private IEnumerable <ServiceDescriptor> ResolvePolicyCore() { // Read the encryption options type: CNG-CBC, CNG-GCM, Managed IInternalAuthenticatedEncryptionSettings options = null; string encryptionType = (string)_policyRegKey.GetValue("EncryptionType"); if (String.Equals(encryptionType, "CNG-CBC", StringComparison.OrdinalIgnoreCase)) { options = new CngCbcAuthenticatedEncryptionSettings(); } else if (String.Equals(encryptionType, "CNG-GCM", StringComparison.OrdinalIgnoreCase)) { options = new CngGcmAuthenticatedEncryptionSettings(); } else if (String.Equals(encryptionType, "Managed", StringComparison.OrdinalIgnoreCase)) { options = new ManagedAuthenticatedEncryptionSettings(); } else if (!String.IsNullOrEmpty(encryptionType)) { throw CryptoUtil.Fail("Unrecognized EncryptionType: " + encryptionType); } if (options != null) { PopulateOptions(options, _policyRegKey); yield return(DataProtectionServiceDescriptors.IAuthenticatedEncryptorConfiguration_FromSettings(options)); } // Read ancillary data int?defaultKeyLifetime = (int?)_policyRegKey.GetValue("DefaultKeyLifetime"); if (defaultKeyLifetime.HasValue) { yield return(DataProtectionServiceDescriptors.ConfigureOptions_DefaultKeyLifetime(defaultKeyLifetime.Value)); } var keyEscrowSinks = ReadKeyEscrowSinks(_policyRegKey); foreach (var keyEscrowSink in keyEscrowSinks) { yield return(DataProtectionServiceDescriptors.IKeyEscrowSink_FromTypeName(keyEscrowSink)); } }
private static IDataProtectionBuilder UseCryptographicAlgorithmsCore(IDataProtectionBuilder builder, IInternalAuthenticatedEncryptionSettings settings) { settings.Validate(); // perform self-test Use(builder.Services, DataProtectionServiceDescriptors.IAuthenticatedEncryptorConfiguration_FromSettings(settings)); return(builder); }
/// <summary> /// An <see cref="IAuthenticatedEncryptorConfiguration"/> backed by an <see cref="IInternalAuthenticatedEncryptionSettings"/>. /// </summary> public static ServiceDescriptor IAuthenticatedEncryptorConfiguration_FromSettings(IInternalAuthenticatedEncryptionSettings options) { return(ServiceDescriptor.Singleton <IAuthenticatedEncryptorConfiguration>(options.ToConfiguration)); }
/// <summary> /// An <see cref="IAuthenticatedEncryptorConfiguration"/> backed by an <see cref="IInternalAuthenticatedEncryptionSettings"/>. /// </summary> public static ServiceDescriptor IAuthenticatedEncryptorConfiguration_FromSettings(IInternalAuthenticatedEncryptionSettings options) { return ServiceDescriptor.Singleton<IAuthenticatedEncryptorConfiguration>(options.ToConfiguration); }