/// <summary>
/// Initializes a new instance of the CustomerSecret class.
/// </summary>
/// <param name="keyIdentifier">The identifier to the data service
/// input object which this secret corresponds to.</param>
/// <param name="keyValue">It contains the encrypted customer
/// secret.</param>
/// <param name="algorithm">The encryption algorithm used to encrypt
/// data. Possible values include: 'None', 'RSA1_5', 'RSA_OAEP',
/// 'PlainText'</param>
public CustomerSecret(string keyIdentifier, string keyValue, SupportedAlgorithm algorithm)
{
KeyIdentifier = keyIdentifier;
KeyValue = keyValue;
Algorithm = algorithm;
CustomInit();
}
internal static string ToSerializedValue(this SupportedAlgorithm value)
{
switch (value)
{
case SupportedAlgorithm.None:
return("None");
case SupportedAlgorithm.RSA15:
return("RSA1_5");
case SupportedAlgorithm.RSAOAEP:
return("RSA_OAEP");
case SupportedAlgorithm.PlainText:
return("PlainText");
}
return(null);
}
private static SupportedAlgorithm[] RemoveAlgorithmsUnsupportedByOs(SupportedAlgorithm[] supportedAlgorithms)
{
List<SupportedAlgorithm> filteredSupportedAlgorithms = new List<SupportedAlgorithm>(supportedAlgorithms.Length);
foreach (SupportedAlgorithm supportedAlgorithm in supportedAlgorithms)
{
int nid = supportedAlgorithm.Nid;
using (SafeEcKeyHandle key = Interop.Crypto.EcKeyCreateByCurveName(nid))
{
if (key != null && !key.IsInvalid)
{
filteredSupportedAlgorithms.Add(supportedAlgorithm);
}
}
}
return filteredSupportedAlgorithms.ToArray();
}
private static string GetEncryptedSecret(PublicKey publicKeys, string dataToEncrypt, SupportedAlgorithm algorithm)
{
string l1KModulus = publicKeys.DataServiceLevel1Key.KeyModulus;
string l1KExponent = publicKeys.DataServiceLevel1Key.KeyExponent;
string l2KModulus = publicKeys.DataServiceLevel2Key.KeyModulus;
string l2KExponent = publicKeys.DataServiceLevel2Key.KeyExponent;
byte[] level1KeyModulus = Convert.FromBase64String(l1KModulus);
byte[] level1KeyExponent = Convert.FromBase64String(l1KExponent);
byte[] dataToEncryptByte = Encoding.UTF8.GetBytes(dataToEncrypt);
int key1ChunkSize = publicKeys.DataServiceLevel1Key.EncryptionChunkSizeInBytes;
int key2ChunkSize = publicKeys.DataServiceLevel2Key.EncryptionChunkSizeInBytes;
string firstPass = EncryptUsingJsonWebKey(dataToEncryptByte, key1ChunkSize,
level1KeyModulus, level1KeyExponent, SupportedAlgorithm.RSAOAEP.Equals(algorithm));
byte[] level2KeyModulus = Convert.FromBase64String(l2KModulus);
byte[] level2KeyExponent = Convert.FromBase64String(l2KExponent);
string encrytedData = EncryptUsingJsonWebKey(Encoding.UTF8.GetBytes(firstPass), key2ChunkSize,
level2KeyModulus, level2KeyExponent, SupportedAlgorithm.RSAOAEP.Equals(algorithm));
return(encrytedData);
}
