huahaofeng
/
aspnetcore
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Replace NotNullAttribute with thrown exceptions

This commit is contained in:
Pranav K 2015-10-07 17:58:23 -07:00
parent 76cbb57f9a
commit 9fc75d395d
53 changed files with 638 additions and 174 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
src/Microsoft.AspNet.Cryptography.KeyDerivation/KeyDerivation.cs
View File

@ -3,7 +3,6 @@
using System;
using Microsoft.AspNet.Cryptography.KeyDerivation.PBKDF2;
using Microsoft.Extensions.Internal;
namespace Microsoft.AspNet.Cryptography.KeyDerivation
{
@ -25,8 +24,18 @@ namespace Microsoft.AspNet.Cryptography.KeyDerivation
/// <remarks>
/// The PBKDF2 algorithm is specified in RFC 2898.
/// </remarks>
public static byte[] Pbkdf2([NotNull] string password, [NotNull] byte[] salt, KeyDerivationPrf prf, int iterationCount, int numBytesRequested)
public static byte[] Pbkdf2(string password, byte[] salt, KeyDerivationPrf prf, int iterationCount, int numBytesRequested)
{
if (password == null)
{
throw new ArgumentNullException(nameof(password));
}
if (salt == null)
{
throw new ArgumentNullException(nameof(salt));
}
// parameter checking
if (prf < KeyDerivationPrf.HMACSHA1 || prf > KeyDerivationPrf.HMACSHA512)
{

3
src/Microsoft.AspNet.Cryptography.KeyDerivation/project.json
View File

@ -6,8 +6,7 @@
"url": "git://github.com/aspnet/dataprotection"
},
"dependencies": {
"Microsoft.AspNet.Cryptography.Internal": "1.0.0-*",
"Microsoft.Extensions.NotNullAttribute.Sources": { "type": "build", "version": "1.0.0-*" }
"Microsoft.AspNet.Cryptography.Internal": "1.0.0-*"
},
"frameworks": {
"net451": { },

81
src/Microsoft.AspNet.DataProtection.Abstractions/DataProtectionExtensions.cs
View File

@ -5,10 +5,8 @@ using System;
using System.Collections.Generic;
using System.ComponentModel;
using System.Diagnostics;
using System.Security.Cryptography;
using Microsoft.AspNet.DataProtection.Infrastructure;
using Microsoft.AspNet.DataProtection.Abstractions;
using Microsoft.Extensions.Internal;
#if DNX451 || DNXCORE50 // [[ISSUE1400]] Replace with DNX_ANY when it becomes available
using Microsoft.Dnx.Runtime;
@ -33,8 +31,18 @@ namespace Microsoft.AspNet.DataProtection
/// <see cref="IDataProtectionProvider.CreateProtector(string)"/>. See that method's
/// documentation for more information.
/// </remarks>
public static IDataProtector CreateProtector([NotNull] this IDataProtectionProvider provider, [NotNull] IEnumerable<string> purposes)
public static IDataProtector CreateProtector(this IDataProtectionProvider provider, IEnumerable<string> purposes)
{
if (provider == null)
{
throw new ArgumentNullException(nameof(provider));
}
if (purposes == null)
{
throw new ArgumentNullException(nameof(purposes));
}
bool collectionIsEmpty = true;
IDataProtectionProvider retVal = provider;
foreach (string purpose in purposes)
@ -69,8 +77,18 @@ namespace Microsoft.AspNet.DataProtection
/// <see cref="IDataProtectionProvider.CreateProtector(string)"/>. See that method's
/// documentation for more information.
/// </remarks>
public static IDataProtector CreateProtector([NotNull] this IDataProtectionProvider provider, [NotNull] string purpose, params string[] subPurposes)
public static IDataProtector CreateProtector(this IDataProtectionProvider provider, string purpose, params string[] subPurposes)
{
if (provider == null)
{
throw new ArgumentNullException(nameof(provider));
}
if (purpose == null)
{
throw new ArgumentNullException(nameof(purpose));
}
// The method signature isn't simply CreateProtector(this IDataProtectionProvider, params string[] purposes)
// because we don't want the code provider.CreateProtector() [parameterless] to inadvertently compile.
// The actual signature for this method forces at least one purpose to be provided at the call site.
@ -127,8 +145,13 @@ namespace Microsoft.AspNet.DataProtection
/// <param name="services">The service provider from which to retrieve the <see cref="IDataProtectionProvider"/>.</param>
/// <returns>An <see cref="IDataProtectionProvider"/>. This method is guaranteed never to return null.</returns>
/// <exception cref="InvalidOperationException">If no <see cref="IDataProtectionProvider"/> service exists in <paramref name="services"/>.</exception>
public static IDataProtectionProvider GetDataProtectionProvider([NotNull] this IServiceProvider services)
public static IDataProtectionProvider GetDataProtectionProvider(this IServiceProvider services)
{
if (services == null)
{
throw new ArgumentNullException(nameof(services));
}
// We have our own implementation of GetRequiredService<T> since we don't want to
// take a dependency on DependencyInjection.Interfaces.
IDataProtectionProvider provider = (IDataProtectionProvider)services.GetService(typeof(IDataProtectionProvider));
@ -152,8 +175,18 @@ namespace Microsoft.AspNet.DataProtection
/// then <see cref="CreateProtector(IDataProtectionProvider, IEnumerable{string})"/>. See those methods'
/// documentation for more information.
/// </remarks>
public static IDataProtector GetDataProtector([NotNull] this IServiceProvider services, [NotNull] IEnumerable<string> purposes)
public static IDataProtector GetDataProtector(this IServiceProvider services, IEnumerable<string> purposes)
{
if (services == null)
{
throw new ArgumentNullException(nameof(services));
}
if (purposes == null)
{
throw new ArgumentNullException(nameof(purposes));
}
return services.GetDataProtectionProvider().CreateProtector(purposes);
}
@ -171,8 +204,18 @@ namespace Microsoft.AspNet.DataProtection
/// then <see cref="CreateProtector(IDataProtectionProvider, string, string[])"/>. See those methods'
/// documentation for more information.
/// </remarks>
public static IDataProtector GetDataProtector([NotNull] this IServiceProvider services, [NotNull] string purpose, params string[] subPurposes)
public static IDataProtector GetDataProtector(this IServiceProvider services, string purpose, params string[] subPurposes)
{
if (services == null)
{
throw new ArgumentNullException(nameof(services));
}
if (purpose == null)
{
throw new ArgumentNullException(nameof(purpose));
}
return services.GetDataProtectionProvider().CreateProtector(purpose, subPurposes);
}
@ -182,8 +225,18 @@ namespace Microsoft.AspNet.DataProtection
/// <param name="protector">The data protector to use for this operation.</param>
/// <param name="plaintext">The plaintext data to protect.</param>
/// <returns>The protected form of the plaintext data.</returns>
public static string Protect([NotNull] this IDataProtector protector, [NotNull] string plaintext)
public static string Protect(this IDataProtector protector, string plaintext)
{
if (protector == null)
{
throw new ArgumentNullException(nameof(protector));
}
if (plaintext == null)
{
throw new ArgumentNullException(nameof(plaintext));
}
try
{
byte[] plaintextAsBytes = EncodingUtil.SecureUtf8Encoding.GetBytes(plaintext);
@ -206,8 +259,18 @@ namespace Microsoft.AspNet.DataProtection
/// <exception cref="CryptographicException">
/// Thrown if <paramref name="protectedData"/> is invalid or malformed.
/// </exception>
public static string Unprotect([NotNull] this IDataProtector protector, [NotNull] string protectedData)
public static string Unprotect(this IDataProtector protector, string protectedData)
{
if (protector == null)
{
throw new ArgumentNullException(nameof(protector));
}
if (protectedData == null)
{
throw new ArgumentNullException(nameof(protectedData));
}
try
{
byte[] protectedDataAsBytes = WebEncoders.Base64UrlDecode(protectedData);

5
src/Microsoft.AspNet.DataProtection.Abstractions/IDataProtectionProvider.cs
View File

@ -1,9 +1,6 @@
// Copyright (c) .NET Foundation. All rights reserved.
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using System;
using Microsoft.Extensions.Internal;
namespace Microsoft.AspNet.DataProtection
{
/// <summary>
@ -24,6 +21,6 @@ namespace Microsoft.AspNet.DataProtection
/// values will not be able to decipher each other's payloads. The <paramref name="purpose"/> parameter
/// value is not intended to be kept secret.
/// </remarks>
IDataProtector CreateProtector([NotNull] string purpose);
IDataProtector CreateProtector(string purpose);
}
}

8
src/Microsoft.AspNet.DataProtection.Abstractions/IDataProtector.cs
View File

@ -1,10 +1,6 @@
// Copyright (c) .NET Foundation. All rights reserved.
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using System;
using System.Security.Cryptography;
using Microsoft.Extensions.Internal;
namespace Microsoft.AspNet.DataProtection
{
/// <summary>
@ -17,7 +13,7 @@ namespace Microsoft.AspNet.DataProtection
/// </summary>
/// <param name="plaintext">The plaintext data to protect.</param>
/// <returns>The protected form of the plaintext data.</returns>
byte[] Protect([NotNull] byte[] plaintext);
byte[] Protect(byte[] plaintext);
/// <summary>
/// Cryptographically unprotects a piece of protected data.
@ -27,6 +23,6 @@ namespace Microsoft.AspNet.DataProtection
/// <exception cref="CryptographicException">
/// Thrown if the protected data is invalid or malformed.
/// </exception>
byte[] Unprotect([NotNull] byte[] protectedData);
byte[] Unprotect(byte[] protectedData);
}
}

1
src/Microsoft.AspNet.DataProtection.Abstractions/project.json
View File

@ -6,7 +6,6 @@
"url": "git://github.com/aspnet/dataprotection"
},
"dependencies": {
"Microsoft.Extensions.NotNullAttribute.Sources": { "type": "build", "version": "1.0.0-*" },
"Microsoft.AspNet.DataProtection.Sources": { "type": "build", "version": "" }
},
"frameworks": {

72
src/Microsoft.AspNet.DataProtection.Extensions/DataProtectionExtensions.cs
View File

@ -2,8 +2,6 @@
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using System;
using System.Security.Cryptography;
using Microsoft.Extensions.Internal;
namespace Microsoft.AspNet.DataProtection
{
@ -17,8 +15,18 @@ namespace Microsoft.AspNet.DataProtection
/// <param name="plaintext">The plaintext data to protect.</param>
/// <param name="lifetime">The amount of time after which the payload should no longer be unprotectable.</param>
/// <returns>The protected form of the plaintext data.</returns>
public static byte[] Protect([NotNull] this ITimeLimitedDataProtector protector, [NotNull] byte[] plaintext, TimeSpan lifetime)
public static byte[] Protect(this ITimeLimitedDataProtector protector, byte[] plaintext, TimeSpan lifetime)
{
if (protector == null)
{
throw new ArgumentNullException(nameof(protector));
}
if (plaintext == null)
{
throw new ArgumentNullException(nameof(plaintext));
}
return protector.Protect(plaintext, DateTimeOffset.UtcNow + lifetime);
}
@ -30,8 +38,18 @@ namespace Microsoft.AspNet.DataProtection
/// <param name="plaintext">The plaintext data to protect.</param>
/// <param name="expiration">The time when this payload should expire.</param>
/// <returns>The protected form of the plaintext data.</returns>
public static string Protect([NotNull] this ITimeLimitedDataProtector protector, [NotNull] string plaintext, DateTimeOffset expiration)
public static string Protect(this ITimeLimitedDataProtector protector, string plaintext, DateTimeOffset expiration)
{
if (protector == null)
{
throw new ArgumentNullException(nameof(protector));
}
if (plaintext == null)
{
throw new ArgumentNullException(nameof(plaintext));
}
var wrappingProtector = new TimeLimitedWrappingProtector(protector) { Expiration = expiration };
return wrappingProtector.Protect(plaintext);
}
@ -44,8 +62,18 @@ namespace Microsoft.AspNet.DataProtection
/// <param name="plaintext">The plaintext data to protect.</param>
/// <param name="lifetime">The amount of time after which the payload should no longer be unprotectable.</param>
/// <returns>The protected form of the plaintext data.</returns>
public static string Protect([NotNull] this ITimeLimitedDataProtector protector, [NotNull] string plaintext, TimeSpan lifetime)
public static string Protect(this ITimeLimitedDataProtector protector, string plaintext, TimeSpan lifetime)
{
if (protector == null)
{
throw new ArgumentNullException(nameof(protector));
}
if (plaintext == null)
{
throw new ArgumentNullException(nameof(plaintext));
}
return Protect(protector, plaintext, DateTimeOffset.Now + lifetime);
}
@ -55,8 +83,13 @@ namespace Microsoft.AspNet.DataProtection
/// </summary>
/// <param name="protector">The <see cref="IDataProtector"/> to convert to a time-limited protector.</param>
/// <returns>An <see cref="ITimeLimitedDataProtector"/>.</returns>
public static ITimeLimitedDataProtector ToTimeLimitedDataProtector([NotNull] this IDataProtector protector)
public static ITimeLimitedDataProtector ToTimeLimitedDataProtector(this IDataProtector protector)
{
if (protector == null)
{
throw new ArgumentNullException(nameof(protector));
}
return (protector as ITimeLimitedDataProtector) ?? new TimeLimitedDataProtector(protector);
}
@ -71,8 +104,18 @@ namespace Microsoft.AspNet.DataProtection
/// <exception cref="CryptographicException">
/// Thrown if <paramref name="protectedData"/> is invalid, malformed, or expired.
/// </exception>
public static string Unprotect([NotNull] this ITimeLimitedDataProtector protector, [NotNull] string protectedData, out DateTimeOffset expiration)
public static string Unprotect(this ITimeLimitedDataProtector protector, string protectedData, out DateTimeOffset expiration)
{
if (protector == null)
{
throw new ArgumentNullException(nameof(protector));
}
if (protectedData == null)
{
throw new ArgumentNullException(nameof(protectedData));
}
var wrappingProtector = new TimeLimitedWrappingProtector(protector);
string retVal = wrappingProtector.Unprotect(protectedData);
expiration = wrappingProtector.Expiration;
@ -91,16 +134,31 @@ namespace Microsoft.AspNet.DataProtection
public IDataProtector CreateProtector(string purpose)
{
if (purpose == null)
{
throw new ArgumentNullException(nameof(purpose));
}
throw new NotImplementedException();
}
public byte[] Protect(byte[] plaintext)
{
if (plaintext == null)
{
throw new ArgumentNullException(nameof(plaintext));
}
return _innerProtector.Protect(plaintext, Expiration);
}
public byte[] Unprotect(byte[] protectedData)
{
if (protectedData == null)
{
throw new ArgumentNullException(nameof(protectedData));
}
return _innerProtector.Unprotect(protectedData, out Expiration);
}
}

17
src/Microsoft.AspNet.DataProtection.Extensions/DataProtectionProvider.cs
View File

@ -4,7 +4,6 @@
using System;
using System.IO;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Internal;
namespace Microsoft.AspNet.DataProtection
{
@ -21,7 +20,7 @@ namespace Microsoft.AspNet.DataProtection
/// </summary>
/// <param name="keyDirectory">The <see cref="DirectoryInfo"/> in which keys should be stored. This may
/// represent a directory on a local disk or a UNC share.</param>
public DataProtectionProvider([NotNull] DirectoryInfo keyDirectory)
public DataProtectionProvider(DirectoryInfo keyDirectory)
: this(keyDirectory, configure: null)
{
}
@ -34,8 +33,13 @@ namespace Microsoft.AspNet.DataProtection
/// represent a directory on a local disk or a UNC share.</param>
/// <param name="configure">An optional callback which provides further configuration of the data protection
/// system. See <see cref="DataProtectionConfiguration"/> for more information.</param>
public DataProtectionProvider([NotNull] DirectoryInfo keyDirectory, Action<DataProtectionConfiguration> configure)
public DataProtectionProvider(DirectoryInfo keyDirectory, Action<DataProtectionConfiguration> configure)
{
if (keyDirectory == null)
{
throw new ArgumentNullException(nameof(keyDirectory));
}
// build the service collection
ServiceCollection serviceCollection = new ServiceCollection();
serviceCollection.AddDataProtection();
@ -52,8 +56,13 @@ namespace Microsoft.AspNet.DataProtection
/// <summary>
/// Implements <see cref="IDataProtectionProvider.CreateProtector(string)"/>.
/// </summary>
public IDataProtector CreateProtector([NotNull] string purpose)
public IDataProtector CreateProtector(string purpose)
{
if (purpose == null)
{
throw new ArgumentNullException(nameof(purpose));
}
return _innerProvider.CreateProtector(purpose);
}
}

8
src/Microsoft.AspNet.DataProtection.Extensions/ITimeLimitedDataProtector.cs
View File

@ -2,8 +2,6 @@
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using System;
using System.Security.Cryptography;
using Microsoft.Extensions.Internal;
namespace Microsoft.AspNet.DataProtection
{
@ -31,7 +29,7 @@ namespace Microsoft.AspNet.DataProtection
/// values will not be able to decipher each other's payloads. The <paramref name="purpose"/> parameter
/// value is not intended to be kept secret.
/// </remarks>
new ITimeLimitedDataProtector CreateProtector([NotNull] string purpose);
new ITimeLimitedDataProtector CreateProtector(string purpose);
/// <summary>
/// Cryptographically protects a piece of plaintext data, expiring the data at
@ -40,7 +38,7 @@ namespace Microsoft.AspNet.DataProtection
/// <param name="plaintext">The plaintext data to protect.</param>
/// <param name="expiration">The time when this payload should expire.</param>
/// <returns>The protected form of the plaintext data.</returns>
byte[] Protect([NotNull] byte[] plaintext, DateTimeOffset expiration);
byte[] Protect(byte[] plaintext, DateTimeOffset expiration);
/// <summary>
/// Cryptographically unprotects a piece of protected data.
@ -52,6 +50,6 @@ namespace Microsoft.AspNet.DataProtection
/// <exception cref="CryptographicException">
/// Thrown if <paramref name="protectedData"/> is invalid, malformed, or expired.
/// </exception>
byte[] Unprotect([NotNull] byte[] protectedData, out DateTimeOffset expiration);
byte[] Unprotect(byte[] protectedData, out DateTimeOffset expiration);
}
}

44
src/Microsoft.AspNet.DataProtection.Extensions/TimeLimitedDataProtector.cs
View File

@ -5,7 +5,6 @@ using System;
using System.Security.Cryptography;
using System.Threading;
using Microsoft.AspNet.DataProtection.Extensions;
using Microsoft.Extensions.Internal;
namespace Microsoft.AspNet.DataProtection
{
@ -25,8 +24,13 @@ namespace Microsoft.AspNet.DataProtection
_innerProtector = innerProtector;
}
public ITimeLimitedDataProtector CreateProtector([NotNull] string purpose)
public ITimeLimitedDataProtector CreateProtector(string purpose)
{
if (purpose == null)
{
throw new ArgumentNullException(nameof(purpose));
}
return new TimeLimitedDataProtector(_innerProtector.CreateProtector(purpose));
}
@ -42,8 +46,13 @@ namespace Microsoft.AspNet.DataProtection
return retVal;
}
public byte[] Protect([NotNull] byte[] plaintext, DateTimeOffset expiration)
public byte[] Protect(byte[] plaintext, DateTimeOffset expiration)
{
if (plaintext == null)
{
throw new ArgumentNullException(nameof(plaintext));
}
// We prepend the expiration time (as a 64-bit UTC tick count) to the unprotected data.
byte[] plaintextWithHeader = new byte[checked(8 + plaintext.Length)];
BitHelpers.WriteUInt64(plaintextWithHeader, 0, (ulong)expiration.UtcTicks);
@ -52,13 +61,23 @@ namespace Microsoft.AspNet.DataProtection
return GetInnerProtectorWithTimeLimitedPurpose().Protect(plaintextWithHeader);
}
public byte[] Unprotect([NotNull] byte[] protectedData, out DateTimeOffset expiration)
public byte[] Unprotect(byte[] protectedData, out DateTimeOffset expiration)
{
if (protectedData == null)
{
throw new ArgumentNullException(nameof(protectedData));
}
return UnprotectCore(protectedData, DateTimeOffset.UtcNow, out expiration);
}
internal byte[] UnprotectCore([NotNull] byte[] protectedData, DateTimeOffset now, out DateTimeOffset expiration)
internal byte[] UnprotectCore(byte[] protectedData, DateTimeOffset now, out DateTimeOffset expiration)
{
if (protectedData == null)
{
throw new ArgumentNullException(nameof(protectedData));
}
try
{
byte[] plaintextWithHeader = GetInnerProtectorWithTimeLimitedPurpose().Unprotect(protectedData);
@ -97,17 +116,32 @@ namespace Microsoft.AspNet.DataProtection
IDataProtector IDataProtectionProvider.CreateProtector(string purpose)
{
if (purpose == null)
{
throw new ArgumentNullException(nameof(purpose));
}
return CreateProtector(purpose);
}
byte[] IDataProtector.Protect(byte[] plaintext)
{
if (plaintext == null)
{
throw new ArgumentNullException(nameof(plaintext));
}
// MaxValue essentially means 'no expiration'
return Protect(plaintext, DateTimeOffset.MaxValue);
}
byte[] IDataProtector.Unprotect(byte[] protectedData)
{
if (protectedData == null)
{
throw new ArgumentNullException(nameof(protectedData));
}
DateTimeOffset expiration; // unused
return Unprotect(protectedData, out expiration);
}

3
src/Microsoft.AspNet.DataProtection.Extensions/project.json
View File

@ -8,8 +8,7 @@
"dependencies": {
"Microsoft.AspNet.DataProtection": "1.0.0-*",
"Microsoft.AspNet.DataProtection.Sources": { "type": "build", "version": "" },
"Microsoft.Extensions.DependencyInjection": "1.0.0-*",
"Microsoft.Extensions.NotNullAttribute.Sources": { "type": "build", "version": "1.0.0-*" }
"Microsoft.Extensions.DependencyInjection": "1.0.0-*"
},
"frameworks": {
"net451": { },

8
src/Microsoft.AspNet.DataProtection/ActivatorExtensions.cs
View File

@ -5,7 +5,6 @@ using System;
using System.Reflection;
using Microsoft.AspNet.Cryptography;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Internal;
namespace Microsoft.AspNet.DataProtection
{
@ -18,9 +17,14 @@ namespace Microsoft.AspNet.DataProtection
/// Creates an instance of <paramref name="implementationTypeName"/> and ensures
/// that it is assignable to <typeparamref name="T"/>.
/// </summary>
public static T CreateInstance<T>(this IActivator activator, [NotNull] string implementationTypeName)
public static T CreateInstance<T>(this IActivator activator, string implementationTypeName)
where T : class
{
if (implementationTypeName == null)
{
throw new ArgumentNullException(nameof(implementationTypeName));
}
return activator.CreateInstance(typeof(T), implementationTypeName) as T
?? CryptoUtil.Fail<T>("CreateInstance returned null.");
}

12
src/Microsoft.AspNet.DataProtection/AuthenticatedEncryption/ConfigurationModel/AuthenticatedEncryptorConfiguration.cs
View File

@ -2,7 +2,6 @@
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using System;
using Microsoft.Extensions.Internal;
namespace Microsoft.AspNet.DataProtection.AuthenticatedEncryption.ConfigurationModel
{
@ -13,13 +12,18 @@ namespace Microsoft.AspNet.DataProtection.AuthenticatedEncryption.ConfigurationM
{
private readonly IServiceProvider _services;
public AuthenticatedEncryptorConfiguration([NotNull] AuthenticatedEncryptionOptions options)
public AuthenticatedEncryptorConfiguration(AuthenticatedEncryptionOptions options)
: this(options, services: null)
{
}
public AuthenticatedEncryptorConfiguration([NotNull] AuthenticatedEncryptionOptions options, IServiceProvider services)
public AuthenticatedEncryptorConfiguration(AuthenticatedEncryptionOptions options, IServiceProvider services)
{
if (options == null)
{
throw new ArgumentNullException(nameof(options));
}
Options = options;
_services = services;
}
@ -30,7 +34,7 @@ namespace Microsoft.AspNet.DataProtection.AuthenticatedEncryption.ConfigurationM
{
return this.CreateNewDescriptorCore();
}
IAuthenticatedEncryptorDescriptor IInternalAuthenticatedEncryptorConfiguration.CreateDescriptorFromSecret(ISecret secret)
{
return new AuthenticatedEncryptorDescriptor(Options, secret, _services);

17
src/Microsoft.AspNet.DataProtection/AuthenticatedEncryption/ConfigurationModel/AuthenticatedEncryptorDescriptor.cs
View File

@ -3,7 +3,6 @@
using System;
using System.Xml.Linq;
using Microsoft.Extensions.Internal;
namespace Microsoft.AspNet.DataProtection.AuthenticatedEncryption.ConfigurationModel
{
@ -15,13 +14,23 @@ namespace Microsoft.AspNet.DataProtection.AuthenticatedEncryption.ConfigurationM
{
private readonly IServiceProvider _services;
public AuthenticatedEncryptorDescriptor([NotNull] AuthenticatedEncryptionOptions options, [NotNull] ISecret masterKey)
public AuthenticatedEncryptorDescriptor(AuthenticatedEncryptionOptions options, ISecret masterKey)
: this(options, masterKey, services: null)
{
}
public AuthenticatedEncryptorDescriptor([NotNull] AuthenticatedEncryptionOptions options, [NotNull] ISecret masterKey, IServiceProvider services)
public AuthenticatedEncryptorDescriptor(AuthenticatedEncryptionOptions options, ISecret masterKey, IServiceProvider services)
{
if (options == null)
{
throw new ArgumentNullException(nameof(options));
}
if (masterKey == null)
{
throw new ArgumentNullException(nameof(masterKey));
}
Options = options;
MasterKey = masterKey;
_services = services;
@ -30,7 +39,7 @@ namespace Microsoft.AspNet.DataProtection.AuthenticatedEncryption.ConfigurationM
internal ISecret MasterKey { get; }
internal AuthenticatedEncryptionOptions Options { get; }
public IAuthenticatedEncryptor CreateEncryptorInstance()
{
return Options.CreateAuthenticatedEncryptorInstance(MasterKey, _services);

8
src/Microsoft.AspNet.DataProtection/AuthenticatedEncryption/ConfigurationModel/AuthenticatedEncryptorDescriptorDeserializer.cs
View File

@ -4,7 +4,6 @@
using System;
using System.Linq;
using System.Xml.Linq;
using Microsoft.Extensions.Internal;
namespace Microsoft.AspNet.DataProtection.AuthenticatedEncryption.ConfigurationModel
{
@ -29,8 +28,13 @@ namespace Microsoft.AspNet.DataProtection.AuthenticatedEncryption.ConfigurationM
/// <summary>
/// Imports the <see cref="AuthenticatedEncryptorDescriptor"/> from serialized XML.
/// </summary>
public IAuthenticatedEncryptorDescriptor ImportFromXml([NotNull] XElement element)
public IAuthenticatedEncryptorDescriptor ImportFromXml(XElement element)
{
if (element == null)
{
throw new ArgumentNullException(nameof(element));
}
// <descriptor>
// <encryption algorithm="..." />
// <validation algorithm="..." /> <!-- only if not GCM -->

10
src/Microsoft.AspNet.DataProtection/AuthenticatedEncryption/ConfigurationModel/CngCbcAuthenticatedEncryptorConfiguration.cs
View File

@ -2,7 +2,6 @@
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using System;
using Microsoft.Extensions.Internal;
namespace Microsoft.AspNet.DataProtection.AuthenticatedEncryption.ConfigurationModel
{
@ -14,13 +13,18 @@ namespace Microsoft.AspNet.DataProtection.AuthenticatedEncryption.ConfigurationM
{
private readonly IServiceProvider _services;
public CngCbcAuthenticatedEncryptorConfiguration([NotNull] CngCbcAuthenticatedEncryptionOptions options)
public CngCbcAuthenticatedEncryptorConfiguration(CngCbcAuthenticatedEncryptionOptions options)
: this(options, services: null)
{
}
public CngCbcAuthenticatedEncryptorConfiguration([NotNull] CngCbcAuthenticatedEncryptionOptions options, IServiceProvider services)
public CngCbcAuthenticatedEncryptorConfiguration(CngCbcAuthenticatedEncryptionOptions options, IServiceProvider services)
{
if (options == null)
{
throw new ArgumentNullException(nameof(options));
}
Options = options;
_services = services;
}

15
src/Microsoft.AspNet.DataProtection/AuthenticatedEncryption/ConfigurationModel/CngCbcAuthenticatedEncryptorDescriptor.cs
View File

@ -3,7 +3,6 @@
using System;
using System.Xml.Linq;
using Microsoft.Extensions.Internal;
using Microsoft.Extensions.Logging;
namespace Microsoft.AspNet.DataProtection.AuthenticatedEncryption.ConfigurationModel
@ -16,13 +15,23 @@ namespace Microsoft.AspNet.DataProtection.AuthenticatedEncryption.ConfigurationM
{
private readonly ILogger _log;
public CngCbcAuthenticatedEncryptorDescriptor([NotNull] CngCbcAuthenticatedEncryptionOptions options, [NotNull] ISecret masterKey)
public CngCbcAuthenticatedEncryptorDescriptor(CngCbcAuthenticatedEncryptionOptions options, ISecret masterKey)
: this(options, masterKey, services: null)
{
}
public CngCbcAuthenticatedEncryptorDescriptor([NotNull] CngCbcAuthenticatedEncryptionOptions options, [NotNull] ISecret masterKey, IServiceProvider services)
public CngCbcAuthenticatedEncryptorDescriptor(CngCbcAuthenticatedEncryptionOptions options, ISecret masterKey, IServiceProvider services)
{
if (options == null)
{
throw new ArgumentNullException(nameof(options));
}
if (masterKey == null)
{
throw new ArgumentNullException(nameof(masterKey));
}
Options = options;
MasterKey = masterKey;
_log = services.GetLogger<CngCbcAuthenticatedEncryptorDescriptor>();

8
src/Microsoft.AspNet.DataProtection/AuthenticatedEncryption/ConfigurationModel/CngCbcAuthenticatedEncryptorDescriptorDeserializer.cs
View File

@ -3,7 +3,6 @@
using System;
using System.Xml.Linq;
using Microsoft.Extensions.Internal;
namespace Microsoft.AspNet.DataProtection.AuthenticatedEncryption.ConfigurationModel
{
@ -28,8 +27,13 @@ namespace Microsoft.AspNet.DataProtection.AuthenticatedEncryption.ConfigurationM
/// <summary>
/// Imports the <see cref="CngCbcAuthenticatedEncryptorDescriptor"/> from serialized XML.
/// </summary>
public IAuthenticatedEncryptorDescriptor ImportFromXml([NotNull] XElement element)
public IAuthenticatedEncryptorDescriptor ImportFromXml(XElement element)
{
if (element == null)
{
throw new ArgumentNullException(nameof(element));
}
// <descriptor>
// <!-- Windows CNG-CBC -->
// <encryption algorithm="..." keyLength="..." [provider="..."] />

10
src/Microsoft.AspNet.DataProtection/AuthenticatedEncryption/ConfigurationModel/CngGcmAuthenticatedEncryptorConfiguration.cs
View File

@ -2,7 +2,6 @@
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using System;
using Microsoft.Extensions.Internal;
namespace Microsoft.AspNet.DataProtection.AuthenticatedEncryption.ConfigurationModel
{
@ -14,13 +13,18 @@ namespace Microsoft.AspNet.DataProtection.AuthenticatedEncryption.ConfigurationM
{
private readonly IServiceProvider _services;
public CngGcmAuthenticatedEncryptorConfiguration([NotNull] CngGcmAuthenticatedEncryptionOptions options)
public CngGcmAuthenticatedEncryptorConfiguration(CngGcmAuthenticatedEncryptionOptions options)
: this(options, services: null)
{
}
public CngGcmAuthenticatedEncryptorConfiguration([NotNull] CngGcmAuthenticatedEncryptionOptions options, IServiceProvider services)
public CngGcmAuthenticatedEncryptorConfiguration(CngGcmAuthenticatedEncryptionOptions options, IServiceProvider services)
{
if (options == null)
{
throw new ArgumentNullException(nameof(options));
}
Options = options;
_services = services;
}

15
src/Microsoft.AspNet.DataProtection/AuthenticatedEncryption/ConfigurationModel/CngGcmAuthenticatedEncryptorDescriptor.cs
View File

@ -3,7 +3,6 @@
using System;
using System.Xml.Linq;
using Microsoft.Extensions.Internal;
using Microsoft.Extensions.Logging;
namespace Microsoft.AspNet.DataProtection.AuthenticatedEncryption.ConfigurationModel
@ -16,13 +15,23 @@ namespace Microsoft.AspNet.DataProtection.AuthenticatedEncryption.ConfigurationM
{
private readonly ILogger _log;
public CngGcmAuthenticatedEncryptorDescriptor([NotNull] CngGcmAuthenticatedEncryptionOptions options, [NotNull] ISecret masterKey)
public CngGcmAuthenticatedEncryptorDescriptor(CngGcmAuthenticatedEncryptionOptions options, ISecret masterKey)
: this(options, masterKey, services: null)
{
}
public CngGcmAuthenticatedEncryptorDescriptor([NotNull] CngGcmAuthenticatedEncryptionOptions options, [NotNull] ISecret masterKey, IServiceProvider services)
public CngGcmAuthenticatedEncryptorDescriptor(CngGcmAuthenticatedEncryptionOptions options, ISecret masterKey, IServiceProvider services)
{
if (options == null)
{
throw new ArgumentNullException(nameof(options));
}
if (masterKey == null)
{
throw new ArgumentNullException(nameof(masterKey));
}
Options = options;
MasterKey = masterKey;
_log = services.GetLogger<CngGcmAuthenticatedEncryptorDescriptor>();

8
src/Microsoft.AspNet.DataProtection/AuthenticatedEncryption/ConfigurationModel/CngGcmAuthenticatedEncryptorDescriptorDeserializer.cs
View File

@ -3,7 +3,6 @@
using System;
using System.Xml.Linq;
using Microsoft.Extensions.Internal;
namespace Microsoft.AspNet.DataProtection.AuthenticatedEncryption.ConfigurationModel
{
@ -28,8 +27,13 @@ namespace Microsoft.AspNet.DataProtection.AuthenticatedEncryption.ConfigurationM
/// <summary>
/// Imports the <see cref="CngCbcAuthenticatedEncryptorDescriptor"/> from serialized XML.
/// </summary>
public IAuthenticatedEncryptorDescriptor ImportFromXml([NotNull] XElement element)
public IAuthenticatedEncryptorDescriptor ImportFromXml(XElement element)
{
if (element == null)
{
throw new ArgumentNullException(nameof(element));
}
// <descriptor>
// <!-- Windows CNG-GCM -->
// <encryption algorithm="..." keyLength="..." [provider="..."] />

4
src/Microsoft.AspNet.DataProtection/AuthenticatedEncryption/ConfigurationModel/IAuthenticatedEncryptorDescriptorDeserializer.cs
View File

@ -1,9 +1,7 @@
// Copyright (c) .NET Foundation. All rights reserved.
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using System;
using System.Xml.Linq;
using Microsoft.Extensions.Internal;
namespace Microsoft.AspNet.DataProtection.AuthenticatedEncryption.ConfigurationModel
{
@ -17,6 +15,6 @@ namespace Microsoft.AspNet.DataProtection.AuthenticatedEncryption.ConfigurationM
/// </summary>
/// <param name="element">The element to deserialize.</param>
/// <returns>The <see cref="IAuthenticatedEncryptorDescriptor"/> represented by <paramref name="element"/>.</returns>
IAuthenticatedEncryptorDescriptor ImportFromXml([NotNull] XElement element);
IAuthenticatedEncryptorDescriptor ImportFromXml(XElement element);
}
}

11
src/Microsoft.AspNet.DataProtection/AuthenticatedEncryption/ConfigurationModel/ManagedAuthenticatedEncryptorConfiguration.cs
View File

@ -2,8 +2,6 @@
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using System;
using Microsoft.Extensions.Internal;
using System.Security.Cryptography;
namespace Microsoft.AspNet.DataProtection.AuthenticatedEncryption.ConfigurationModel
{
@ -15,13 +13,18 @@ namespace Microsoft.AspNet.DataProtection.AuthenticatedEncryption.ConfigurationM
{
private readonly IServiceProvider _services;
public ManagedAuthenticatedEncryptorConfiguration([NotNull] ManagedAuthenticatedEncryptionOptions options)
public ManagedAuthenticatedEncryptorConfiguration(ManagedAuthenticatedEncryptionOptions options)
: this(options, services: null)
{
}
public ManagedAuthenticatedEncryptorConfiguration([NotNull] ManagedAuthenticatedEncryptionOptions options, IServiceProvider services)
public ManagedAuthenticatedEncryptorConfiguration(ManagedAuthenticatedEncryptionOptions options, IServiceProvider services)
{
if (options == null)
{
throw new ArgumentNullException(nameof(options));
}
Options = options;
_services = services;
}

15
src/Microsoft.AspNet.DataProtection/AuthenticatedEncryption/ConfigurationModel/ManagedAuthenticatedEncryptorDescriptor.cs
View File

@ -4,7 +4,6 @@
using System;
using System.Security.Cryptography;
using System.Xml.Linq;
using Microsoft.Extensions.Internal;
using Microsoft.Extensions.Logging;
namespace Microsoft.AspNet.DataProtection.AuthenticatedEncryption.ConfigurationModel
@ -17,13 +16,23 @@ namespace Microsoft.AspNet.DataProtection.AuthenticatedEncryption.ConfigurationM
{
private readonly ILogger _log;
public ManagedAuthenticatedEncryptorDescriptor([NotNull] ManagedAuthenticatedEncryptionOptions options, [NotNull] ISecret masterKey)
public ManagedAuthenticatedEncryptorDescriptor(ManagedAuthenticatedEncryptionOptions options, ISecret masterKey)
: this(options, masterKey, services: null)
{
}
public ManagedAuthenticatedEncryptorDescriptor([NotNull] ManagedAuthenticatedEncryptionOptions options, [NotNull] ISecret masterKey, IServiceProvider services)
public ManagedAuthenticatedEncryptorDescriptor(ManagedAuthenticatedEncryptionOptions options, ISecret masterKey, IServiceProvider services)
{
if (options == null)
{
throw new ArgumentNullException(nameof(options));
}
if (masterKey == null)
{
throw new ArgumentNullException(nameof(masterKey));
}
Options = options;
MasterKey = masterKey;
_log = services.GetLogger<ManagedAuthenticatedEncryptorDescriptor>();

8
src/Microsoft.AspNet.DataProtection/AuthenticatedEncryption/ConfigurationModel/ManagedAuthenticatedEncryptorDescriptorDeserializer.cs
View File

@ -4,7 +4,6 @@
using System;
using System.Security.Cryptography;
using System.Xml.Linq;
using Microsoft.Extensions.Internal;
namespace Microsoft.AspNet.DataProtection.AuthenticatedEncryption.ConfigurationModel
{
@ -29,8 +28,13 @@ namespace Microsoft.AspNet.DataProtection.AuthenticatedEncryption.ConfigurationM
/// <summary>
/// Imports the <see cref="ManagedAuthenticatedEncryptorDescriptor"/> from serialized XML.
/// </summary>
public IAuthenticatedEncryptorDescriptor ImportFromXml([NotNull] XElement element)
public IAuthenticatedEncryptorDescriptor ImportFromXml(XElement element)
{
if (element == null)
{
throw new ArgumentNullException(nameof(element));
}
// <descriptor>
// <!-- managed implementations -->
// <encryption algorithm="..." keyLength="..." />

8
src/Microsoft.AspNet.DataProtection/AuthenticatedEncryption/ConfigurationModel/XmlExtensions.cs
View File

@ -3,7 +3,6 @@
using System;
using System.Xml.Linq;
using Microsoft.Extensions.Internal;
namespace Microsoft.AspNet.DataProtection.AuthenticatedEncryption.ConfigurationModel
{
@ -18,8 +17,13 @@ namespace Microsoft.AspNet.DataProtection.AuthenticatedEncryption.ConfigurationM
/// Marks the provided <see cref="XElement"/> as requiring encryption before being persisted
/// to storage. Use when implementing <see cref="IAuthenticatedEncryptorDescriptor.ExportToXml"/>.
/// </summary>
public static void MarkAsRequiresEncryption([NotNull] this XElement element)
public static void MarkAsRequiresEncryption(this XElement element)
{
if (element == null)
{
throw new ArgumentNullException(nameof(element));
}
element.SetAttributeValue(XmlConstants.RequiresEncryptionAttributeName, true);
}
}

13
src/Microsoft.AspNet.DataProtection/AuthenticatedEncryption/ConfigurationModel/XmlSerializedDescriptorInfo.cs
View File

@ -4,7 +4,6 @@
using System;
using System.Reflection;
using System.Xml.Linq;
using Microsoft.Extensions.Internal;
namespace Microsoft.AspNet.DataProtection.AuthenticatedEncryption.ConfigurationModel
{
@ -21,8 +20,18 @@ namespace Microsoft.AspNet.DataProtection.AuthenticatedEncryption.ConfigurationM
/// <param name="serializedDescriptorElement">The XML-serialized form of the <see cref="IAuthenticatedEncryptorDescriptor"/>.</param>
/// <param name="deserializerType">The class whose <see cref="IAuthenticatedEncryptorDescriptorDeserializer.ImportFromXml(XElement)"/>
/// method can be used to deserialize <paramref name="serializedDescriptorElement"/>.</param>
public XmlSerializedDescriptorInfo([NotNull] XElement serializedDescriptorElement, [NotNull] Type deserializerType)
public XmlSerializedDescriptorInfo(XElement serializedDescriptorElement, Type deserializerType)
{
if (serializedDescriptorElement == null)
{
throw new ArgumentNullException(nameof(serializedDescriptorElement));
}
if (deserializerType == null)
{
throw new ArgumentNullException(nameof(deserializerType));
}
if (!typeof(IAuthenticatedEncryptorDescriptorDeserializer).IsAssignableFrom(deserializerType))
{
throw new ArgumentException(

94
src/Microsoft.AspNet.DataProtection/DataProtectionConfiguration.cs
View File

@ -9,7 +9,6 @@ using Microsoft.AspNet.DataProtection.KeyManagement;
using Microsoft.AspNet.DataProtection.XmlEncryption;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.DependencyInjection.Extensions;
using Microsoft.Extensions.Internal;
using Microsoft.Win32;
#if !DNXCORE50 // [[ISSUE60]] Remove this #ifdef when Core CLR gets support for EncryptedXml
@ -49,8 +48,13 @@ namespace Microsoft.AspNet.DataProtection
/// <summary>
/// Creates a new configuration object linked to a <see cref="IServiceCollection"/>.
/// </summary>
public DataProtectionConfiguration([NotNull] IServiceCollection services)
public DataProtectionConfiguration(IServiceCollection services)
{
if (services == null)
{
throw new ArgumentNullException(nameof(services));
}
Services = services;
}
@ -68,8 +72,13 @@ namespace Microsoft.AspNet.DataProtection
/// <remarks>
/// Registrations are additive.
/// </remarks>
public DataProtectionConfiguration AddKeyEscrowSink([NotNull] IKeyEscrowSink sink)
public DataProtectionConfiguration AddKeyEscrowSink(IKeyEscrowSink sink)
{
if (sink == null)
{
throw new ArgumentNullException(nameof(sink));
}
Services.AddInstance<IKeyEscrowSink>(sink);
return this;
}
@ -97,8 +106,13 @@ namespace Microsoft.AspNet.DataProtection
/// <remarks>
/// Registrations are additive. The factory is registered as <see cref="ServiceLifetime.Singleton"/>.
/// </remarks>
public DataProtectionConfiguration AddKeyEscrowSink([NotNull] Func<IServiceProvider, IKeyEscrowSink> factory)
public DataProtectionConfiguration AddKeyEscrowSink(Func<IServiceProvider, IKeyEscrowSink> factory)
{
if (factory == null)
{
throw new ArgumentNullException(nameof(factory));
}
Services.AddSingleton<IKeyEscrowSink>(factory);
return this;
}
@ -108,8 +122,13 @@ namespace Microsoft.AspNet.DataProtection
/// </summary>
/// <param name="setupAction">A callback that configures the global options.</param>
/// <returns>The 'this' instance.</returns>
public DataProtectionConfiguration ConfigureGlobalOptions([NotNull] Action<DataProtectionOptions> setupAction)
public DataProtectionConfiguration ConfigureGlobalOptions(Action<DataProtectionOptions> setupAction)
{
if (setupAction == null)
{
throw new ArgumentNullException(nameof(setupAction));
}
Services.Configure(setupAction);
return this;
}
@ -137,8 +156,13 @@ namespace Microsoft.AspNet.DataProtection
/// </summary>
/// <param name="directory">The directory in which to store keys.</param>
/// <returns>The 'this' instance.</returns>
public DataProtectionConfiguration PersistKeysToFileSystem([NotNull] DirectoryInfo directory)
public DataProtectionConfiguration PersistKeysToFileSystem(DirectoryInfo directory)
{
if (directory == null)
{
throw new ArgumentNullException(nameof(directory));
}
Use(DataProtectionServiceDescriptors.IXmlRepository_FileSystem(directory));
return this;
}
@ -148,8 +172,13 @@ namespace Microsoft.AspNet.DataProtection
/// </summary>
/// <param name="registryKey">The location in the registry where keys should be stored.</param>
/// <returns>The 'this' instance.</returns>
public DataProtectionConfiguration PersistKeysToRegistry([NotNull] RegistryKey registryKey)
public DataProtectionConfiguration PersistKeysToRegistry(RegistryKey registryKey)
{
if (registryKey == null)
{
throw new ArgumentNullException(nameof(registryKey));
}
Use(DataProtectionServiceDescriptors.IXmlRepository_Registry(registryKey));
return this;
}
@ -161,8 +190,13 @@ namespace Microsoft.AspNet.DataProtection
/// </summary>
/// <param name="certificate">The certificate to use when encrypting keys.</param>
/// <returns>The 'this' instance.</returns>
public DataProtectionConfiguration ProtectKeysWithCertificate([NotNull] X509Certificate2 certificate)
public DataProtectionConfiguration ProtectKeysWithCertificate(X509Certificate2 certificate)
{
if (certificate == null)
{
throw new ArgumentNullException(nameof(certificate));
}
Use(DataProtectionServiceDescriptors.IXmlEncryptor_Certificate(certificate));
return this;
}
@ -172,8 +206,13 @@ namespace Microsoft.AspNet.DataProtection
/// </summary>
/// <param name="thumbprint">The thumbprint of the certificate to use when encrypting keys.</param>
/// <returns>The 'this' instance.</returns>
public DataProtectionConfiguration ProtectKeysWithCertificate([NotNull] string thumbprint)
public DataProtectionConfiguration ProtectKeysWithCertificate(string thumbprint)
{
if (thumbprint == null)
{
throw new ArgumentNullException(nameof(thumbprint));
}
// Make sure the thumbprint corresponds to a valid certificate.
if (new CertificateResolver().ResolveCertificate(thumbprint) == null)
{
@ -249,8 +288,13 @@ namespace Microsoft.AspNet.DataProtection
/// and <paramref name="flags"/> arguments.
/// This API is only supported on Windows 8 / Windows Server 2012 and higher.
/// </remarks>
public DataProtectionConfiguration ProtectKeysWithDpapiNG([NotNull] string protectionDescriptorRule, DpapiNGProtectionDescriptorFlags flags)
public DataProtectionConfiguration ProtectKeysWithDpapiNG(string protectionDescriptorRule, DpapiNGProtectionDescriptorFlags flags)
{
if (protectionDescriptorRule == null)
{
throw new ArgumentNullException(nameof(protectionDescriptorRule));
}
Use(DataProtectionServiceDescriptors.IXmlEncryptor_DpapiNG(protectionDescriptorRule, flags));
return this;
}
@ -287,15 +331,20 @@ namespace Microsoft.AspNet.DataProtection
});
return this;
}
/// <summary>
/// Configures the data protection system to use the specified cryptographic algorithms
/// by default when generating protected payloads.
/// </summary>
/// <param name="options">Information about what cryptographic algorithms should be used.</param>
/// <returns>The 'this' instance.</returns>
public DataProtectionConfiguration UseCryptographicAlgorithms([NotNull] AuthenticatedEncryptionOptions options)
public DataProtectionConfiguration UseCryptographicAlgorithms(AuthenticatedEncryptionOptions options)
{
if (options == null)
{
throw new ArgumentNullException(nameof(options));
}
return UseCryptographicAlgorithmsCore(options);
}
@ -311,8 +360,13 @@ namespace Microsoft.AspNet.DataProtection
/// This API is only available on Windows.
/// </remarks>
[EditorBrowsable(EditorBrowsableState.Advanced)]
public DataProtectionConfiguration UseCustomCryptographicAlgorithms([NotNull] CngCbcAuthenticatedEncryptionOptions options)
public DataProtectionConfiguration UseCustomCryptographicAlgorithms(CngCbcAuthenticatedEncryptionOptions options)
{
if (options == null)
{
throw new ArgumentNullException(nameof(options));
}
return UseCryptographicAlgorithmsCore(options);
}
@ -328,8 +382,13 @@ namespace Microsoft.AspNet.DataProtection
/// This API is only available on Windows.
/// </remarks>
[EditorBrowsable(EditorBrowsableState.Advanced)]
public DataProtectionConfiguration UseCustomCryptographicAlgorithms([NotNull] CngGcmAuthenticatedEncryptionOptions options)
public DataProtectionConfiguration UseCustomCryptographicAlgorithms(CngGcmAuthenticatedEncryptionOptions options)
{
if (options == null)
{
throw new ArgumentNullException(nameof(options));
}
return UseCryptographicAlgorithmsCore(options);
}
@ -342,8 +401,13 @@ namespace Microsoft.AspNet.DataProtection
/// <param name="options">Information about what cryptographic algorithms should be used.</param>
/// <returns>The 'this' instance.</returns>
[EditorBrowsable(EditorBrowsableState.Advanced)]
public DataProtectionConfiguration UseCustomCryptographicAlgorithms([NotNull] ManagedAuthenticatedEncryptionOptions options)
public DataProtectionConfiguration UseCustomCryptographicAlgorithms(ManagedAuthenticatedEncryptionOptions options)
{
if (options == null)
{
throw new ArgumentNullException(nameof(options));
}
return UseCryptographicAlgorithmsCore(options);
}

25
src/Microsoft.AspNet.DataProtection/DataProtectionProviderFactory.cs
View File

@ -4,7 +4,6 @@
using System;
using Microsoft.AspNet.DataProtection.KeyManagement;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Internal;
using Microsoft.Extensions.OptionsModel;
namespace Microsoft.AspNet.DataProtection
@ -20,13 +19,33 @@ namespace Microsoft.AspNet.DataProtection
/// <param name="options">The global options to use when creating the provider.</param>
/// <param name="services">Provides mandatory services for use by the provider.</param>
/// <returns>An <see cref="IDataProtectionProvider"/>.</returns>
public static IDataProtectionProvider GetProviderFromServices([NotNull] DataProtectionOptions options, [NotNull] IServiceProvider services)
public static IDataProtectionProvider GetProviderFromServices(DataProtectionOptions options, IServiceProvider services)
{
if (options == null)
{
throw new ArgumentNullException(nameof(options));
}
if (services == null)
{
throw new ArgumentNullException(nameof(services));
}
return GetProviderFromServices(options, services, mustCreateImmediately: false);
}
internal static IDataProtectionProvider GetProviderFromServices([NotNull] DataProtectionOptions options, [NotNull] IServiceProvider services, bool mustCreateImmediately)
internal static IDataProtectionProvider GetProviderFromServices(DataProtectionOptions options, IServiceProvider services, bool mustCreateImmediately)
{
if (options == null)
{
throw new ArgumentNullException(nameof(options));
}
if (services == null)
{
throw new ArgumentNullException(nameof(services));
}
IDataProtectionProvider dataProtectionProvider = null;
// If we're being asked to create the provider immediately, then it means that

20
src/Microsoft.AspNet.DataProtection/DataProtectionServiceCollectionExtensions.cs
View File

@ -4,7 +4,6 @@
using System;
using Microsoft.AspNet.DataProtection;
using Microsoft.Extensions.DependencyInjection.Extensions;
using Microsoft.Extensions.Internal;
namespace Microsoft.Extensions.DependencyInjection
{
@ -18,8 +17,13 @@ namespace Microsoft.Extensions.DependencyInjection
/// </summary>
/// <param name="services">The service collection to which to add DataProtection services.</param>
/// <returns>The <paramref name="services"/> instance.</returns>
public static IServiceCollection AddDataProtection([NotNull] this IServiceCollection services)
public static IServiceCollection AddDataProtection(this IServiceCollection services)
{
if (services == null)
{
throw new ArgumentNullException(nameof(services));
}
services.AddOptions();
services.TryAdd(DataProtectionServices.GetDefaultServices());
return services;
@ -32,8 +36,18 @@ namespace Microsoft.Extensions.DependencyInjection
/// <param name="configure">A callback which takes a <see cref="DataProtectionConfiguration"/> parameter.
/// This callback will be responsible for configuring the system.</param>
/// <returns>The <paramref name="services"/> instance.</returns>
public static IServiceCollection ConfigureDataProtection([NotNull] this IServiceCollection services, [NotNull] Action<DataProtectionConfiguration> configure)
public static IServiceCollection ConfigureDataProtection(this IServiceCollection services, Action<DataProtectionConfiguration> configure)
{
if (services == null)
{
throw new ArgumentNullException(nameof(services));
}
if (configure == null)
{
throw new ArgumentNullException(nameof(configure));
}
configure(new DataProtectionConfiguration(services));
return services;
}

8
src/Microsoft.AspNet.DataProtection/EphemeralDataProtectionProvider.cs
View File

@ -5,7 +5,6 @@ using System;
using Microsoft.AspNet.Cryptography.Cng;
using Microsoft.AspNet.DataProtection.AuthenticatedEncryption;
using Microsoft.AspNet.DataProtection.KeyManagement;
using Microsoft.Extensions.Internal;
using Microsoft.Extensions.Logging;
namespace Microsoft.AspNet.DataProtection
@ -57,8 +56,13 @@ namespace Microsoft.AspNet.DataProtection
_dataProtectionProvider = new KeyRingBasedDataProtectionProvider(keyringProvider, services);
}
public IDataProtector CreateProtector([NotNull] string purpose)
public IDataProtector CreateProtector(string purpose)
{
if (purpose == null)
{
throw new ArgumentNullException(nameof(purpose));
}
// just forward to the underlying provider
return _dataProtectionProvider.CreateProtector(purpose);
}

8
src/Microsoft.AspNet.DataProtection/KeyManagement/KeyRingBasedDataProtectionProvider.cs
View File

@ -2,7 +2,6 @@
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using System;
using Microsoft.Extensions.Internal;
using Microsoft.Extensions.Logging;
namespace Microsoft.AspNet.DataProtection.KeyManagement
@ -18,8 +17,13 @@ namespace Microsoft.AspNet.DataProtection.KeyManagement
_logger = services.GetLogger<KeyRingBasedDataProtector>(); // note: for protector (not provider!) type, could be null
}
public IDataProtector CreateProtector([NotNull] string purpose)
public IDataProtector CreateProtector(string purpose)
{
if (purpose == null)
{
throw new ArgumentNullException(nameof(purpose));
}
return new KeyRingBasedDataProtector(
logger: _logger,
keyRingProvider: _keyRingProvider,

18
src/Microsoft.AspNet.DataProtection/KeyManagement/KeyRingBasedDataProtector.cs
View File

@ -9,7 +9,6 @@ using System.Linq;
using System.Threading;
using Microsoft.AspNet.Cryptography;
using Microsoft.AspNet.DataProtection.AuthenticatedEncryption;
using Microsoft.Extensions.Internal;
using Microsoft.Extensions.Logging;
namespace Microsoft.AspNet.DataProtection.KeyManagement
@ -54,8 +53,13 @@ namespace Microsoft.AspNet.DataProtection.KeyManagement
}
}
public IDataProtector CreateProtector([NotNull] string purpose)
public IDataProtector CreateProtector(string purpose)
{
if (purpose == null)
{
throw new ArgumentNullException(nameof(purpose));
}
return new KeyRingBasedDataProtector(
logger: _logger,
keyRingProvider: _keyRingProvider,
@ -86,6 +90,11 @@ namespace Microsoft.AspNet.DataProtection.KeyManagement
public byte[] Protect(byte[] plaintext)
{
if (plaintext == null)
{
throw new ArgumentNullException(nameof(plaintext));
}
// argument & state checking
if (plaintext == null)
{
@ -177,6 +186,11 @@ namespace Microsoft.AspNet.DataProtection.KeyManagement
public byte[] Unprotect(byte[] protectedData)
{
if (protectedData == null)
{
throw new ArgumentNullException(nameof(protectedData));
}
// Argument checking will be done by the callee
bool requiresMigration, wasRevoked; // unused
return DangerousUnprotect(protectedData,

16
src/Microsoft.AspNet.DataProtection/KeyManagement/XmlKeyManager.cs
View File

@ -5,7 +5,6 @@ using System;
using System.Collections.Generic;
using System.Diagnostics;
using System.Linq;
using System.Reflection;
using System.Runtime.CompilerServices;
using System.Threading;
using System.Xml;
@ -15,7 +14,6 @@ using Microsoft.AspNet.DataProtection.AuthenticatedEncryption.ConfigurationModel
using Microsoft.AspNet.DataProtection.Repositories;
using Microsoft.AspNet.DataProtection.XmlEncryption;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Internal;
using Microsoft.Extensions.Logging;
using static System.FormattableString;
@ -57,10 +55,20 @@ namespace Microsoft.AspNet.DataProtection.KeyManagement
/// <param name="configuration">Configuration for newly-created keys.</param>
/// <param name="services">A provider of optional services.</param>
public XmlKeyManager(
[NotNull] IXmlRepository repository,
[NotNull] IAuthenticatedEncryptorConfiguration configuration,
IXmlRepository repository,
IAuthenticatedEncryptorConfiguration configuration,
IServiceProvider services)
{
if (repository == null)
{
throw new ArgumentNullException(nameof(repository));
}
if (configuration == null)
{
throw new ArgumentNullException(nameof(configuration));
}
KeyEncryptor = services.GetService<IXmlEncryptor>(); // optional
KeyRepository = repository;

8
src/Microsoft.AspNet.DataProtection/Repositories/EphemeralXmlRepository.cs
View File

@ -5,7 +5,6 @@ using System;
using System.Collections.Generic;
using System.Linq;
using System.Xml.Linq;
using Microsoft.Extensions.Internal;
using Microsoft.Extensions.Logging;
namespace Microsoft.AspNet.DataProtection.Repositories
@ -45,8 +44,13 @@ namespace Microsoft.AspNet.DataProtection.Repositories
}
}
public virtual void StoreElement([NotNull] XElement element, string friendlyName)
public virtual void StoreElement(XElement element, string friendlyName)
{
if (element == null)
{
throw new ArgumentNullException(nameof(element));
}
XElement cloned = new XElement(element); // makes a deep copy so caller doesn't inadvertently modify it
// under lock for thread safety

21
src/Microsoft.AspNet.DataProtection/Repositories/FileSystemXmlRepository.cs
View File

@ -7,7 +7,6 @@ using System.Diagnostics;
using System.IO;
using System.Linq;
using System.Xml.Linq;
using Microsoft.Extensions.Internal;
using Microsoft.Extensions.Logging;
namespace Microsoft.AspNet.DataProtection.Repositories
@ -25,9 +24,13 @@ namespace Microsoft.AspNet.DataProtection.Repositories
/// Creates a <see cref="FileSystemXmlRepository"/> with keys stored at the given directory.
/// </summary>
/// <param name="directory">The directory in which to persist key material.</param>
public FileSystemXmlRepository([NotNull] DirectoryInfo directory)
public FileSystemXmlRepository(DirectoryInfo directory)
: this(directory, services: null)
{
if (directory == null)
{
throw new ArgumentNullException(nameof(directory));
}
}
/// <summary>
@ -35,8 +38,13 @@ namespace Microsoft.AspNet.DataProtection.Repositories
/// </summary>
/// <param name="directory">The directory in which to persist key material.</param>
/// <param name="services">An optional <see cref="IServiceProvider"/> to provide ancillary services.</param>
public FileSystemXmlRepository([NotNull] DirectoryInfo directory, IServiceProvider services)
public FileSystemXmlRepository(DirectoryInfo directory, IServiceProvider services)
{
if (directory == null)
{
throw new ArgumentNullException(nameof(directory));
}
Directory = directory;
Services = services;
_logger = services?.GetLogger<FileSystemXmlRepository>();
@ -188,8 +196,13 @@ namespace Microsoft.AspNet.DataProtection.Repositories
}
}
public virtual void StoreElement([NotNull] XElement element, string friendlyName)
public virtual void StoreElement(XElement element, string friendlyName)
{
if (element == null)
{
throw new ArgumentNullException(nameof(element));
}
if (!IsSafeFilename(friendlyName))
{
string newFriendlyName = Guid.NewGuid().ToString();

21
src/Microsoft.AspNet.DataProtection/Repositories/RegistryXmlRepository.cs
View File

@ -6,7 +6,6 @@ using System.Collections.Generic;
using System.Linq;
using System.Security.Principal;
using System.Xml.Linq;
using Microsoft.Extensions.Internal;
using Microsoft.Extensions.Logging;
using Microsoft.Win32;
@ -27,17 +26,26 @@ namespace Microsoft.AspNet.DataProtection.Repositories
/// Creates a <see cref="RegistryXmlRepository"/> with keys stored in the given registry key.
/// </summary>
/// <param name="registryKey">The registry key in which to persist key material.</param>
public RegistryXmlRepository([NotNull] RegistryKey registryKey)
public RegistryXmlRepository(RegistryKey registryKey)
: this(registryKey, services: null)
{
if (registryKey == null)
{
throw new ArgumentNullException(nameof(registryKey));
}
}
/// <summary>
/// Creates a <see cref="RegistryXmlRepository"/> with keys stored in the given registry key.
/// </summary>
/// <param name="registryKey">The registry key in which to persist key material.</param>
public RegistryXmlRepository([NotNull] RegistryKey registryKey, IServiceProvider services)
public RegistryXmlRepository(RegistryKey registryKey, IServiceProvider services)
{
if (registryKey == null)
{
throw new ArgumentNullException(nameof(registryKey));
}
RegistryKey = registryKey;
Services = services;
_logger = services?.GetLogger<RegistryXmlRepository>();
@ -141,8 +149,13 @@ namespace Microsoft.AspNet.DataProtection.Repositories
return (!String.IsNullOrEmpty(data)) ? XElement.Parse(data) : null;
}
public virtual void StoreElement([NotNull] XElement element, string friendlyName)
public virtual void StoreElement(XElement element, string friendlyName)
{
if (element == null)
{
throw new ArgumentNullException(nameof(element));
}
if (!IsSafeRegistryValueName(friendlyName))
{
string newFriendlyName = Guid.NewGuid().ToString();

14
src/Microsoft.AspNet.DataProtection/Secret.cs
View File

@ -6,7 +6,6 @@ using Microsoft.AspNet.Cryptography;
using Microsoft.AspNet.Cryptography.Cng;
using Microsoft.AspNet.Cryptography.SafeHandles;
using Microsoft.AspNet.DataProtection.Managed;
using Microsoft.Extensions.Internal;
namespace Microsoft.AspNet.DataProtection
{
@ -37,9 +36,13 @@ namespace Microsoft.AspNet.DataProtection
/// Creates a new Secret from the provided input value, where the input value
/// is specified as an array.
/// </summary>
public Secret([NotNull] byte[] value)
public Secret(byte[] value)
: this(new ArraySegment<byte>(value))
{
if (value == null)
{
throw new ArgumentNullException(nameof(value));
}
}
/// <summary>
@ -64,8 +67,13 @@ namespace Microsoft.AspNet.DataProtection
/// <summary>
/// Creates a new Secret from another secret object.
/// </summary>
public Secret([NotNull] ISecret secret)
public Secret(ISecret secret)
{
if (secret == null)
{
throw new ArgumentNullException(nameof(secret));
}
Secret other = secret as Secret;
if (other != null)
{

5
src/Microsoft.AspNet.DataProtection/XmlEncryption/CertificateResolver.cs
View File

@ -21,6 +21,11 @@ namespace Microsoft.AspNet.DataProtection.XmlEncryption
/// <returns>The resolved <see cref="X509Certificate2"/>, or null if the certificate cannot be found.</returns>
public virtual X509Certificate2 ResolveCertificate(string thumbprint)
{
if (thumbprint == null)
{
throw new ArgumentNullException(nameof(thumbprint));
}
if (String.IsNullOrEmpty(thumbprint))
{
throw Error.Common_ArgumentCannotBeNullOrEmpty(nameof(thumbprint));

31
src/Microsoft.AspNet.DataProtection/XmlEncryption/CertificateXmlEncryptor.cs
View File

@ -10,7 +10,6 @@ using System.Xml;
using System.Xml.Linq;
using Microsoft.AspNet.Cryptography;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Internal;
using Microsoft.Extensions.Logging;
namespace Microsoft.AspNet.DataProtection.XmlEncryption
@ -31,7 +30,7 @@ namespace Microsoft.AspNet.DataProtection.XmlEncryption
/// <param name="thumbprint">The thumbprint (as a hex string) of the certificate with which to
/// encrypt the key material. The certificate must be locatable by <paramref name="certificateResolver"/>.</param>
/// <param name="certificateResolver">A resolver which can locate <see cref="X509Certificate2"/> objects.</param>
public CertificateXmlEncryptor([NotNull] string thumbprint, [NotNull] ICertificateResolver certificateResolver)
public CertificateXmlEncryptor(string thumbprint, ICertificateResolver certificateResolver)
: this(thumbprint, certificateResolver, services: null)
{
}
@ -45,9 +44,19 @@ namespace Microsoft.AspNet.DataProtection.XmlEncryption
/// encrypt the key material. The certificate must be locatable by <paramref name="certificateResolver"/>.</param>
/// <param name="certificateResolver">A resolver which can locate <see cref="X509Certificate2"/> objects.</param>
/// <param name="services">An optional <see cref="IServiceProvider"/> to provide ancillary services.</param>
public CertificateXmlEncryptor([NotNull] string thumbprint, [NotNull] ICertificateResolver certificateResolver, IServiceProvider services)
public CertificateXmlEncryptor(string thumbprint, ICertificateResolver certificateResolver, IServiceProvider services)
: this(services)
{
if (thumbprint == null)
{
throw new ArgumentNullException(nameof(thumbprint));
}
if (certificateResolver == null)
{
throw new ArgumentNullException(nameof(certificateResolver));
}
_certFactory = CreateCertFactory(thumbprint, certificateResolver);
}
@ -55,7 +64,7 @@ namespace Microsoft.AspNet.DataProtection.XmlEncryption
/// Creates a <see cref="CertificateXmlEncryptor"/> given an <see cref="X509Certificate2"/> instance.
/// </summary>
/// <param name="certificate">The <see cref="X509Certificate2"/> with which to encrypt the key material.</param>
public CertificateXmlEncryptor([NotNull] X509Certificate2 certificate)
public CertificateXmlEncryptor(X509Certificate2 certificate)
: this(certificate, services: null)
{
}
@ -66,9 +75,14 @@ namespace Microsoft.AspNet.DataProtection.XmlEncryption
/// </summary>
/// <param name="certificate">The <see cref="X509Certificate2"/> with which to encrypt the key material.</param>
/// <param name="services">An optional <see cref="IServiceProvider"/> to provide ancillary services.</param>
public CertificateXmlEncryptor([NotNull] X509Certificate2 certificate, IServiceProvider services)
public CertificateXmlEncryptor(X509Certificate2 certificate, IServiceProvider services)
: this(services)
{
if (certificate == null)
{
throw new ArgumentNullException(nameof(certificate));
}
_certFactory = () => certificate;
}
@ -87,8 +101,13 @@ namespace Microsoft.AspNet.DataProtection.XmlEncryption
/// <paramref name="plaintextElement"/> along with information about how to
/// decrypt it.
/// </returns>
public EncryptedXmlInfo Encrypt([NotNull] XElement plaintextElement)
public EncryptedXmlInfo Encrypt(XElement plaintextElement)
{
if (plaintextElement == null)
{
throw new ArgumentNullException(nameof(plaintextElement));
}
// <EncryptedData Type="http://www.w3.org/2001/04/xmlenc#Element" xmlns="http://www.w3.org/2001/04/xmlenc#">
// ...
// </EncryptedData>

8
src/Microsoft.AspNet.DataProtection/XmlEncryption/DpapiNGXmlDecryptor.cs
View File

@ -5,7 +5,6 @@ using System;
using System.Xml.Linq;
using Microsoft.AspNet.Cryptography;
using Microsoft.AspNet.DataProtection.Cng;
using Microsoft.Extensions.Internal;
using Microsoft.Extensions.Logging;
namespace Microsoft.AspNet.DataProtection.XmlEncryption
@ -45,8 +44,13 @@ namespace Microsoft.AspNet.DataProtection.XmlEncryption
/// <param name="encryptedElement">An encrypted XML element.</param>
/// <returns>The decrypted form of <paramref name="encryptedElement"/>.</returns>
/// <remarks>
public XElement Decrypt([NotNull] XElement encryptedElement)
public XElement Decrypt(XElement encryptedElement)
{
if (encryptedElement == null)
{
throw new ArgumentNullException(nameof(encryptedElement));
}
try
{
// <encryptedKey>

19
src/Microsoft.AspNet.DataProtection/XmlEncryption/DpapiNGXmlEncryptor.cs
View File

@ -7,7 +7,6 @@ using System.Xml.Linq;
using Microsoft.AspNet.Cryptography;
using Microsoft.AspNet.Cryptography.SafeHandles;
using Microsoft.AspNet.DataProtection.Cng;
using Microsoft.Extensions.Internal;
using Microsoft.Extensions.Logging;
using static System.FormattableString;
@ -30,7 +29,7 @@ namespace Microsoft.AspNet.DataProtection.XmlEncryption
/// </summary>
/// <param name="protectionDescriptorRule">The rule string from which to create the protection descriptor.</param>
/// <param name="flags">Flags controlling the creation of the protection descriptor.</param>
public DpapiNGXmlEncryptor([NotNull] string protectionDescriptorRule, DpapiNGProtectionDescriptorFlags flags)
public DpapiNGXmlEncryptor(string protectionDescriptorRule, DpapiNGProtectionDescriptorFlags flags)
: this(protectionDescriptorRule, flags, services: null)
{
}
@ -41,8 +40,13 @@ namespace Microsoft.AspNet.DataProtection.XmlEncryption
/// <param name="protectionDescriptorRule">The rule string from which to create the protection descriptor.</param>
/// <param name="flags">Flags controlling the creation of the protection descriptor.</param>
/// <param name="services">An optional <see cref="IServiceProvider"/> to provide ancillary services.</param>
public DpapiNGXmlEncryptor([NotNull] string protectionDescriptorRule, DpapiNGProtectionDescriptorFlags flags, IServiceProvider services)
public DpapiNGXmlEncryptor(string protectionDescriptorRule, DpapiNGProtectionDescriptorFlags flags, IServiceProvider services)
{
if (protectionDescriptorRule == null)
{
throw new ArgumentNullException(nameof(protectionDescriptorRule));
}
CryptoUtil.AssertPlatformIsWindows8OrLater();
int ntstatus = UnsafeNativeMethods.NCryptCreateProtectionDescriptor(protectionDescriptorRule, (uint)flags, out _protectionDescriptorHandle);
@ -61,8 +65,13 @@ namespace Microsoft.AspNet.DataProtection.XmlEncryption
/// <paramref name="plaintextElement"/> along with information about how to
/// decrypt it.
/// </returns>
public EncryptedXmlInfo Encrypt([NotNull] XElement plaintextElement)
public EncryptedXmlInfo Encrypt(XElement plaintextElement)
{
if (plaintextElement == null)
{
throw new ArgumentNullException(nameof(plaintextElement));
}
string protectionDescriptorRuleString = _protectionDescriptorHandle.GetProtectionDescriptorRuleString();
if (_logger.IsVerboseLevelEnabled())
{
@ -92,7 +101,7 @@ namespace Microsoft.AspNet.DataProtection.XmlEncryption
// <!-- rule string -->
// <value>{base64}</value>
// </encryptedKey>
var element = new XElement("encryptedKey",
new XComment(" This key is encrypted with Windows DPAPI-NG. "),
new XComment(" Rule: " + protectionDescriptorRuleString + " "),

8
src/Microsoft.AspNet.DataProtection/XmlEncryption/DpapiXmlDecryptor.cs
View File

@ -5,7 +5,6 @@ using System;
using System.Xml.Linq;
using Microsoft.AspNet.Cryptography;
using Microsoft.AspNet.DataProtection.Cng;
using Microsoft.Extensions.Internal;
using Microsoft.Extensions.Logging;
namespace Microsoft.AspNet.DataProtection.XmlEncryption
@ -42,8 +41,13 @@ namespace Microsoft.AspNet.DataProtection.XmlEncryption
/// <param name="encryptedElement">An encrypted XML element.</param>
/// <returns>The decrypted form of <paramref name="encryptedElement"/>.</returns>
/// <remarks>
public XElement Decrypt([NotNull] XElement encryptedElement)
public XElement Decrypt(XElement encryptedElement)
{
if (encryptedElement == null)
{
throw new ArgumentNullException(nameof(encryptedElement));
}
if (_logger.IsVerboseLevelEnabled())
{
_logger.LogVerbose("Decrypting secret element using Windows DPAPI.");

9
src/Microsoft.AspNet.DataProtection/XmlEncryption/DpapiXmlEncryptor.cs
View File

@ -5,9 +5,7 @@ using System;
using System.Security.Principal;
using System.Xml.Linq;
using Microsoft.AspNet.Cryptography;
using Microsoft.AspNet.DataProtection.AuthenticatedEncryption;
using Microsoft.AspNet.DataProtection.Cng;
using Microsoft.Extensions.Internal;
using Microsoft.Extensions.Logging;
namespace Microsoft.AspNet.DataProtection.XmlEncryption
@ -56,8 +54,13 @@ namespace Microsoft.AspNet.DataProtection.XmlEncryption
/// <paramref name="plaintextElement"/> along with information about how to
/// decrypt it.
/// </returns>
public EncryptedXmlInfo Encrypt([NotNull] XElement plaintextElement)
public EncryptedXmlInfo Encrypt(XElement plaintextElement)
{
if (plaintextElement == null)
{
throw new ArgumentNullException(nameof(plaintextElement));
}
if (_logger.IsVerboseLevelEnabled())
{
if (_protectToLocalMachine)

3
src/Microsoft.AspNet.DataProtection/XmlEncryption/EncryptedXmlDecryptor.core50.cs
View File

@ -9,7 +9,6 @@
using System;
using System.Xml.Linq;
using Microsoft.Extensions.Internal;
using Microsoft.Extensions.Logging;
namespace Microsoft.AspNet.DataProtection.XmlEncryption
@ -28,7 +27,7 @@ namespace Microsoft.AspNet.DataProtection.XmlEncryption
_logger = services.GetLogger<EncryptedXmlDecryptor>();
}
public XElement Decrypt([NotNull] XElement encryptedElement)
public XElement Decrypt(XElement encryptedElement)
{
if (_logger.IsErrorLevelEnabled())
{

8
src/Microsoft.AspNet.DataProtection/XmlEncryption/EncryptedXmlDecryptor.cs
View File

@ -8,7 +8,6 @@ using System.Security.Cryptography.Xml;
using System.Xml;
using System.Xml.Linq;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Internal;
namespace Microsoft.AspNet.DataProtection.XmlEncryption
{
@ -42,8 +41,13 @@ namespace Microsoft.AspNet.DataProtection.XmlEncryption
/// <param name="encryptedElement">An encrypted XML element.</param>
/// <returns>The decrypted form of <paramref name="encryptedElement"/>.</returns>
/// <remarks>
public XElement Decrypt([NotNull] XElement encryptedElement)
public XElement Decrypt(XElement encryptedElement)
{
if (encryptedElement == null)
{
throw new ArgumentNullException(nameof(encryptedElement));
}
// <EncryptedData Type="http://www.w3.org/2001/04/xmlenc#Element" xmlns="http://www.w3.org/2001/04/xmlenc#">
// ...
// </EncryptedData>

13
src/Microsoft.AspNet.DataProtection/XmlEncryption/EncryptedXmlInfo.cs
View File

@ -4,7 +4,6 @@
using System;
using System.Reflection;
using System.Xml.Linq;
using Microsoft.Extensions.Internal;
namespace Microsoft.AspNet.DataProtection.XmlEncryption
{
@ -20,8 +19,18 @@ namespace Microsoft.AspNet.DataProtection.XmlEncryption
/// <param name="encryptedElement">A piece of encrypted XML.</param>
/// <param name="decryptorType">The class whose <see cref="IXmlDecryptor.Decrypt(XElement)"/>
/// method can be used to decrypt <paramref name="encryptedElement"/>.</param>
public EncryptedXmlInfo([NotNull] XElement encryptedElement, [NotNull] Type decryptorType)
public EncryptedXmlInfo(XElement encryptedElement, Type decryptorType)
{
if (encryptedElement == null)
{
throw new ArgumentNullException(nameof(encryptedElement));
}
if (decryptorType == null)
{
throw new ArgumentNullException(nameof(decryptorType));
}
if (!typeof(IXmlDecryptor).IsAssignableFrom(decryptorType))
{
throw new ArgumentException(

4
src/Microsoft.AspNet.DataProtection/XmlEncryption/ICertificateResolver.cs
View File

@ -3,9 +3,7 @@
#if !DNXCORE50 // [[ISSUE60]] Remove this #ifdef when Core CLR gets support for EncryptedXml
using System;
using System.Security.Cryptography.X509Certificates;
using Microsoft.Extensions.Internal;
namespace Microsoft.AspNet.DataProtection.XmlEncryption
{
@ -19,7 +17,7 @@ namespace Microsoft.AspNet.DataProtection.XmlEncryption
/// </summary>
/// <param name="thumbprint">The thumbprint (as a hex string) of the certificate to resolve.</param>
/// <returns>The resolved <see cref="X509Certificate2"/>, or null if the certificate cannot be found.</returns>
X509Certificate2 ResolveCertificate([NotNull] string thumbprint);
X509Certificate2 ResolveCertificate(string thumbprint);
}
}

4
src/Microsoft.AspNet.DataProtection/XmlEncryption/IXmlDecryptor.cs
View File

@ -1,9 +1,7 @@
// Copyright (c) .NET Foundation. All rights reserved.
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using System;
using System.Xml.Linq;
using Microsoft.Extensions.Internal;
namespace Microsoft.AspNet.DataProtection.XmlEncryption
{
@ -21,6 +19,6 @@ namespace Microsoft.AspNet.DataProtection.XmlEncryption
/// Implementations of this method must not mutate the <see cref="XElement"/>
/// instance provided by <paramref name="encryptedElement"/>.
/// </remarks>
XElement Decrypt([NotNull] XElement encryptedElement);
XElement Decrypt(XElement encryptedElement);
}
}

5
src/Microsoft.AspNet.DataProtection/XmlEncryption/IXmlEncryptor.cs
View File

@ -1,10 +1,7 @@
// Copyright (c) .NET Foundation. All rights reserved.
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using System;
using System.Xml.Linq;
using Microsoft.AspNet.DataProtection.AuthenticatedEncryption;
using Microsoft.Extensions.Internal;
namespace Microsoft.AspNet.DataProtection.XmlEncryption
{
@ -26,6 +23,6 @@ namespace Microsoft.AspNet.DataProtection.XmlEncryption
/// Implementations of this method must not mutate the <see cref="XElement"/>
/// instance provided by <paramref name="plaintextElement"/>.
/// </remarks>
EncryptedXmlInfo Encrypt([NotNull] XElement plaintextElement);
EncryptedXmlInfo Encrypt(XElement plaintextElement);
}
}

8
src/Microsoft.AspNet.DataProtection/XmlEncryption/NullXmlDecryptor.cs
View File

@ -4,7 +4,6 @@
using System;
using System.Linq;
using System.Xml.Linq;
using Microsoft.Extensions.Internal;
namespace Microsoft.AspNet.DataProtection.XmlEncryption
{
@ -19,8 +18,13 @@ namespace Microsoft.AspNet.DataProtection.XmlEncryption
/// <param name="encryptedElement">An encrypted XML element.</param>
/// <returns>The decrypted form of <paramref name="encryptedElement"/>.</returns>
/// <remarks>
public XElement Decrypt([NotNull] XElement encryptedElement)
public XElement Decrypt(XElement encryptedElement)
{
if (encryptedElement == null)
{
throw new ArgumentNullException(nameof(encryptedElement));
}
// <unencryptedKey>
// <!-- This key is not encrypted. -->
// <plaintextElement />

8
src/Microsoft.AspNet.DataProtection/XmlEncryption/NullXmlEncryptor.cs
View File

@ -3,7 +3,6 @@
using System;
using System.Xml.Linq;
using Microsoft.Extensions.Internal;
using Microsoft.Extensions.Logging;
namespace Microsoft.AspNet.DataProtection.XmlEncryption
@ -42,8 +41,13 @@ namespace Microsoft.AspNet.DataProtection.XmlEncryption
/// <paramref name="plaintextElement"/> along with information about how to
/// decrypt it.
/// </returns>
public EncryptedXmlInfo Encrypt([NotNull] XElement plaintextElement)
public EncryptedXmlInfo Encrypt(XElement plaintextElement)
{
if (plaintextElement == null)
{
throw new ArgumentNullException(nameof(plaintextElement));
}
if (_logger.IsWarningLevelEnabled())
{
_logger.LogWarning("Encrypting using a null encryptor; secret information isn't being protected.");

1
src/Microsoft.AspNet.DataProtection/project.json
View File

@ -11,7 +11,6 @@
"Microsoft.AspNet.DataProtection.Sources": { "type": "build", "version": "" },
"Microsoft.Extensions.DependencyInjection.Abstractions": "1.0.0-*",
"Microsoft.Extensions.Logging.Abstractions": "1.0.0-*",
"Microsoft.Extensions.NotNullAttribute.Sources": { "type": "build", "version": "1.0.0-*" },
"Microsoft.Extensions.OptionsModel": "1.0.0-*"
},
"frameworks": {