/// <summary> /// Imports the <see cref="CngCbcAuthenticatedEncryptorDescriptor"/> from serialized XML. /// </summary> public IAuthenticatedEncryptorDescriptor ImportFromXml(XElement element) { if (element == null) { throw new ArgumentNullException(nameof(element)); } // <descriptor> // <!-- Windows CNG-GCM --> // <encryption algorithm="..." keyLength="..." [provider="..."] /> // <masterKey>...</masterKey> // </descriptor> var settings = new CngGcmAuthenticatedEncryptionSettings(); var encryptionElement = element.Element("encryption"); settings.EncryptionAlgorithm = (string)encryptionElement.Attribute("algorithm"); settings.EncryptionAlgorithmKeySize = (int)encryptionElement.Attribute("keyLength"); settings.EncryptionAlgorithmProvider = (string)encryptionElement.Attribute("provider"); // could be null Secret masterKey = ((string)element.Element("masterKey")).ToSecret(); return(new CngGcmAuthenticatedEncryptorDescriptor(settings, masterKey, _services)); }
public CngGcmAuthenticatedEncryptorConfiguration(CngGcmAuthenticatedEncryptionSettings settings, IServiceProvider services) { if (settings == null) { throw new ArgumentNullException(nameof(settings)); } Settings = settings; _services = services; }
public CngGcmAuthenticatedEncryptorDescriptor(CngGcmAuthenticatedEncryptionSettings settings, ISecret masterKey, IServiceProvider services) { if (settings == null) { throw new ArgumentNullException(nameof(settings)); } if (masterKey == null) { throw new ArgumentNullException(nameof(masterKey)); } Settings = settings; MasterKey = masterKey; _log = services.GetLogger<CngGcmAuthenticatedEncryptorDescriptor>(); }
public CngGcmAuthenticatedEncryptorDescriptor(CngGcmAuthenticatedEncryptionSettings settings, ISecret masterKey, IServiceProvider services) { if (settings == null) { throw new ArgumentNullException(nameof(settings)); } if (masterKey == null) { throw new ArgumentNullException(nameof(masterKey)); } Settings = settings; MasterKey = masterKey; _log = services.GetLogger <CngGcmAuthenticatedEncryptorDescriptor>(); }
private IEnumerable <ServiceDescriptor> ResolvePolicyCore() { // Read the encryption options type: CNG-CBC, CNG-GCM, Managed IInternalAuthenticatedEncryptionSettings options = null; string encryptionType = (string)_policyRegKey.GetValue("EncryptionType"); if (String.Equals(encryptionType, "CNG-CBC", StringComparison.OrdinalIgnoreCase)) { options = new CngCbcAuthenticatedEncryptionSettings(); } else if (String.Equals(encryptionType, "CNG-GCM", StringComparison.OrdinalIgnoreCase)) { options = new CngGcmAuthenticatedEncryptionSettings(); } else if (String.Equals(encryptionType, "Managed", StringComparison.OrdinalIgnoreCase)) { options = new ManagedAuthenticatedEncryptionSettings(); } else if (!String.IsNullOrEmpty(encryptionType)) { throw CryptoUtil.Fail("Unrecognized EncryptionType: " + encryptionType); } if (options != null) { PopulateOptions(options, _policyRegKey); yield return(DataProtectionServiceDescriptors.IAuthenticatedEncryptorConfiguration_FromSettings(options)); } // Read ancillary data int?defaultKeyLifetime = (int?)_policyRegKey.GetValue("DefaultKeyLifetime"); if (defaultKeyLifetime.HasValue) { yield return(DataProtectionServiceDescriptors.ConfigureOptions_DefaultKeyLifetime(defaultKeyLifetime.Value)); } var keyEscrowSinks = ReadKeyEscrowSinks(_policyRegKey); foreach (var keyEscrowSink in keyEscrowSinks) { yield return(DataProtectionServiceDescriptors.IKeyEscrowSink_FromTypeName(keyEscrowSink)); } }
/// <summary> /// Imports the <see cref="CngCbcAuthenticatedEncryptorDescriptor"/> from serialized XML. /// </summary> public IAuthenticatedEncryptorDescriptor ImportFromXml(XElement element) { if (element == null) { throw new ArgumentNullException(nameof(element)); } // <descriptor> // <!-- Windows CNG-GCM --> // <encryption algorithm="..." keyLength="..." [provider="..."] /> // <masterKey>...</masterKey> // </descriptor> var settings = new CngGcmAuthenticatedEncryptionSettings(); var encryptionElement = element.Element("encryption"); settings.EncryptionAlgorithm = (string)encryptionElement.Attribute("algorithm"); settings.EncryptionAlgorithmKeySize = (int)encryptionElement.Attribute("keyLength"); settings.EncryptionAlgorithmProvider = (string)encryptionElement.Attribute("provider"); // could be null Secret masterKey = ((string)element.Element("masterKey")).ToSecret(); return new CngGcmAuthenticatedEncryptorDescriptor(settings, masterKey, _services); }
public CngGcmAuthenticatedEncryptorConfiguration(CngGcmAuthenticatedEncryptionSettings settings) : this(settings, services: null) { }
public static IDataProtectionBuilder UseCustomCryptographicAlgorithms(this IDataProtectionBuilder builder, CngGcmAuthenticatedEncryptionSettings settings) { if (builder == null) { throw new ArgumentNullException(nameof(builder)); } if (settings == null) { throw new ArgumentNullException(nameof(settings)); } return(UseCryptographicAlgorithmsCore(builder, settings)); }
public CngGcmAuthenticatedEncryptorDescriptor(CngGcmAuthenticatedEncryptionSettings settings, ISecret masterKey) : this(settings, masterKey, services: null) { }
public CngGcmAuthenticatedEncryptorConfiguration(CngGcmAuthenticatedEncryptionSettings settings) : this(settings, services : null) { }
public CngGcmAuthenticatedEncryptorDescriptor(CngGcmAuthenticatedEncryptionSettings settings, ISecret masterKey) : this(settings, masterKey, services : null) { }
private IEnumerable<ServiceDescriptor> ResolvePolicyCore() { // Read the encryption options type: CNG-CBC, CNG-GCM, Managed IInternalAuthenticatedEncryptionSettings options = null; string encryptionType = (string)_policyRegKey.GetValue("EncryptionType"); if (String.Equals(encryptionType, "CNG-CBC", StringComparison.OrdinalIgnoreCase)) { options = new CngCbcAuthenticatedEncryptionSettings(); } else if (String.Equals(encryptionType, "CNG-GCM", StringComparison.OrdinalIgnoreCase)) { options = new CngGcmAuthenticatedEncryptionSettings(); } else if (String.Equals(encryptionType, "Managed", StringComparison.OrdinalIgnoreCase)) { options = new ManagedAuthenticatedEncryptionSettings(); } else if (!String.IsNullOrEmpty(encryptionType)) { throw CryptoUtil.Fail("Unrecognized EncryptionType: " + encryptionType); } if (options != null) { PopulateOptions(options, _policyRegKey); yield return DataProtectionServiceDescriptors.IAuthenticatedEncryptorConfiguration_FromSettings(options); } // Read ancillary data int? defaultKeyLifetime = (int?)_policyRegKey.GetValue("DefaultKeyLifetime"); if (defaultKeyLifetime.HasValue) { yield return DataProtectionServiceDescriptors.ConfigureOptions_DefaultKeyLifetime(defaultKeyLifetime.Value); } var keyEscrowSinks = ReadKeyEscrowSinks(_policyRegKey); foreach (var keyEscrowSink in keyEscrowSinks) { yield return DataProtectionServiceDescriptors.IKeyEscrowSink_FromTypeName(keyEscrowSink); } }