Example #1
0
        public override void CreateRule(SecretEncryptionContext encryptionContext, ClaimsPrincipal principal)
        {
            if (IsRequired && (string.IsNullOrEmpty(encryptionContext.GetInput(UserInputConstants.Passphrase))))
            {
                throw new ArgumentException("Passphrase is required");
            }

            var passphrase = encryptionContext.GetInput(UserInputConstants.Passphrase) ?? "";

            var passphraseData = new PassphraseValidationData
            {
                Algorithm      = PassphraseAlgorithm.Pbkdf2Sha1,
                IterationCount = 10000,
                Salt           = _keyGenerator.GenerateSalt()
            };

            if (!string.IsNullOrEmpty(passphrase))
            {
                encryptionContext.EncryptionKey = GetEncryptionKey(passphrase, passphraseData);
            }
            _logger.LogDebug($"Using passphrase {passphrase} to set encryption key to {encryptionContext.EncryptionKey}");
            encryptionContext.AddValidationRule(new SecretValidationRule
            {
                Validator      = this.Name,
                ValidationData = SerializeData(passphraseData)
            });
        }
Example #2
0
 private string GetEncryptionKey(string passphrase, PassphraseValidationData options)
 {
     return(_keyGenerator.DeriveKey(passphrase, Convert.FromBase64String(options.Salt)));
 }