/// <summary>
/// Creates an ephemeral <see cref="IDataProtectionProvider"/> with logging.
/// </summary>
/// <param name="loggerFactory">The <see cref="ILoggerFactory" />.</param>
public EphemeralDataProtectionProvider(ILoggerFactory loggerFactory)
{
if (loggerFactory == null)
{
throw new ArgumentNullException(nameof(loggerFactory));
}
IKeyRingProvider keyringProvider;
if (OSVersionUtil.IsWindows())
{
// Assertion for platform compat analyzer
Debug.Assert(RuntimeInformation.IsOSPlatform(OSPlatform.Windows));
// Fastest implementation: AES-256-GCM [CNG]
keyringProvider = new EphemeralKeyRing <CngGcmAuthenticatedEncryptorConfiguration>(loggerFactory);
}
else
{
// Slowest implementation: AES-256-CBC + HMACSHA256 [Managed]
keyringProvider = new EphemeralKeyRing <ManagedAuthenticatedEncryptorConfiguration>(loggerFactory);
}
var logger = loggerFactory.CreateLogger <EphemeralDataProtectionProvider>();
logger.UsingEphemeralDataProtectionProvider();
_dataProtectionProvider = new KeyRingBasedDataProtectionProvider(keyringProvider, loggerFactory);
}
public EphemeralDataProtectionProvider()
{
IKeyRingProvider keyringProvider;
if (OSVersionUtil.IsBCryptOnWin7OrLaterAvailable())
{
// Fastest implementation: AES-GCM
keyringProvider = new EphemeralKeyRing <CngGcmAuthenticatedEncryptorConfigurationOptions>();
}
else
{
// Slowest implementation: managed CBC + HMAC
keyringProvider = new EphemeralKeyRing <ManagedAuthenticatedEncryptorConfigurationOptions>();
}
_dataProtectionProvider = new KeyRingBasedDataProtectionProvider(keyringProvider);
}
/// <summary>
/// Creates an ephemeral <see cref="IDataProtectionProvider"/>, optionally providing
/// services (such as logging) for consumption by the provider.
/// </summary>
public EphemeralDataProtectionProvider(IServiceProvider services)
{
IKeyRingProvider keyringProvider;
if (OSVersionUtil.IsWindows())
{
// Fastest implementation: AES-256-GCM [CNG]
keyringProvider = new EphemeralKeyRing <CngGcmAuthenticatedEncryptionSettings>();
}
else
{
// Slowest implementation: AES-256-CBC + HMACSHA256 [Managed]
keyringProvider = new EphemeralKeyRing <ManagedAuthenticatedEncryptionSettings>();
}
var logger = services.GetLogger <EphemeralDataProtectionProvider>();
logger?.UsingEphemeralDataProtectionProvider();
_dataProtectionProvider = new KeyRingBasedDataProtectionProvider(keyringProvider, services);
}
/// <summary>
/// Creates an ephemeral <see cref="IDataProtectionProvider"/>, optionally providing
/// services (such as logging) for consumption by the provider.
/// </summary>
public EphemeralDataProtectionProvider(IServiceProvider services)
{
IKeyRingProvider keyringProvider;
if (OSVersionUtil.IsWindows())
{
// Fastest implementation: AES-256-GCM [CNG]
keyringProvider = new EphemeralKeyRing <CngGcmAuthenticatedEncryptionOptions>();
}
else
{
// Slowest implementation: AES-256-CBC + HMACSHA256 [Managed]
keyringProvider = new EphemeralKeyRing <ManagedAuthenticatedEncryptionOptions>();
}
var logger = services.GetLogger <EphemeralDataProtectionProvider>();
if (logger.IsWarningLevelEnabled())
{
logger.LogWarning("Using ephemeral data protection provider. Payloads will be undecipherable upon application shutdown.");
}
_dataProtectionProvider = new KeyRingBasedDataProtectionProvider(keyringProvider, services);
}