Ejemplo n.º 1
0
        public async Task <IKeyInfo> GenerateAsync(GenerateKeyRequest request)
        {
            Ensure.NotNull(request, nameof(request));

            var aes = Aes.Create();

            aes.KeySize = 256;
            aes.GenerateKey();

            var masterKey = await protectorProvider.GetAsync(masterKeyId.ToString(), request.Aad);

            var ciphertext = await masterKey.EncryptAsync(aes.Key);

            Uid id = Guid.NewGuid();

            var key = new KeyInfo(
                id: id,
                ownerId: request.OwnerId,
                name: request.Name ?? id.ToString(),
                kekId: masterKeyId,
                format: KeyDataFormat.AwsKmsEncryptedData,
                data: ciphertext,
                activated: DateTime.UtcNow.AddMinutes(-5),
                type: request.Type,
                aad: ToJson(request.Aad)
                );

            await keyStore.CreateAsync(key);

            return(key);
        }