncryptionOptions.IsGcmAlgorithm(options.EncryptionAlgorithm))
{
var validationElement = element.Element("validation");
options.ValidationAlgorithm = (ValidationAlgorithm)Enum.Parse(typeof(ValidationAlgorithm), (string)validationElement.Attribute("algorithm"));
}
Secret masterKey = ((string)element.Elements("masterKey").Single()).ToSecret();
return(new AuthenticatedEncryptorDescriptor(options, masterKey, _services));
}
public XmlSerializedDescriptorInfo ExportToXml()
{
// <descriptor>
// <encryption algorithm="..." />
// <validation algorithm="..." /> <!-- only if not GCM -->
// <masterKey requiresEncryption="true">...</masterKey>
// </descriptor>
var encryptionElement = new XElement("encryption",
new XAttribute("algorithm", Options.EncryptionAlgorithm));
var validationElement = (AuthenticatedEncryptionOptions.IsGcmAlgorithm(Options.EncryptionAlgorithm))
? (object)new XComment(" AES-GCM includes a 128-bit authentication tag, no extra validation algorithm required. ")
: (object)new XElement("validation",
new XAttribute("algorithm", Options.ValidationAlgorithm));
var outerElement = new XElement("descriptor",
encryptionElement,
validationElement,
MasterKey.ToMasterKeyElement());
return(new XmlSerializedDescriptorInfo(outerElement, typeof(AuthenticatedEncryptorDescriptorDeserializer)));
}