/// <summary> /// Imports the <see cref="AuthenticatedEncryptorDescriptor"/> from serialized XML. /// </summary> public IAuthenticatedEncryptorDescriptor ImportFromXml(XElement element) { if (element == null) { throw new ArgumentNullException(nameof(element)); } // <descriptor> // <encryption algorithm="..." /> // <validation algorithm="..." /> <!-- only if not GCM --> // <masterKey requiresEncryption="true">...</masterKey> // </descriptor> var settings = new AuthenticatedEncryptionSettings(); var encryptionElement = element.Element("encryption"); settings.EncryptionAlgorithm = (EncryptionAlgorithm)Enum.Parse(typeof(EncryptionAlgorithm), (string)encryptionElement.Attribute("algorithm")); // only read <validation> if not GCM if (!AuthenticatedEncryptionSettings.IsGcmAlgorithm(settings.EncryptionAlgorithm)) { var validationElement = element.Element("validation"); settings.ValidationAlgorithm = (ValidationAlgorithm)Enum.Parse(typeof(ValidationAlgorithm), (string)validationElement.Attribute("algorithm")); } Secret masterKey = ((string)element.Elements("masterKey").Single()).ToSecret(); return(new AuthenticatedEncryptorDescriptor(settings, masterKey, _services)); }
/// <summary> /// Imports the <see cref="AuthenticatedEncryptorDescriptor"/> from serialized XML. /// </summary> public IAuthenticatedEncryptorDescriptor ImportFromXml(XElement element) { if (element == null) { throw new ArgumentNullException(nameof(element)); } // <descriptor> // <encryption algorithm="..." /> // <validation algorithm="..." /> <!-- only if not GCM --> // <masterKey requiresEncryption="true">...</masterKey> // </descriptor> var settings = new AuthenticatedEncryptionSettings(); var encryptionElement = element.Element("encryption"); settings.EncryptionAlgorithm = (EncryptionAlgorithm)Enum.Parse(typeof(EncryptionAlgorithm), (string)encryptionElement.Attribute("algorithm")); // only read <validation> if not GCM if (!AuthenticatedEncryptionSettings.IsGcmAlgorithm(settings.EncryptionAlgorithm)) { var validationElement = element.Element("validation"); settings.ValidationAlgorithm = (ValidationAlgorithm)Enum.Parse(typeof(ValidationAlgorithm), (string)validationElement.Attribute("algorithm")); } Secret masterKey = ((string)element.Elements("masterKey").Single()).ToSecret(); return new AuthenticatedEncryptorDescriptor(settings, masterKey, _services); }
public AuthenticatedEncryptorConfiguration(AuthenticatedEncryptionSettings settings, IServiceProvider services) { if (settings == null) { throw new ArgumentNullException(nameof(settings)); } Settings = settings; _services = services; }
public AuthenticatedEncryptorDescriptor(AuthenticatedEncryptionSettings settings, ISecret masterKey, IServiceProvider services) { if (settings == null) { throw new ArgumentNullException(nameof(settings)); } if (masterKey == null) { throw new ArgumentNullException(nameof(masterKey)); } Settings = settings; MasterKey = masterKey; _services = services; }
public XmlSerializedDescriptorInfo ExportToXml() { // <descriptor> // <encryption algorithm="..." /> // <validation algorithm="..." /> <!-- only if not GCM --> // <masterKey requiresEncryption="true">...</masterKey> // </descriptor> var encryptionElement = new XElement("encryption", new XAttribute("algorithm", Settings.EncryptionAlgorithm)); var validationElement = (AuthenticatedEncryptionSettings.IsGcmAlgorithm(Settings.EncryptionAlgorithm)) ? (object)new XComment(" AES-GCM includes a 128-bit authentication tag, no extra validation algorithm required. ") : (object)new XElement("validation", new XAttribute("algorithm", Settings.ValidationAlgorithm)); var outerElement = new XElement("descriptor", encryptionElement, validationElement, MasterKey.ToMasterKeyElement()); return(new XmlSerializedDescriptorInfo(outerElement, typeof(AuthenticatedEncryptorDescriptorDeserializer))); }
public AuthenticatedEncryptorDescriptor(AuthenticatedEncryptionSettings settings, ISecret masterKey) : this(settings, masterKey, services: null) { }
/// <summary> /// Configures the data protection system to use the specified cryptographic algorithms /// by default when generating protected payloads. /// </summary> /// <param name="builder">The <see cref="IDataProtectionBuilder"/>.</param> /// <param name="settings">Information about what cryptographic algorithms should be used.</param> /// <returns>A reference to the <see cref="IDataProtectionBuilder" /> after this operation has completed.</returns> public static IDataProtectionBuilder UseCryptographicAlgorithms(this IDataProtectionBuilder builder, AuthenticatedEncryptionSettings settings) { if (builder == null) { throw new ArgumentNullException(nameof(builder)); } if (settings == null) { throw new ArgumentNullException(nameof(settings)); } return(UseCryptographicAlgorithmsCore(builder, settings)); }
public AuthenticatedEncryptorConfiguration(AuthenticatedEncryptionSettings settings) : this(settings, services : null) { }
public AuthenticatedEncryptorDescriptor(AuthenticatedEncryptionSettings settings, ISecret masterKey) : this(settings, masterKey, services : null) { }
public AuthenticatedEncryptorConfiguration(AuthenticatedEncryptionSettings settings) : this(settings, services: null) { }