Пример #1
0
        public IAuthenticatedEncryptorConfiguration FromXml([NotNull] XElement element)
        {
            // <managedEncryptor reader="{TYPE}">
            //   <encryption type="{STRING}" keyLength="{INT}" />
            //   <validation type="{STRING}" />
            //   <secret>...</secret>
            // </managedEncryptor>

            CryptoUtil.Assert(element.Name == ManagedAuthenticatedEncryptorConfiguration.EncryptionElementName,
                              @"TODO: Bad element.");

            var options = new ManagedAuthenticatedEncryptorConfigurationOptions();

            // read <encryption> element
            var encryptionElement = element.Element(ManagedAuthenticatedEncryptorConfiguration.EncryptionElementName);

            options.EncryptionAlgorithmType    = Type.GetType((string)encryptionElement.Attribute("type"), throwOnError: true);
            options.EncryptionAlgorithmKeySize = (int)encryptionElement.Attribute("keyLength");

            // read <validation> element
            var validationElement = element.Element(ManagedAuthenticatedEncryptorConfiguration.ValidationElementName);

            options.ValidationAlgorithmType = Type.GetType((string)validationElement.Attribute("type"), throwOnError: true);

            // read the child of the <secret> element, then decrypt it
            var encryptedSecretElement         = element.Element(ManagedAuthenticatedEncryptorConfiguration.SecretElementName).Elements().Single();
            var secretElementDecryptorTypeName = (string)encryptedSecretElement.Attribute("decryptor");
            var secretElementDecryptorType     = Type.GetType(secretElementDecryptorTypeName, throwOnError: true);
            var secretElementDecryptor         = (IXmlDecryptor)_typeActivator.CreateInstance(_serviceProvider, secretElementDecryptorType);
            var decryptedSecretElement         = secretElementDecryptor.Decrypt(encryptedSecretElement);

            CryptoUtil.Assert(decryptedSecretElement.Name == ManagedAuthenticatedEncryptorConfiguration.SecretElementName,
                              @"TODO: Bad element.");

            byte[] decryptedSecretBytes = Convert.FromBase64String((string)decryptedSecretElement);
            try
            {
                var protectedMemoryBlob = new ProtectedMemoryBlob(decryptedSecretBytes);
                return(new ManagedAuthenticatedEncryptorConfiguration(options, protectedMemoryBlob));
            }
            finally
            {
                Array.Clear(decryptedSecretBytes, 0, decryptedSecretBytes.Length);
            }
        }
 public ManagedAuthenticatedEncryptorConfigurationFactory([NotNull] IOptions <ManagedAuthenticatedEncryptorConfigurationOptions> optionsAccessor)
 {
     _options = optionsAccessor.Options.Clone();
 }
 public ManagedAuthenticatedEncryptorConfiguration(ManagedAuthenticatedEncryptorConfigurationOptions options, ISecret secret)
 {
     _options = options;
     _secret  = secret;
 }