public static async Task <Agent> Create(IConfigSource configSource, IPlanner planner, IPlanRunner planRunner, IReporter reporter,
IModuleIdentityLifecycleManager moduleIdentityLifecycleManager, IEnvironmentProvider environmentProvider,
IEntityStore <string, string> configStore, ISerde <DeploymentConfigInfo> deploymentConfigInfoSerde, IEncryptionProvider encryptionProvider)
{
Preconditions.CheckNotNull(deploymentConfigInfoSerde, nameof(deploymentConfigInfoSerde));
Preconditions.CheckNotNull(configStore, nameof(configStore));
Option <DeploymentConfigInfo> deploymentConfigInfo = Option.None <DeploymentConfigInfo>();
try
{
Option <string> deploymentConfigInfoJson = await Preconditions.CheckNotNull(configStore, nameof(configStore)).Get(StoreConfigKey);
await deploymentConfigInfoJson.ForEachAsync(async json =>
{
string decryptedJson = await encryptionProvider.DecryptAsync(json);
deploymentConfigInfo = Option.Some(deploymentConfigInfoSerde.Deserialize(decryptedJson));
});
}
catch (Exception ex) when(!ex.IsFatal())
{
Events.ErrorDeserializingConfig(ex);
}
var agent = new Agent(configSource, environmentProvider, planner, planRunner, reporter, moduleIdentityLifecycleManager,
configStore, deploymentConfigInfo.GetOrElse(DeploymentConfigInfo.Empty), deploymentConfigInfoSerde, encryptionProvider);
return(agent);
}
public virtual async Task DecryptAsync <T>(string userId, T o) where T : class
{
var members = o.GetSensitiveDataMembers();
dynamic encryptMember = null;
string val = null;
byte[] serializedVal = null;
Type underlyingType;
SensitiveDataAttribute attr;
MemberInfo srcMember;
MemberInfo destMember;
for (int i = 0; i < members.Length; i++)
{
srcMember = members[i];
encryptMember = srcMember;
underlyingType = srcMember.GetUnderlyingType();
// Check if attribute is serialized to another Member
attr = srcMember.GetCustomAttribute <SensitiveDataAttribute>();
if (!string.IsNullOrWhiteSpace(attr.SerializeToMember))
{
// 1. Get destination member
destMember = o.FindMemberByName(attr.SerializeToMember);
// 2. Validate destination member
ValidateDestionationMember(srcMember, destMember);
// 3. Set destination member as member where the encrypted value is stored into.
encryptMember = (destMember as dynamic);
}
// a. Get value out of Encrypt Member
val = encryptMember.GetValue(o);
if (val != null)
{
// b. Clear the encrypted string
encryptMember.SetValue(o, null);
// c. Decypt and store value back into src member
if (underlyingType == typeof(string))
{
(srcMember as dynamic).SetValue(o, Encoding.UTF8.GetString(await _provider.DecryptAsync(userId, val)));
}
else
{
serializedVal = await _provider.DecryptAsync(userId, val);
// Deserialize to binary back to object with MessagePack
var obj = MessagePackSerializer.Typeless.Deserialize(serializedVal);
(srcMember as dynamic).SetValue(o, obj);
}
}
}
}
private async ValueTask <EncryptionData> Decrypt(EncryptionData rawData)
{
await using Stream encStream = rawData.EncryptedStream !;
await using Stream decStream = await _encryptionProvider.DecryptAsync(encStream);
SaveFileHandler.RemoveTrailingZeroes(decStream);
return(await EncryptionData.From(null, decStream));
}
private async ValueTask <ApiEncryptionModel> Decrypt(string base64Data)
{
await using MemoryStream encStream = new MemoryStream(Convert.FromBase64String(base64Data));
await using Stream decStream = await _encryptionProvider.DecryptAsync(encStream);
SaveFileHandler.RemoveTrailingZeroes(decStream);
return(new ApiEncryptionModel {
Decrypted = await GetBase64Data(decStream)
});
}
public async Task Decrypt_should_revert_scrambled_text()
{
string userId = Guid.NewGuid().ToString();
string text = "hello!";
string encryptedStrBase64Enc = await _sut.EncryptAsync(userId, Encoding.UTF8.GetBytes(text));
Assert.NotEqual(text, encryptedStrBase64Enc);
string decryptedText = Encoding.UTF8.GetString(await _sut.DecryptAsync(userId, encryptedStrBase64Enc));
Assert.Equal(text, decryptedText);
}
