private XElement CreateKeyElement(CryptographicKey k, int position)
{
var newDescriptor = new AuthenticatedEncryptorDescriptor(_encryptorConfiguration.Settings, new Secret(k.Value));
var descriptor = newDescriptor.ExportToXml();
return(new XElement(KeyElementName,
new XAttribute(IdAttributeName, k.Id),
new XAttribute(VersionAttributeName, 1),
new XElement(CreationDateElementName, DateTimeOffset.UtcNow.AddMinutes(-position)),
new XElement(ActivationDateElementName, DateTimeOffset.UtcNow.AddMinutes(-position)),
new XElement(ExpirationDateElementName, DateTimeOffset.UtcNow.AddYears(10)),
new XElement(DescriptorElementName,
new XAttribute(DeserializerTypeAttributeName, descriptor.DeserializerType.AssemblyQualifiedName),
descriptor.SerializedDescriptorElement)));
}
public IReadOnlyCollection <XElement> GetAllElements()
{
var keys = new List <CryptographicKey>();
CryptographicKey primaryKey = GetReferencedKey(AzureWebsitePrimaryEncryptionKeyId);
if (primaryKey != null)
{
keys.Add(primaryKey);
}
// Add our default key. If a primary key is not specified, this implicitly becomes
// the primary (default) key.
byte[] defaultKeyValue = GetDefaultKey();
if (defaultKeyValue != null)
{
var defaultKey = new CryptographicKey(DefaultKeyId, defaultKeyValue);
keys.Add(defaultKey);
}
// Get other defined keys
var definedKeys = Environment.GetEnvironmentVariables();
foreach (var key in definedKeys.Keys)
{
Guid keyId;
Match match = KeySettingNameRegex.Match(key.ToString());
if (match.Success && Guid.TryParse(match.Groups["keyid"].Value, out keyId) && !keys.Any(k => k.Id == keyId))
{
byte[] value = Util.ConvertHexToByteArray(definedKeys[key].ToString());
var cryptoKey = new CryptographicKey(keyId, value);
keys.Add(cryptoKey);
}
}
return(keys.Select((k, i) => CreateKeyElement(k, i))
.ToList()
.AsReadOnly());
}
