/// <summary> /// Initializes a new instance of MdeEncryptionAlgorithm. /// Uses <see cref="AeadAes256CbcHmac256EncryptionAlgorithm"/> which implements authenticated encryption algorithm with associated data as described /// <see href="http://tools.ietf.org/html/draft-mcgrew-aead-aes-cbc-hmac-sha2-05">here</see> . /// More specifically this implements AEAD_AES_256_CBC_HMAC_SHA256 algorithm. /// </summary> /// <param name="dataEncryptionKey"> Data Encryption Key </param> /// <param name="encryptionType"> Encryption type </param> public MdeEncryptionAlgorithm( Data.Encryption.Cryptography.DataEncryptionKey dataEncryptionKey, Data.Encryption.Cryptography.EncryptionType encryptionType) { this.mdeAeadAes256CbcHmac256EncryptionAlgorithm = AeadAes256CbcHmac256EncryptionAlgorithm.GetOrCreate( dataEncryptionKey, encryptionType); }
/// <summary> /// Initializes a new instance of MdeEncryptionAlgorithm. /// Uses <see cref="AeadAes256CbcHmac256EncryptionAlgorithm"/> which implements authenticated encryption algorithm with associated data as described /// <see href="http://tools.ietf.org/html/draft-mcgrew-aead-aes-cbc-hmac-sha2-05">here</see> . /// More specifically this implements AEAD_AES_256_CBC_HMAC_SHA256 algorithm. /// </summary> /// <param name="dekProperties"> Data Encryption Key properties</param> /// <param name="encryptionType"> Encryption type </param> /// <param name="encryptionKeyStoreProvider"> EncryptionKeyStoreProvider for wrapping and unwrapping </param> public MdeEncryptionAlgorithm( DataEncryptionKeyProperties dekProperties, Data.Encryption.Cryptography.EncryptionType encryptionType, EncryptionKeyStoreProvider encryptionKeyStoreProvider, TimeSpan?cacheTimeToLive) { if (dekProperties == null) { throw new ArgumentNullException(nameof(dekProperties)); } if (encryptionKeyStoreProvider == null) { throw new ArgumentNullException(nameof(encryptionKeyStoreProvider)); } KeyEncryptionKey keyEncryptionKey = KeyEncryptionKey.GetOrCreate( dekProperties.EncryptionKeyWrapMetadata.Name, dekProperties.EncryptionKeyWrapMetadata.Value, encryptionKeyStoreProvider); ProtectedDataEncryptionKey protectedDataEncryptionKey; if (cacheTimeToLive.HasValue) { // no caching if (cacheTimeToLive.Value == TimeSpan.Zero) { protectedDataEncryptionKey = new ProtectedDataEncryptionKey( dekProperties.Id, keyEncryptionKey, dekProperties.WrappedDataEncryptionKey); } else { protectedDataEncryptionKey = ProtectedDataEncryptionKey.GetOrCreate( dekProperties.Id, keyEncryptionKey, dekProperties.WrappedDataEncryptionKey); protectedDataEncryptionKey.TimeToLive = cacheTimeToLive.Value; } } else { protectedDataEncryptionKey = ProtectedDataEncryptionKey.GetOrCreate( dekProperties.Id, keyEncryptionKey, dekProperties.WrappedDataEncryptionKey); } this.mdeAeadAes256CbcHmac256EncryptionAlgorithm = AeadAes256CbcHmac256EncryptionAlgorithm.GetOrCreate( protectedDataEncryptionKey, encryptionType); }
public EncryptionSettingForProperty( string clientEncryptionKeyId, Data.Encryption.Cryptography.EncryptionType encryptionType, EncryptionContainer encryptionContainer, string databaseRid) { this.ClientEncryptionKeyId = string.IsNullOrEmpty(clientEncryptionKeyId) ? throw new ArgumentNullException(nameof(clientEncryptionKeyId)) : clientEncryptionKeyId; this.EncryptionType = encryptionType; this.encryptionContainer = encryptionContainer ?? throw new ArgumentNullException(nameof(encryptionContainer)); this.databaseRid = string.IsNullOrEmpty(databaseRid) ? throw new ArgumentNullException(nameof(databaseRid)) : databaseRid; }