private CacheableKeyRing CreateCacheableKeyRingCoreStep2(
DateTimeOffset now,
CancellationToken cacheExpirationToken,
IKey defaultKey,
IEnumerable <IKey> allKeys
)
{
Debug.Assert(defaultKey != null);
// Invariant: our caller ensures that CreateEncryptorInstance succeeded at least once
Debug.Assert(defaultKey.CreateEncryptor() != null);
_logger.UsingKeyAsDefaultKey(defaultKey.KeyId);
var nextAutoRefreshTime = now + GetRefreshPeriodWithJitter(_keyManagementOptions.KeyRingRefreshPeriod);
// The cached keyring should expire at the earliest of (default key expiration, next auto-refresh time).
// Since the refresh period and safety window are not user-settable, we can guarantee that there's at
// least one auto-refresh between the start of the safety window and the key's expiration date.
// This gives us an opportunity to update the key ring before expiration, and it prevents multiple
// servers in a cluster from trying to update the key ring simultaneously. Special case: if the default
// key's expiration date is in the past, then we know we're using a fallback key and should disregard
// its expiration date in favor of the next auto-refresh time.
return(new CacheableKeyRing(
expirationToken: cacheExpirationToken,
expirationTime: (defaultKey.ExpirationDate <= now) ? nextAutoRefreshTime : Min(defaultKey.ExpirationDate, nextAutoRefreshTime),
defaultKey: defaultKey,
allKeys: allKeys
));
}
private bool CanCreateAuthenticatedEncryptor(IKey key)
{
try
{
var encryptorInstance = key.CreateEncryptor();
if (encryptorInstance == null)
{
throw new CryptographicException("Assertion failed: CreateEncryptorInstance returned null."); // original CryptoUtil.Fail call replaced
}
return(true);
}
catch (Exception ex)
{
_logger.LogWarning(ex, "Key {KeyId:B} is ineligible to be the default key because its {MethodName} method failed.", key.KeyId, nameof(IKey.CreateEncryptor)); // original ILogger extensions call replaced
return(false);
}
}
private bool CanCreateAuthenticatedEncryptor(IKey key)
{
try
{
var encryptorInstance = key.CreateEncryptor();
if (encryptorInstance == null)
{
CryptoUtil.Fail <IAuthenticatedEncryptor>("CreateEncryptorInstance returned null.");
}
return(true);
}
catch (Exception ex)
{
_logger.KeyIsIneligibleToBeTheDefaultKeyBecauseItsMethodFailed(key.KeyId, nameof(IKey.CreateEncryptor), ex);
return(false);
}
}
internal IAuthenticatedEncryptor?GetEncryptorInstance(out bool isRevoked)
{
// simple double-check lock pattern
// we can't use LazyInitializer<T> because we don't have a simple value factory
IAuthenticatedEncryptor?encryptor = Volatile.Read(ref _encryptor);
if (encryptor == null)
{
lock (this)
{
encryptor = Volatile.Read(ref _encryptor);
if (encryptor == null)
{
encryptor = _key.CreateEncryptor();
Volatile.Write(ref _encryptor, encryptor);
}
}
}
isRevoked = _key.IsRevoked;
return(encryptor);
}
