Ejemplo n.º 1
0
        public void expiration_should_be_greater_than_zero()
        {
            {
                var subject = new KeyManagementOptions
                {
                    KeyActivationDelay = TimeSpan.FromMinutes(1),
                    KeyExpiration      = TimeSpan.FromMinutes(0),
                    KeyRetirement      = TimeSpan.FromMinutes(3)
                };

                Action a = () => subject.Validate();
                a.Should().Throw <Exception>();
            }
            {
                var subject = new KeyManagementOptions
                {
                    KeyActivationDelay = TimeSpan.FromMinutes(1),
                    KeyExpiration      = -TimeSpan.FromMinutes(1),
                    KeyRetirement      = TimeSpan.FromMinutes(3)
                };

                Action a = () => subject.Validate();
                a.Should().Throw <Exception>();
            }
        }
Ejemplo n.º 2
0
    public void expiration_should_be_greater_than_zero()
    {
        {
            var subject = new KeyManagementOptions
            {
                PropagationTime   = TimeSpan.FromMinutes(1),
                RotationInterval  = TimeSpan.FromMinutes(0),
                RetentionDuration = TimeSpan.FromMinutes(3)
            };

            Action a = () => subject.Validate();
            a.Should().Throw <Exception>();
        }
        {
            var subject = new KeyManagementOptions
            {
                PropagationTime   = TimeSpan.FromMinutes(1),
                RotationInterval  = -TimeSpan.FromMinutes(1),
                RetentionDuration = TimeSpan.FromMinutes(2)
            };

            Action a = () => subject.Validate();
            a.Should().Throw <Exception>();
        }
    }
        public void Configure_WithRegistryPolicyResolver_SetsValuesFromResolver()
        {
            // Arrange
            var registryEntries = new Dictionary <string, object>()
            {
                ["KeyEscrowSinks"]     = String.Join(" ;; ; ", new Type[] { typeof(MyKeyEscrowSink1), typeof(MyKeyEscrowSink2) }.Select(t => t.AssemblyQualifiedName)),
                ["EncryptionType"]     = "managed",
                ["DefaultKeyLifetime"] = 1024 // days
            };
            var options = new KeyManagementOptions()
            {
                AuthenticatedEncryptorConfiguration = null
            };

            // Act
            RunTest(registryEntries, options);

            // Assert
            Assert.Collection(
                options.KeyEscrowSinks,
                k => Assert.IsType <MyKeyEscrowSink1>(k),
                k => Assert.IsType <MyKeyEscrowSink2>(k));
            Assert.Equal(TimeSpan.FromDays(1024), options.NewKeyLifetime);
            Assert.NotNull(options.AuthenticatedEncryptorConfiguration);
            Assert.IsType <ManagedAuthenticatedEncryptorConfiguration>(options.AuthenticatedEncryptorConfiguration);
            Assert.Collection(
                options.AuthenticatedEncryptorFactories,
                f => Assert.IsType <CngGcmAuthenticatedEncryptorFactory>(f),
                f => Assert.IsType <CngCbcAuthenticatedEncryptorFactory>(f),
                f => Assert.IsType <ManagedAuthenticatedEncryptorFactory>(f),
                f => Assert.IsType <AuthenticatedEncryptorFactory>(f));
        }
        public void ExpectBuilderAdditions(bool withClient)
        {
            var services = new List <ServiceDescriptor>();

            builder.Setup(x => x.Services).Returns(svcCollection.Object);
            svcCollection.Setup(x => x.GetEnumerator()).Returns(() => services.GetEnumerator());
            svcCollection.Setup(x => x.Add(It.IsAny <ServiceDescriptor>()))
            .Callback <ServiceDescriptor>(sd => { services.Add(sd); });

            var config = new KmsXmlEncryptorConfig("keyId");

            // Repeat call to ensure cumulative calls work
            if (withClient)
            {
                builder.Object.ProtectKeysWithAwsKms(client.Object, config);
                builder.Object.ProtectKeysWithAwsKms(client.Object, config);
            }
            else
            {
                builder.Object.ProtectKeysWithAwsKms(config);
                builder.Object.ProtectKeysWithAwsKms(config);
            }

            Assert.Equal(withClient ? 1 : 0, services.Count(x => x.ServiceType == typeof(IAmazonKeyManagementService)));

            // IConfigureOptions is designed & expected to be present multiple times, so expect two after two calls
            Assert.Equal(2, services.Count(x => x.ServiceType == typeof(IConfigureOptions <KeyManagementOptions>)));
            Assert.Equal(2, services.Count(x => x.ServiceType == typeof(IConfigureOptions <KmsXmlEncryptorConfig>)));

            Assert.Equal(ServiceLifetime.Singleton, services.First(x => x.ServiceType == typeof(IConfigureOptions <KeyManagementOptions>)).Lifetime);
            Assert.Equal(ServiceLifetime.Singleton, services.First(x => x.ServiceType == typeof(IConfigureOptions <KmsXmlEncryptorConfig>)).Lifetime);

            provider.Setup(x => x.GetService(typeof(IAmazonKeyManagementService))).Returns(client.Object);
            if (withClient)
            {
                Assert.Equal(ServiceLifetime.Singleton, services.Single(x => x.ServiceType == typeof(IAmazonKeyManagementService)).Lifetime);
                Assert.Same(client.Object, services.Single(x => x.ServiceType == typeof(IAmazonKeyManagementService)).ImplementationInstance);
            }
            // Ensure we run equivalent config for the actual configuration object
            var configureObject = services.First(x => x.ServiceType == typeof(IConfigureOptions <KmsXmlEncryptorConfig>)).ImplementationInstance;
            var optionsObject   = new KmsXmlEncryptorConfig();

            ((IConfigureOptions <KmsXmlEncryptorConfig>)configureObject).Configure(optionsObject);

            provider.Setup(x => x.GetService(typeof(ILoggerFactory))).Returns(loggerFactory.Object);
            provider.Setup(x => x.GetService(typeof(IOptions <KmsXmlEncryptorConfig>))).Returns(snapshot.Object);
            provider.Setup(x => x.GetService(typeof(IOptions <DataProtectionOptions>))).Returns(dpSnapshot.Object);
            loggerFactory.Setup(x => x.CreateLogger(typeof(KmsXmlEncryptor).FullName)).Returns(repository.Create <ILogger <KmsXmlEncryptor> >().Object);
            snapshot.Setup(x => x.Value).Returns(optionsObject);
            var dbOptions = new DataProtectionOptions();

            dpSnapshot.Setup(x => x.Value).Returns(dbOptions);

            var configure = services.First(x => x.ServiceType == typeof(IConfigureOptions <KeyManagementOptions>)).ImplementationFactory(provider.Object);
            var options   = new KeyManagementOptions();

            ((IConfigureOptions <KeyManagementOptions>)configure).Configure(options);
            Assert.IsType <KmsXmlEncryptor>(options.XmlEncryptor);
        }
Ejemplo n.º 5
0
    private static ICacheableKeyRingProvider SetupCreateCacheableKeyRingTestAndCreateKeyManager(
        IList <string> callSequence,
        IEnumerable <CancellationToken> getCacheExpirationTokenReturnValues,
        IEnumerable <IReadOnlyCollection <IKey> > getAllKeysReturnValues,
        IEnumerable <Tuple <DateTimeOffset, DateTimeOffset, IKey> > createNewKeyCallbacks,
        IEnumerable <Tuple <DateTimeOffset, IEnumerable <IKey>, DefaultKeyResolution> > resolveDefaultKeyPolicyReturnValues,
        KeyManagementOptions keyManagementOptions = null)
    {
        var getCacheExpirationTokenReturnValuesEnumerator = getCacheExpirationTokenReturnValues.GetEnumerator();
        var mockKeyManager = new Mock <IKeyManager>(MockBehavior.Strict);

        mockKeyManager.Setup(o => o.GetCacheExpirationToken())
        .Returns(() =>
        {
            callSequence.Add("GetCacheExpirationToken");
            getCacheExpirationTokenReturnValuesEnumerator.MoveNext();
            return(getCacheExpirationTokenReturnValuesEnumerator.Current);
        });

        var getAllKeysReturnValuesEnumerator = getAllKeysReturnValues.GetEnumerator();

        mockKeyManager.Setup(o => o.GetAllKeys())
        .Returns(() =>
        {
            callSequence.Add("GetAllKeys");
            getAllKeysReturnValuesEnumerator.MoveNext();
            return(getAllKeysReturnValuesEnumerator.Current);
        });

        if (createNewKeyCallbacks != null)
        {
            var createNewKeyCallbacksEnumerator = createNewKeyCallbacks.GetEnumerator();
            mockKeyManager.Setup(o => o.CreateNewKey(It.IsAny <DateTimeOffset>(), It.IsAny <DateTimeOffset>()))
            .Returns <DateTimeOffset, DateTimeOffset>((activationDate, expirationDate) =>
            {
                callSequence.Add("CreateNewKey");
                createNewKeyCallbacksEnumerator.MoveNext();
                Assert.Equal(createNewKeyCallbacksEnumerator.Current.Item1, activationDate);
                Assert.Equal(createNewKeyCallbacksEnumerator.Current.Item2, expirationDate);
                return(createNewKeyCallbacksEnumerator.Current.Item3);
            });
        }

        var resolveDefaultKeyPolicyReturnValuesEnumerator = resolveDefaultKeyPolicyReturnValues.GetEnumerator();
        var mockDefaultKeyResolver = new Mock <IDefaultKeyResolver>(MockBehavior.Strict);

        mockDefaultKeyResolver.Setup(o => o.ResolveDefaultKeyPolicy(It.IsAny <DateTimeOffset>(), It.IsAny <IEnumerable <IKey> >()))
        .Returns <DateTimeOffset, IEnumerable <IKey> >((now, allKeys) =>
        {
            callSequence.Add("ResolveDefaultKeyPolicy");
            resolveDefaultKeyPolicyReturnValuesEnumerator.MoveNext();
            Assert.Equal(resolveDefaultKeyPolicyReturnValuesEnumerator.Current.Item1, now);
            Assert.Equal(resolveDefaultKeyPolicyReturnValuesEnumerator.Current.Item2, allKeys);
            return(resolveDefaultKeyPolicyReturnValuesEnumerator.Current.Item3);
        });

        return(CreateKeyRingProvider(mockKeyManager.Object, mockDefaultKeyResolver.Object, keyManagementOptions));
    }
Ejemplo n.º 6
0
        public void ExpectBuilderAdditionsConfig(bool withClient)
        {
            var services = new List <ServiceDescriptor>();

            builder.Setup(x => x.Services).Returns(svcCollection.Object);
            svcCollection.Setup(x => x.GetEnumerator()).Returns(() => services.GetEnumerator());
            svcCollection.Setup(x => x.Add(It.IsAny <ServiceDescriptor>()))
            .Callback <ServiceDescriptor>(sd => { services.Add(sd); });

            // An empty collection seems to be enough to run what is eventually ConfigurationBinder.Bind, since there is no way to mock the options configure call
            // ReSharper disable once CollectionNeverUpdated.Local
            var configChildren = new List <IConfigurationSection>();
            Mock <IConfiguration> configMock = repository.Create <IConfiguration>();

            configMock.Setup(x => x.GetChildren()).Returns(configChildren);

            // Repeat call to ensure cumulative calls work
            if (withClient)
            {
                builder.Object.PersistKeysToAwsS3(client.Object, configMock.Object);
                builder.Object.PersistKeysToAwsS3(client.Object, configMock.Object);
            }
            else
            {
                builder.Object.PersistKeysToAwsS3(configMock.Object);
                builder.Object.PersistKeysToAwsS3(configMock.Object);
                provider.Setup(x => x.GetService(typeof(IAmazonS3))).Returns(client.Object);
            }

            Assert.Equal(1, services.Count(x => x.ServiceType == typeof(IMockingWrapper)));

            // IConfigureOptions is designed & expected to be present multiple times, so expect two after two calls
            Assert.Equal(2, services.Count(x => x.ServiceType == typeof(IConfigureOptions <KeyManagementOptions>)));
            Assert.Equal(2, services.Count(x => x.ServiceType == typeof(IConfigureOptions <S3XmlRepositoryConfig>)));

            Assert.Equal(ServiceLifetime.Singleton, services.Single(x => x.ServiceType == typeof(IMockingWrapper)).Lifetime);
            Assert.Equal(ServiceLifetime.Singleton, services.First(x => x.ServiceType == typeof(IConfigureOptions <KeyManagementOptions>)).Lifetime);
            Assert.Equal(ServiceLifetime.Singleton, services.First(x => x.ServiceType == typeof(IConfigureOptions <S3XmlRepositoryConfig>)).Lifetime);

            // Ensure we run equivalent config for the actual configuration object
            var configureObject = services.First(x => x.ServiceType == typeof(IConfigureOptions <S3XmlRepositoryConfig>)).ImplementationInstance;
            var optionsObject   = new S3XmlRepositoryConfig();

            ((IConfigureOptions <S3XmlRepositoryConfig>)configureObject).Configure(optionsObject);

            provider.Setup(x => x.GetService(typeof(ILoggerFactory))).Returns(loggerFactory.Object);
            provider.Setup(x => x.GetService(typeof(IOptions <S3XmlRepositoryConfig>))).Returns(snapshot.Object);
            loggerFactory.Setup(x => x.CreateLogger(typeof(S3XmlRepository).FullName)).Returns(repository.Create <ILogger <S3XmlRepository> >().Object);
            snapshot.Setup(x => x.Value).Returns(optionsObject);

            var configure = services.First(x => x.ServiceType == typeof(IConfigureOptions <KeyManagementOptions>)).ImplementationFactory(provider.Object);
            var options   = new KeyManagementOptions();

            ((IConfigureOptions <KeyManagementOptions>)configure).Configure(options);
            Assert.IsType <S3XmlRepository>(options.XmlRepository);
        }
Ejemplo n.º 7
0
    public void InitializationSynchronizationDelay_should_be_greater_than_or_equal_to_zero()
    {
        var subject = new KeyManagementOptions
        {
            InitializationSynchronizationDelay = -TimeSpan.FromMinutes(1),
        };

        Action a = () => subject.Validate();

        a.Should().Throw <Exception>();
    }
Ejemplo n.º 8
0
    public void keycacheduration_should_be_greater_than_or_equal_to_zero()
    {
        var subject = new KeyManagementOptions
        {
            KeyCacheDuration = -TimeSpan.FromMinutes(1),
        };

        Action a = () => subject.Validate();

        a.Should().Throw <Exception>();
    }
Ejemplo n.º 9
0
    public KeyRingProvider(
        IKeyManager keyManager,
        IOptions <KeyManagementOptions> keyManagementOptions,
        IDefaultKeyResolver defaultKeyResolver,
        ILoggerFactory loggerFactory)
    {
        _keyManagementOptions    = new KeyManagementOptions(keyManagementOptions.Value); // clone so new instance is immutable
        _keyManager              = keyManager;
        CacheableKeyRingProvider = this;
        _defaultKeyResolver      = defaultKeyResolver;
        _logger = loggerFactory.CreateLogger <KeyRingProvider>();

        // We will automatically refresh any unknown keys for 2 minutes see https://github.com/dotnet/aspnetcore/issues/3975
        AutoRefreshWindowEnd = DateTime.UtcNow.AddMinutes(2);
    }
        private static void RunTest(Dictionary <string, object> regValues, KeyManagementOptions options)
        {
            WithUniqueTempRegKey(registryKey =>
            {
                foreach (var entry in regValues)
                {
                    registryKey.SetValue(entry.Key, entry.Value);
                }

                var policyResolver = new RegistryPolicyResolver(
                    registryKey,
                    activator: SimpleActivator.DefaultWithoutServices);

                var setup = new KeyManagementOptionsSetup(NullLoggerFactory.Instance, policyResolver);

                setup.Configure(options);
            });
        }
Ejemplo n.º 11
0
    private static KeyRingProvider CreateKeyRingProvider(ICacheableKeyRingProvider cacheableKeyRingProvider)
    {
        var mockEncryptorFactory = new Mock <IAuthenticatedEncryptorFactory>();

        mockEncryptorFactory.Setup(m => m.CreateEncryptorInstance(It.IsAny <IKey>())).Returns(new Mock <IAuthenticatedEncryptor>().Object);
        var options = new KeyManagementOptions();

        options.AuthenticatedEncryptorFactories.Add(mockEncryptorFactory.Object);

        return(new KeyRingProvider(
                   keyManager: null,
                   keyManagementOptions: Options.Create(options),
                   defaultKeyResolver: null,
                   loggerFactory: NullLoggerFactory.Instance)
        {
            CacheableKeyRingProvider = cacheableKeyRingProvider
        });
    }
Ejemplo n.º 12
0
        /// <summary>
        /// Constructor for KeyManager
        /// </summary>
        /// <param name="options"></param>
        /// <param name="store"></param>
        /// <param name="cache"></param>
        /// <param name="protector"></param>
        /// <param name="clock"></param>
        /// <param name="newKeyLock"></param>
        /// <param name="logger"></param>
        /// <param name="httpContextAccessor"></param>
        public KeyManager(
            KeyManagementOptions options,
            ISigningKeyStore store,
            ISigningKeyStoreCache cache,
            ISigningKeyProtector protector,
            ISystemClock clock,
            INewKeyLock newKeyLock,
            ILogger <KeyManager> logger,
            IHttpContextAccessor httpContextAccessor = null)
        {
            options.Validate();

            _options             = options;
            _store               = store;
            _cache               = cache;
            _protector           = protector;
            _clock               = clock;
            _newKeyLock          = newKeyLock;
            _logger              = logger;
            _httpContextAccessor = httpContextAccessor;
        }
Ejemplo n.º 13
0
    // copy ctor
    internal KeyManagementOptions(KeyManagementOptions other)
    {
        if (other != null)
        {
            AutoGenerateKeys = other.AutoGenerateKeys;
            _newKeyLifetime  = other._newKeyLifetime;
            XmlEncryptor     = other.XmlEncryptor;
            XmlRepository    = other.XmlRepository;
            AuthenticatedEncryptorConfiguration = other.AuthenticatedEncryptorConfiguration;

            foreach (var keyEscrowSink in other.KeyEscrowSinks)
            {
                KeyEscrowSinks.Add(keyEscrowSink);
            }

            foreach (var encryptorFactory in other.AuthenticatedEncryptorFactories)
            {
                AuthenticatedEncryptorFactories.Add(encryptorFactory);
            }
        }
    }
Ejemplo n.º 14
0
        /// <summary>
        /// Constructor for KeyManager
        /// </summary>
        /// <param name="options"></param>
        /// <param name="store"></param>
        /// <param name="cache"></param>
        /// <param name="protector"></param>
        /// <param name="clock"></param>
        /// <param name="newKeyLock"></param>
        /// <param name="logger"></param>
        /// <param name="issuerNameService"></param>
        public KeyManager(
            KeyManagementOptions options,
            ISigningKeyStore store,
            ISigningKeyStoreCache cache,
            ISigningKeyProtector protector,
            ISystemClock clock,
            INewKeyLock newKeyLock,
            ILogger <KeyManager> logger,
            IIssuerNameService issuerNameService)
        {
            options.Validate();

            _options           = options;
            _store             = store;
            _cache             = cache;
            _protector         = protector;
            _clock             = clock;
            _newKeyLock        = newKeyLock;
            _logger            = logger;
            _issuerNameService = issuerNameService;
        }
Ejemplo n.º 15
0
        public void retirement_should_be_longer_than_expiration()
        {
            {
                var subject = new KeyManagementOptions
                {
                    KeyActivationDelay = TimeSpan.FromMinutes(1),
                    KeyExpiration      = TimeSpan.FromMinutes(10),
                    KeyRetirement      = TimeSpan.FromMinutes(10),
                };

                Action a = () => subject.Validate();
                a.Should().Throw <Exception>();
            }

            {
                var subject = new KeyManagementOptions
                {
                    KeyActivationDelay = TimeSpan.FromMinutes(1),
                    KeyExpiration      = TimeSpan.FromMinutes(10),
                    KeyRetirement      = TimeSpan.FromMinutes(9),
                };

                Action a = () => subject.Validate();
                a.Should().Throw <Exception>();
            }

            {
                var subject = new KeyManagementOptions
                {
                    KeyActivationDelay = TimeSpan.FromMinutes(1),
                    KeyExpiration      = TimeSpan.FromMinutes(10),
                    KeyRetirement      = TimeSpan.FromMinutes(20),
                };

                Action a = () => subject.Validate();
                a.Should().NotThrow <Exception>();
            }
        }
Ejemplo n.º 16
0
    public void retirement_should_be_longer_than_expiration()
    {
        {
            var subject = new KeyManagementOptions
            {
                PropagationTime   = TimeSpan.FromMinutes(1),
                RotationInterval  = TimeSpan.FromMinutes(10),
                RetentionDuration = TimeSpan.FromMinutes(0),
            };

            Action a = () => subject.Validate();
            a.Should().Throw <Exception>();
        }

        {
            var subject = new KeyManagementOptions
            {
                PropagationTime   = TimeSpan.FromMinutes(1),
                RotationInterval  = TimeSpan.FromMinutes(10),
                RetentionDuration = -TimeSpan.FromMinutes(1),
            };

            Action a = () => subject.Validate();
            a.Should().Throw <Exception>();
        }

        {
            var subject = new KeyManagementOptions
            {
                PropagationTime   = TimeSpan.FromMinutes(1),
                RotationInterval  = TimeSpan.FromMinutes(10),
                RetentionDuration = TimeSpan.FromMinutes(20),
            };

            Action a = () => subject.Validate();
            a.Should().NotThrow <Exception>();
        }
    }
        public void Configure_SetsExpectedValues()
        {
            // Arrange
            var setup   = new KeyManagementOptionsSetup(NullLoggerFactory.Instance);
            var options = new KeyManagementOptions()
            {
                AuthenticatedEncryptorConfiguration = null
            };

            // Act
            setup.Configure(options);

            // Assert
            Assert.Empty(options.KeyEscrowSinks);
            Assert.NotNull(options.AuthenticatedEncryptorConfiguration);
            Assert.IsType <AuthenticatedEncryptorConfiguration>(options.AuthenticatedEncryptorConfiguration);
            Assert.Collection(
                options.AuthenticatedEncryptorFactories,
                f => Assert.IsType <CngGcmAuthenticatedEncryptorFactory>(f),
                f => Assert.IsType <CngCbcAuthenticatedEncryptorFactory>(f),
                f => Assert.IsType <ManagedAuthenticatedEncryptorFactory>(f),
                f => Assert.IsType <AuthenticatedEncryptorFactory>(f));
        }
Ejemplo n.º 18
0
 /// <summary>
 /// Ctor
 /// </summary>
 /// <param name="isOptions"></param>
 /// <param name="keyManagerOptions"></param>
 public ClientConfigurationValidator(IdentityServerOptions isOptions, KeyManagementOptions keyManagerOptions = null)
     : base(isOptions)
 {
     _keyManagerOptions = keyManagerOptions;
 }
Ejemplo n.º 19
0
    private static ICacheableKeyRingProvider CreateKeyRingProvider(IKeyManager keyManager, IDefaultKeyResolver defaultKeyResolver, KeyManagementOptions keyManagementOptions = null)
    {
        var mockEncryptorFactory = new Mock <IAuthenticatedEncryptorFactory>();

        mockEncryptorFactory.Setup(m => m.CreateEncryptorInstance(It.IsAny <IKey>())).Returns(new Mock <IAuthenticatedEncryptor>().Object);
        keyManagementOptions = keyManagementOptions ?? new KeyManagementOptions();
        keyManagementOptions.AuthenticatedEncryptorFactories.Add(mockEncryptorFactory.Object);

        return(new KeyRingProvider(
                   keyManager: keyManager,
                   keyManagementOptions: Options.Create(keyManagementOptions),
                   defaultKeyResolver: defaultKeyResolver,
                   loggerFactory: NullLoggerFactory.Instance));
    }
Ejemplo n.º 20
0
 internal static RsaSecurityKey CreateRsaSecurityKey(this KeyManagementOptions options)
 {
     return(CryptoHelper.CreateRsaSecurityKey(options.RsaKeySize));
 }
 /// <summary>
 /// Constructor for DataProtectionKeyProtector.
 /// </summary>
 /// <param name="options"></param>
 /// <param name="dataProtectionProvider"></param>
 public DataProtectionKeyProtector(KeyManagementOptions options, IDataProtectionProvider dataProtectionProvider)
 {
     _options = options;
     _dataProtectionProvider = dataProtectionProvider.CreateProtector(nameof(DataProtectionKeyProtector));
 }
Ejemplo n.º 22
0
 internal static bool IsRetired(this KeyManagementOptions options, TimeSpan age)
 {
     return(age >= options.KeyRetirementAge);
 }
Ejemplo n.º 23
0
 internal static bool IsExpired(this KeyManagementOptions options, TimeSpan diff)
 {
     return(diff >= options.KeyExpiration);
 }
Ejemplo n.º 24
0
 internal static bool IsWithinInitializationDuration(this KeyManagementOptions options, TimeSpan age)
 {
     return(age <= options.InitializationDuration);
 }
Ejemplo n.º 25
0
 internal static bool IsExpired(this KeyManagementOptions options, TimeSpan age)
 {
     return(age >= options.RotationInterval);
 }
Ejemplo n.º 26
0
 /// <summary>
 /// Constructor for KeyManagerKeyStore.
 /// </summary>
 /// <param name="keyManager"></param>
 /// <param name="options"></param>
 public AutomaticKeyManagerKeyStore(IKeyManager keyManager, KeyManagementOptions options)
 {
     _keyManager = keyManager;
     _options    = options;
 }
Ejemplo n.º 27
0
 internal static bool IsRetired(this KeyManagementOptions options, TimeSpan diff)
 {
     return(diff >= options.KeyRetirement);
 }