internal static IPrivateKeyProvider Create(
IPublicKeyDataProvider publicKeyDataProvider,
TimeSpan keyLifetime,
TimeSpan keyRotationPeriod,
IDateTimeProvider dateTimeProvider = null
) {
if( keyLifetime < keyRotationPeriod ) {
throw new ArgumentException( "Private key lifetime must exceed the rotation period", "keyLifetime" );
}
dateTimeProvider = dateTimeProvider ?? new DateTimeProvider();
ID2LSecurityTokenFactory d2lSecurityTokenFactory = new D2LSecurityTokenFactory(
dateTimeProvider,
keyLifetime
);
IPrivateKeyProvider privateKeyProvider = new RsaPrivateKeyProvider(
d2lSecurityTokenFactory
);
privateKeyProvider = new SavingPrivateKeyProvider(
privateKeyProvider,
PublicKeyDataProviderFactory.CreateInternal( publicKeyDataProvider )
);
privateKeyProvider = new RotatingPrivateKeyProvider(
privateKeyProvider,
dateTimeProvider,
keyRotationPeriod
);
return privateKeyProvider;
}
public void GetSigningCredentialsAsync_HighLoad_FrequentlyRollingKeys_KeysRemainValid(
int keyLifeTimeMilliseconds,
int keyOverlapIntervalMilliseconds
)
{
IPrivateKeyProvider provider = new RotatingPrivateKeyProvider(
new RsaPrivateKeyProvider(
new D2LSecurityTokenFactory(
m_mockDateTimeProvider.Object,
TimeSpan.FromMilliseconds(keyLifeTimeMilliseconds)
)
),
m_mockDateTimeProvider.Object,
TimeSpan.FromMilliseconds(keyOverlapIntervalMilliseconds)
);
IList <Thread> threads = new List <Thread>();
ManualResetEventSlim go = new ManualResetEventSlim(false);
for (int i = 0; i < THREAD_COUNT; i++)
{
int threadNumber = i;
Thread t = new Thread(() => Runner(provider, go, threadNumber));
threads.Add(t);
t.Start();
}
// block waiting for all threads to reach their blocking point
Thread.Sleep(TimeSpan.FromMilliseconds(50));
Console.WriteLine("Starting work in " + MethodBase.GetCurrentMethod().Name + " at " + DateTime.UtcNow + " UTC");
go.Set();
foreach (Thread t in threads)
{
t.Join();
}
Console.WriteLine("Done in " + MethodBase.GetCurrentMethod().Name + " at " + DateTime.UtcNow + " UTC");
}
public void GetSigningCredentialsAsync_HighLoad_FrequentlyRollingKeys_KeysRemainValid(
int keyLifeTimeMilliseconds,
int keyOverlapIntervalMilliseconds
) {
IPrivateKeyProvider provider = new RotatingPrivateKeyProvider(
new RsaPrivateKeyProvider(
new D2LSecurityTokenFactory(
m_mockDateTimeProvider.Object,
TimeSpan.FromMilliseconds( keyLifeTimeMilliseconds )
)
),
m_mockDateTimeProvider.Object,
TimeSpan.FromMilliseconds( keyOverlapIntervalMilliseconds )
);
IList<Thread> threads = new List<Thread>();
ManualResetEventSlim go = new ManualResetEventSlim( false );
for( int i = 0; i < THREAD_COUNT; i++ ) {
int threadNumber = i;
Thread t = new Thread( () => Runner( provider, go, threadNumber ) );
threads.Add( t );
t.Start();
}
// block waiting for all threads to reach their blocking point
Thread.Sleep( TimeSpan.FromMilliseconds( 50 ) );
Console.WriteLine( "Starting work in " + MethodBase.GetCurrentMethod().Name + " at " + DateTime.UtcNow + " UTC" );
go.Set();
foreach( Thread t in threads ) {
t.Join();
}
Console.WriteLine( "Done in " + MethodBase.GetCurrentMethod().Name + " at " + DateTime.UtcNow + " UTC" );
}
internal static IPrivateKeyProvider Create(
IPublicKeyDataProvider publicKeyDataProvider,
TimeSpan keyLifetime,
TimeSpan keyRotationPeriod,
CngAlgorithm algorithm,
IDateTimeProvider dateTimeProvider = null
)
{
if (keyLifetime < keyRotationPeriod)
{
throw new ArgumentException("Private key lifetime must exceed the rotation period", "keyLifetime");
}
dateTimeProvider = dateTimeProvider ?? DateTimeProvider.Instance;
ID2LSecurityTokenFactory d2lSecurityTokenFactory = new D2LSecurityTokenFactory(
dateTimeProvider,
keyLifetime
);
IPrivateKeyProvider privateKeyProvider = new EcDsaPrivateKeyProvider(
d2lSecurityTokenFactory,
algorithm
);
privateKeyProvider = new SavingPrivateKeyProvider(
privateKeyProvider,
PublicKeyDataProviderFactory.CreateInternal(publicKeyDataProvider)
);
privateKeyProvider = new RotatingPrivateKeyProvider(
privateKeyProvider,
dateTimeProvider,
keyRotationPeriod
);
return(privateKeyProvider);
}