/// <summary> /// Initializes a new instance of the <see cref="AzureKeyVaultCosmosEncryptor"/> class. /// Creates an Encryption Key Provider for wrap and unwrapping Data Encryption key via a Key Vault. /// </summary> /// <param name="keyVaultTokenCredentialFactory"> Factory Instance which represents a method to acquire TokenCredentials for accessing Key Vault Services. </param> public AzureKeyVaultCosmosEncryptor(KeyVaultTokenCredentialFactory keyVaultTokenCredentialFactory) { EncryptionKeyWrapProvider wrapProvider = new AzureKeyVaultKeyWrapProvider(keyVaultTokenCredentialFactory); this.cosmosDekProvider = new CosmosDataEncryptionKeyProvider(wrapProvider); this.cosmosEncryptor = new CosmosEncryptor(this.cosmosDekProvider); }
/// <summary> /// Initializes a new instance of the <see cref="KeyVaultAccessClient"/> class. /// Invokes internal Facotory Methods. /// </summary> /// <param name="keyVaultTokenCredentialFactory"> TokenCredential </param> /// <param name="keyClientFactory"> KeyClient Factory </param> /// <param name="cryptographyClientFactory"> CryptoClient Factory </param> internal KeyVaultAccessClient(KeyVaultTokenCredentialFactory keyVaultTokenCredentialFactory, KeyClientFactory keyClientFactory, CryptographyClientFactory cryptographyClientFactory) { this.keyVaultTokenCredentialFactory = keyVaultTokenCredentialFactory; this.akvClientCache = new AsyncCache <Uri, KeyClient>(); this.akvCryptoClientCache = new AsyncCache <Uri, CryptographyClient>(); this.keyClientFactory = keyClientFactory; this.cryptographyClientFactory = cryptographyClientFactory; }
/// <summary> /// Initializes a new instance of the <see cref="KeyVaultAccessClient"/> class. /// </summary> /// <param name="keyVaultTokenCredentialFactory"> TokenCredentials </param> public KeyVaultAccessClient(KeyVaultTokenCredentialFactory keyVaultTokenCredentialFactory) { this.keyVaultTokenCredentialFactory = keyVaultTokenCredentialFactory; this.akvClientCache = new AsyncCache <Uri, KeyClient>(); this.akvCryptoClientCache = new AsyncCache <Uri, CryptographyClient>(); this.keyClientFactory = new KeyClientFactory(); this.cryptographyClientFactory = new CryptographyClientFactory(); }
/// <summary> /// Creates a new instance of a provider to wrap (encrypt) and unwrap (decrypt) data encryption keys using master keys stored in Azure Key Vault. /// </summary> /// <param name="keyVaultTokenCredentialFactory"> KeyVaultTokenCredentialFactory instance </param> /// <param name="keyClientFactory"> KeyClient Factory Methods </param> /// <param name="cryptographyClientFactory"> CryptographyClient Factory Methods </param> internal AzureKeyVaultKeyWrapProvider(KeyVaultTokenCredentialFactory keyVaultTokenCredentialFactory, KeyClientFactory keyClientFactory, CryptographyClientFactory cryptographyClientFactory) { this.keyVaultAccessClient = new KeyVaultAccessClient(keyVaultTokenCredentialFactory, keyClientFactory, cryptographyClientFactory); this.rawDekCacheTimeToLive = TimeSpan.FromHours(1); }
/// <summary> /// Creates a new instance of a provider to wrap (encrypt) and unwrap (decrypt) data encryption keys using master keys stored in Azure Key Vault. /// </summary> /// <param name="keyVaultTokenCredentialFactory"> KeyVaultTokenCredentialFactory instance </param> /// Amount of time the unencrypted form of the data encryption key can be cached on the client before <see cref="UnwrapKeyAsync"/> needs to be called again. public AzureKeyVaultKeyWrapProvider(KeyVaultTokenCredentialFactory keyVaultTokenCredentialFactory) { this.keyVaultAccessClient = new KeyVaultAccessClient(keyVaultTokenCredentialFactory); this.rawDekCacheTimeToLive = TimeSpan.FromHours(1); }