#pragma warning restore CA2227 // Collection properties should be read only
internal static async Task <EncryptionData> CreateInternalV1_0(
byte[] contentEncryptionIv,
string keyWrapAlgorithm,
byte[] contentEncryptionKey,
IKeyEncryptionKey keyEncryptionKey,
bool async,
CancellationToken cancellationToken)
=> new EncryptionData()
{
EncryptionMode = Constants.ClientSideEncryption.EncryptionMode,
ContentEncryptionIV = contentEncryptionIv,
EncryptionAgent = new EncryptionAgent()
{
EncryptionAlgorithm = ClientSideEncryptionAlgorithm.AesCbc256,
EncryptionVersion = ClientSideEncryptionVersion.V1_0
},
KeyWrappingMetadata = new Dictionary <string, string>()
{
{ Constants.ClientSideEncryption.AgentMetadataKey, AgentString }
},
WrappedContentKey = new KeyEnvelope()
{
Algorithm = keyWrapAlgorithm,
EncryptedKey = async
? await keyEncryptionKey.WrapKeyAsync(keyWrapAlgorithm, contentEncryptionKey, cancellationToken).ConfigureAwait(false)
: keyEncryptionKey.WrapKey(keyWrapAlgorithm, contentEncryptionKey, cancellationToken),
KeyId = keyEncryptionKey.KeyId
}
};
private static async Task <byte[]> WrapKeyInternal(ReadOnlyMemory <byte> contentEncryptionKey, string keyWrapAlgorithm, IKeyEncryptionKey key, bool async, CancellationToken cancellationToken)
{
return(async
? await key.WrapKeyAsync(
keyWrapAlgorithm,
contentEncryptionKey,
cancellationToken).ConfigureAwait(false)
: key.UnwrapKey(
keyWrapAlgorithm,
contentEncryptionKey,
cancellationToken));
}
internal static async Task <EncryptionData> CreateInternalV2_0(
string keyWrapAlgorithm,
byte[] contentEncryptionKey,
IKeyEncryptionKey keyEncryptionKey,
bool async,
CancellationToken cancellationToken)
{
// v2.0 binds content encryption key with protocol version under a single keywrap
int keyOffset = Constants.ClientSideEncryption.V2.WrappedDataVersionLength;
var dataToWrap = new byte[keyOffset + contentEncryptionKey.Length];
Encoding.UTF8.GetBytes(ClientSideEncryptionVersion.V2_0.Serialize()).CopyTo(dataToWrap, 0);
contentEncryptionKey.CopyTo(dataToWrap, keyOffset);
return(new EncryptionData()
{
EncryptionMode = Constants.ClientSideEncryption.EncryptionMode,
EncryptionAgent = new EncryptionAgent()
{
EncryptionAlgorithm = ClientSideEncryptionAlgorithm.AesGcm256,
EncryptionVersion = ClientSideEncryptionVersion.V2_0
},
EncryptedRegionInfo = new EncryptedRegionInfo()
{
DataLength = Constants.ClientSideEncryption.V2.EncryptionRegionDataSize,
NonceLength = Constants.ClientSideEncryption.V2.NonceSize,
},
KeyWrappingMetadata = new Dictionary <string, string>()
{
{ Constants.ClientSideEncryption.AgentMetadataKey, AgentString }
},
WrappedContentKey = new KeyEnvelope()
{
Algorithm = keyWrapAlgorithm,
EncryptedKey = async
? await keyEncryptionKey.WrapKeyAsync(keyWrapAlgorithm, dataToWrap, cancellationToken).ConfigureAwait(false)
: keyEncryptionKey.WrapKey(keyWrapAlgorithm, dataToWrap, cancellationToken),
KeyId = keyEncryptionKey.KeyId
}
});
}