public IAuthenticatedEncryptorConfiguration FromXml([NotNull] XElement element) { // <managedEncryptor reader="{TYPE}"> // <encryption type="{STRING}" keyLength="{INT}" /> // <validation type="{STRING}" /> // <secret>...</secret> // </managedEncryptor> CryptoUtil.Assert(element.Name == ManagedAuthenticatedEncryptorConfiguration.EncryptionElementName, @"TODO: Bad element."); var options = new ManagedAuthenticatedEncryptorConfigurationOptions(); // read <encryption> element var encryptionElement = element.Element(ManagedAuthenticatedEncryptorConfiguration.EncryptionElementName); options.EncryptionAlgorithmType = Type.GetType((string)encryptionElement.Attribute("type"), throwOnError: true); options.EncryptionAlgorithmKeySize = (int)encryptionElement.Attribute("keyLength"); // read <validation> element var validationElement = element.Element(ManagedAuthenticatedEncryptorConfiguration.ValidationElementName); options.ValidationAlgorithmType = Type.GetType((string)validationElement.Attribute("type"), throwOnError: true); // read the child of the <secret> element, then decrypt it var encryptedSecretElement = element.Element(ManagedAuthenticatedEncryptorConfiguration.SecretElementName).Elements().Single(); var secretElementDecryptorTypeName = (string)encryptedSecretElement.Attribute("decryptor"); var secretElementDecryptorType = Type.GetType(secretElementDecryptorTypeName, throwOnError: true); var secretElementDecryptor = (IXmlDecryptor)_typeActivator.CreateInstance(_serviceProvider, secretElementDecryptorType); var decryptedSecretElement = secretElementDecryptor.Decrypt(encryptedSecretElement); CryptoUtil.Assert(decryptedSecretElement.Name == ManagedAuthenticatedEncryptorConfiguration.SecretElementName, @"TODO: Bad element."); byte[] decryptedSecretBytes = Convert.FromBase64String((string)decryptedSecretElement); try { var protectedMemoryBlob = new ProtectedMemoryBlob(decryptedSecretBytes); return(new ManagedAuthenticatedEncryptorConfiguration(options, protectedMemoryBlob)); } finally { Array.Clear(decryptedSecretBytes, 0, decryptedSecretBytes.Length); } }
public ManagedAuthenticatedEncryptorConfigurationFactory([NotNull] IOptions <ManagedAuthenticatedEncryptorConfigurationOptions> optionsAccessor) { _options = optionsAccessor.Options.Clone(); }
public ManagedAuthenticatedEncryptorConfiguration(ManagedAuthenticatedEncryptorConfigurationOptions options, ISecret secret) { _options = options; _secret = secret; }