public async Task <string> Encrypt(string data, string serviceAccountId, bool createKeyIfMissing = true)
{
var masterKeyAlias = $"alias/{mCmkPrefix}kamus/{KeyIdCreator.Create(serviceAccountId)}";
var(dataKey, encryptedDataKey) = await GenerateEncryptionKey(masterKeyAlias);
var(encryptedData, iv) = RijndaelUtils.Encrypt(dataKey.ToArray(), Encoding.UTF8.GetBytes(data));
return(EnvelopeEncryptionUtils.Wrap(encryptedDataKey, iv, encryptedData));
}
public async Task <string> Encrypt(string data, string serviceAccountId, bool createKeyIfMissing = true)
{
if (data.Length <= mMaximumDataLength)
{
return(await mMasterKeyManagement.Encrypt(data, serviceAccountId, createKeyIfMissing));
}
mLogger.Information("Encryption data too length, using envelope encryption");
var dataKey = RijndaelUtils.GenerateKey(256);
var(encryptedData, iv) = RijndaelUtils.Encrypt(dataKey, Encoding.UTF8.GetBytes(data));
var encryptedDataKey = await mMasterKeyManagement.Encrypt(Convert.ToBase64String(dataKey), serviceAccountId, createKeyIfMissing);
return(EnvelopeEncryptionUtils.Wrap(encryptedDataKey, iv, encryptedData));
}