/// <summary>
        /// Creates an ephemeral <see cref="IDataProtectionProvider"/> with logging.
        /// </summary>
        /// <param name="loggerFactory">The <see cref="ILoggerFactory" />.</param>
        public EphemeralDataProtectionProvider(ILoggerFactory loggerFactory)
        {
            if (loggerFactory == null)
            {
                throw new ArgumentNullException(nameof(loggerFactory));
            }

            IKeyRingProvider keyringProvider;

            if (OSVersionUtil.IsWindows())
            {
                // Assertion for platform compat analyzer
                Debug.Assert(RuntimeInformation.IsOSPlatform(OSPlatform.Windows));
                // Fastest implementation: AES-256-GCM [CNG]
                keyringProvider = new EphemeralKeyRing <CngGcmAuthenticatedEncryptorConfiguration>(loggerFactory);
            }
            else
            {
                // Slowest implementation: AES-256-CBC + HMACSHA256 [Managed]
                keyringProvider = new EphemeralKeyRing <ManagedAuthenticatedEncryptorConfiguration>(loggerFactory);
            }

            var logger = loggerFactory.CreateLogger <EphemeralDataProtectionProvider>();

            logger.UsingEphemeralDataProtectionProvider();

            _dataProtectionProvider = new KeyRingBasedDataProtectionProvider(keyringProvider, loggerFactory);
        }
Exemple #2
0
        public EphemeralDataProtectionProvider()
        {
            IKeyRingProvider keyringProvider;

            if (OSVersionUtil.IsBCryptOnWin7OrLaterAvailable())
            {
                // Fastest implementation: AES-GCM
                keyringProvider = new EphemeralKeyRing <CngGcmAuthenticatedEncryptorConfigurationOptions>();
            }
            else
            {
                // Slowest implementation: managed CBC + HMAC
                keyringProvider = new EphemeralKeyRing <ManagedAuthenticatedEncryptorConfigurationOptions>();
            }

            _dataProtectionProvider = new KeyRingBasedDataProtectionProvider(keyringProvider);
        }
Exemple #3
0
        /// <summary>
        /// Creates an ephemeral <see cref="IDataProtectionProvider"/>, optionally providing
        /// services (such as logging) for consumption by the provider.
        /// </summary>
        public EphemeralDataProtectionProvider(IServiceProvider services)
        {
            IKeyRingProvider keyringProvider;

            if (OSVersionUtil.IsWindows())
            {
                // Fastest implementation: AES-256-GCM [CNG]
                keyringProvider = new EphemeralKeyRing <CngGcmAuthenticatedEncryptionSettings>();
            }
            else
            {
                // Slowest implementation: AES-256-CBC + HMACSHA256 [Managed]
                keyringProvider = new EphemeralKeyRing <ManagedAuthenticatedEncryptionSettings>();
            }

            var logger = services.GetLogger <EphemeralDataProtectionProvider>();

            logger?.UsingEphemeralDataProtectionProvider();

            _dataProtectionProvider = new KeyRingBasedDataProtectionProvider(keyringProvider, services);
        }
Exemple #4
0
        /// <summary>
        /// Creates an ephemeral <see cref="IDataProtectionProvider"/>, optionally providing
        /// services (such as logging) for consumption by the provider.
        /// </summary>
        public EphemeralDataProtectionProvider(IServiceProvider services)
        {
            IKeyRingProvider keyringProvider;

            if (OSVersionUtil.IsWindows())
            {
                // Fastest implementation: AES-256-GCM [CNG]
                keyringProvider = new EphemeralKeyRing <CngGcmAuthenticatedEncryptionOptions>();
            }
            else
            {
                // Slowest implementation: AES-256-CBC + HMACSHA256 [Managed]
                keyringProvider = new EphemeralKeyRing <ManagedAuthenticatedEncryptionOptions>();
            }

            var logger = services.GetLogger <EphemeralDataProtectionProvider>();

            if (logger.IsWarningLevelEnabled())
            {
                logger.LogWarning("Using ephemeral data protection provider. Payloads will be undecipherable upon application shutdown.");
            }

            _dataProtectionProvider = new KeyRingBasedDataProtectionProvider(keyringProvider, services);
        }