Replace NotNullAttribute with thrown exceptions

This commit is contained in:
Pranav K 2015-10-07 17:58:23 -07:00
parent 76cbb57f9a
commit 9fc75d395d
53 changed files with 638 additions and 174 deletions

View File

@ -3,7 +3,6 @@
using System; using System;
using Microsoft.AspNet.Cryptography.KeyDerivation.PBKDF2; using Microsoft.AspNet.Cryptography.KeyDerivation.PBKDF2;
using Microsoft.Extensions.Internal;
namespace Microsoft.AspNet.Cryptography.KeyDerivation namespace Microsoft.AspNet.Cryptography.KeyDerivation
{ {
@ -25,8 +24,18 @@ namespace Microsoft.AspNet.Cryptography.KeyDerivation
/// <remarks> /// <remarks>
/// The PBKDF2 algorithm is specified in RFC 2898. /// The PBKDF2 algorithm is specified in RFC 2898.
/// </remarks> /// </remarks>
public static byte[] Pbkdf2([NotNull] string password, [NotNull] byte[] salt, KeyDerivationPrf prf, int iterationCount, int numBytesRequested) public static byte[] Pbkdf2(string password, byte[] salt, KeyDerivationPrf prf, int iterationCount, int numBytesRequested)
{ {
if (password == null)
{
throw new ArgumentNullException(nameof(password));
}
if (salt == null)
{
throw new ArgumentNullException(nameof(salt));
}
// parameter checking // parameter checking
if (prf < KeyDerivationPrf.HMACSHA1 || prf > KeyDerivationPrf.HMACSHA512) if (prf < KeyDerivationPrf.HMACSHA1 || prf > KeyDerivationPrf.HMACSHA512)
{ {

View File

@ -6,8 +6,7 @@
"url": "git://github.com/aspnet/dataprotection" "url": "git://github.com/aspnet/dataprotection"
}, },
"dependencies": { "dependencies": {
"Microsoft.AspNet.Cryptography.Internal": "1.0.0-*", "Microsoft.AspNet.Cryptography.Internal": "1.0.0-*"
"Microsoft.Extensions.NotNullAttribute.Sources": { "type": "build", "version": "1.0.0-*" }
}, },
"frameworks": { "frameworks": {
"net451": { }, "net451": { },

View File

@ -5,10 +5,8 @@ using System;
using System.Collections.Generic; using System.Collections.Generic;
using System.ComponentModel; using System.ComponentModel;
using System.Diagnostics; using System.Diagnostics;
using System.Security.Cryptography;
using Microsoft.AspNet.DataProtection.Infrastructure; using Microsoft.AspNet.DataProtection.Infrastructure;
using Microsoft.AspNet.DataProtection.Abstractions; using Microsoft.AspNet.DataProtection.Abstractions;
using Microsoft.Extensions.Internal;
#if DNX451 || DNXCORE50 // [[ISSUE1400]] Replace with DNX_ANY when it becomes available #if DNX451 || DNXCORE50 // [[ISSUE1400]] Replace with DNX_ANY when it becomes available
using Microsoft.Dnx.Runtime; using Microsoft.Dnx.Runtime;
@ -33,8 +31,18 @@ namespace Microsoft.AspNet.DataProtection
/// <see cref="IDataProtectionProvider.CreateProtector(string)"/>. See that method's /// <see cref="IDataProtectionProvider.CreateProtector(string)"/>. See that method's
/// documentation for more information. /// documentation for more information.
/// </remarks> /// </remarks>
public static IDataProtector CreateProtector([NotNull] this IDataProtectionProvider provider, [NotNull] IEnumerable<string> purposes) public static IDataProtector CreateProtector(this IDataProtectionProvider provider, IEnumerable<string> purposes)
{ {
if (provider == null)
{
throw new ArgumentNullException(nameof(provider));
}
if (purposes == null)
{
throw new ArgumentNullException(nameof(purposes));
}
bool collectionIsEmpty = true; bool collectionIsEmpty = true;
IDataProtectionProvider retVal = provider; IDataProtectionProvider retVal = provider;
foreach (string purpose in purposes) foreach (string purpose in purposes)
@ -69,8 +77,18 @@ namespace Microsoft.AspNet.DataProtection
/// <see cref="IDataProtectionProvider.CreateProtector(string)"/>. See that method's /// <see cref="IDataProtectionProvider.CreateProtector(string)"/>. See that method's
/// documentation for more information. /// documentation for more information.
/// </remarks> /// </remarks>
public static IDataProtector CreateProtector([NotNull] this IDataProtectionProvider provider, [NotNull] string purpose, params string[] subPurposes) public static IDataProtector CreateProtector(this IDataProtectionProvider provider, string purpose, params string[] subPurposes)
{ {
if (provider == null)
{
throw new ArgumentNullException(nameof(provider));
}
if (purpose == null)
{
throw new ArgumentNullException(nameof(purpose));
}
// The method signature isn't simply CreateProtector(this IDataProtectionProvider, params string[] purposes) // The method signature isn't simply CreateProtector(this IDataProtectionProvider, params string[] purposes)
// because we don't want the code provider.CreateProtector() [parameterless] to inadvertently compile. // because we don't want the code provider.CreateProtector() [parameterless] to inadvertently compile.
// The actual signature for this method forces at least one purpose to be provided at the call site. // The actual signature for this method forces at least one purpose to be provided at the call site.
@ -127,8 +145,13 @@ namespace Microsoft.AspNet.DataProtection
/// <param name="services">The service provider from which to retrieve the <see cref="IDataProtectionProvider"/>.</param> /// <param name="services">The service provider from which to retrieve the <see cref="IDataProtectionProvider"/>.</param>
/// <returns>An <see cref="IDataProtectionProvider"/>. This method is guaranteed never to return null.</returns> /// <returns>An <see cref="IDataProtectionProvider"/>. This method is guaranteed never to return null.</returns>
/// <exception cref="InvalidOperationException">If no <see cref="IDataProtectionProvider"/> service exists in <paramref name="services"/>.</exception> /// <exception cref="InvalidOperationException">If no <see cref="IDataProtectionProvider"/> service exists in <paramref name="services"/>.</exception>
public static IDataProtectionProvider GetDataProtectionProvider([NotNull] this IServiceProvider services) public static IDataProtectionProvider GetDataProtectionProvider(this IServiceProvider services)
{ {
if (services == null)
{
throw new ArgumentNullException(nameof(services));
}
// We have our own implementation of GetRequiredService<T> since we don't want to // We have our own implementation of GetRequiredService<T> since we don't want to
// take a dependency on DependencyInjection.Interfaces. // take a dependency on DependencyInjection.Interfaces.
IDataProtectionProvider provider = (IDataProtectionProvider)services.GetService(typeof(IDataProtectionProvider)); IDataProtectionProvider provider = (IDataProtectionProvider)services.GetService(typeof(IDataProtectionProvider));
@ -152,8 +175,18 @@ namespace Microsoft.AspNet.DataProtection
/// then <see cref="CreateProtector(IDataProtectionProvider, IEnumerable{string})"/>. See those methods' /// then <see cref="CreateProtector(IDataProtectionProvider, IEnumerable{string})"/>. See those methods'
/// documentation for more information. /// documentation for more information.
/// </remarks> /// </remarks>
public static IDataProtector GetDataProtector([NotNull] this IServiceProvider services, [NotNull] IEnumerable<string> purposes) public static IDataProtector GetDataProtector(this IServiceProvider services, IEnumerable<string> purposes)
{ {
if (services == null)
{
throw new ArgumentNullException(nameof(services));
}
if (purposes == null)
{
throw new ArgumentNullException(nameof(purposes));
}
return services.GetDataProtectionProvider().CreateProtector(purposes); return services.GetDataProtectionProvider().CreateProtector(purposes);
} }
@ -171,8 +204,18 @@ namespace Microsoft.AspNet.DataProtection
/// then <see cref="CreateProtector(IDataProtectionProvider, string, string[])"/>. See those methods' /// then <see cref="CreateProtector(IDataProtectionProvider, string, string[])"/>. See those methods'
/// documentation for more information. /// documentation for more information.
/// </remarks> /// </remarks>
public static IDataProtector GetDataProtector([NotNull] this IServiceProvider services, [NotNull] string purpose, params string[] subPurposes) public static IDataProtector GetDataProtector(this IServiceProvider services, string purpose, params string[] subPurposes)
{ {
if (services == null)
{
throw new ArgumentNullException(nameof(services));
}
if (purpose == null)
{
throw new ArgumentNullException(nameof(purpose));
}
return services.GetDataProtectionProvider().CreateProtector(purpose, subPurposes); return services.GetDataProtectionProvider().CreateProtector(purpose, subPurposes);
} }
@ -182,8 +225,18 @@ namespace Microsoft.AspNet.DataProtection
/// <param name="protector">The data protector to use for this operation.</param> /// <param name="protector">The data protector to use for this operation.</param>
/// <param name="plaintext">The plaintext data to protect.</param> /// <param name="plaintext">The plaintext data to protect.</param>
/// <returns>The protected form of the plaintext data.</returns> /// <returns>The protected form of the plaintext data.</returns>
public static string Protect([NotNull] this IDataProtector protector, [NotNull] string plaintext) public static string Protect(this IDataProtector protector, string plaintext)
{ {
if (protector == null)
{
throw new ArgumentNullException(nameof(protector));
}
if (plaintext == null)
{
throw new ArgumentNullException(nameof(plaintext));
}
try try
{ {
byte[] plaintextAsBytes = EncodingUtil.SecureUtf8Encoding.GetBytes(plaintext); byte[] plaintextAsBytes = EncodingUtil.SecureUtf8Encoding.GetBytes(plaintext);
@ -206,8 +259,18 @@ namespace Microsoft.AspNet.DataProtection
/// <exception cref="CryptographicException"> /// <exception cref="CryptographicException">
/// Thrown if <paramref name="protectedData"/> is invalid or malformed. /// Thrown if <paramref name="protectedData"/> is invalid or malformed.
/// </exception> /// </exception>
public static string Unprotect([NotNull] this IDataProtector protector, [NotNull] string protectedData) public static string Unprotect(this IDataProtector protector, string protectedData)
{ {
if (protector == null)
{
throw new ArgumentNullException(nameof(protector));
}
if (protectedData == null)
{
throw new ArgumentNullException(nameof(protectedData));
}
try try
{ {
byte[] protectedDataAsBytes = WebEncoders.Base64UrlDecode(protectedData); byte[] protectedDataAsBytes = WebEncoders.Base64UrlDecode(protectedData);

View File

@ -1,9 +1,6 @@
// Copyright (c) .NET Foundation. All rights reserved. // Copyright (c) .NET Foundation. All rights reserved.
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using System;
using Microsoft.Extensions.Internal;
namespace Microsoft.AspNet.DataProtection namespace Microsoft.AspNet.DataProtection
{ {
/// <summary> /// <summary>
@ -24,6 +21,6 @@ namespace Microsoft.AspNet.DataProtection
/// values will not be able to decipher each other's payloads. The <paramref name="purpose"/> parameter /// values will not be able to decipher each other's payloads. The <paramref name="purpose"/> parameter
/// value is not intended to be kept secret. /// value is not intended to be kept secret.
/// </remarks> /// </remarks>
IDataProtector CreateProtector([NotNull] string purpose); IDataProtector CreateProtector(string purpose);
} }
} }

View File

@ -1,10 +1,6 @@
// Copyright (c) .NET Foundation. All rights reserved. // Copyright (c) .NET Foundation. All rights reserved.
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using System;
using System.Security.Cryptography;
using Microsoft.Extensions.Internal;
namespace Microsoft.AspNet.DataProtection namespace Microsoft.AspNet.DataProtection
{ {
/// <summary> /// <summary>
@ -17,7 +13,7 @@ namespace Microsoft.AspNet.DataProtection
/// </summary> /// </summary>
/// <param name="plaintext">The plaintext data to protect.</param> /// <param name="plaintext">The plaintext data to protect.</param>
/// <returns>The protected form of the plaintext data.</returns> /// <returns>The protected form of the plaintext data.</returns>
byte[] Protect([NotNull] byte[] plaintext); byte[] Protect(byte[] plaintext);
/// <summary> /// <summary>
/// Cryptographically unprotects a piece of protected data. /// Cryptographically unprotects a piece of protected data.
@ -27,6 +23,6 @@ namespace Microsoft.AspNet.DataProtection
/// <exception cref="CryptographicException"> /// <exception cref="CryptographicException">
/// Thrown if the protected data is invalid or malformed. /// Thrown if the protected data is invalid or malformed.
/// </exception> /// </exception>
byte[] Unprotect([NotNull] byte[] protectedData); byte[] Unprotect(byte[] protectedData);
} }
} }

View File

@ -6,7 +6,6 @@
"url": "git://github.com/aspnet/dataprotection" "url": "git://github.com/aspnet/dataprotection"
}, },
"dependencies": { "dependencies": {
"Microsoft.Extensions.NotNullAttribute.Sources": { "type": "build", "version": "1.0.0-*" },
"Microsoft.AspNet.DataProtection.Sources": { "type": "build", "version": "" } "Microsoft.AspNet.DataProtection.Sources": { "type": "build", "version": "" }
}, },
"frameworks": { "frameworks": {

View File

@ -2,8 +2,6 @@
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using System; using System;
using System.Security.Cryptography;
using Microsoft.Extensions.Internal;
namespace Microsoft.AspNet.DataProtection namespace Microsoft.AspNet.DataProtection
{ {
@ -17,8 +15,18 @@ namespace Microsoft.AspNet.DataProtection
/// <param name="plaintext">The plaintext data to protect.</param> /// <param name="plaintext">The plaintext data to protect.</param>
/// <param name="lifetime">The amount of time after which the payload should no longer be unprotectable.</param> /// <param name="lifetime">The amount of time after which the payload should no longer be unprotectable.</param>
/// <returns>The protected form of the plaintext data.</returns> /// <returns>The protected form of the plaintext data.</returns>
public static byte[] Protect([NotNull] this ITimeLimitedDataProtector protector, [NotNull] byte[] plaintext, TimeSpan lifetime) public static byte[] Protect(this ITimeLimitedDataProtector protector, byte[] plaintext, TimeSpan lifetime)
{ {
if (protector == null)
{
throw new ArgumentNullException(nameof(protector));
}
if (plaintext == null)
{
throw new ArgumentNullException(nameof(plaintext));
}
return protector.Protect(plaintext, DateTimeOffset.UtcNow + lifetime); return protector.Protect(plaintext, DateTimeOffset.UtcNow + lifetime);
} }
@ -30,8 +38,18 @@ namespace Microsoft.AspNet.DataProtection
/// <param name="plaintext">The plaintext data to protect.</param> /// <param name="plaintext">The plaintext data to protect.</param>
/// <param name="expiration">The time when this payload should expire.</param> /// <param name="expiration">The time when this payload should expire.</param>
/// <returns>The protected form of the plaintext data.</returns> /// <returns>The protected form of the plaintext data.</returns>
public static string Protect([NotNull] this ITimeLimitedDataProtector protector, [NotNull] string plaintext, DateTimeOffset expiration) public static string Protect(this ITimeLimitedDataProtector protector, string plaintext, DateTimeOffset expiration)
{ {
if (protector == null)
{
throw new ArgumentNullException(nameof(protector));
}
if (plaintext == null)
{
throw new ArgumentNullException(nameof(plaintext));
}
var wrappingProtector = new TimeLimitedWrappingProtector(protector) { Expiration = expiration }; var wrappingProtector = new TimeLimitedWrappingProtector(protector) { Expiration = expiration };
return wrappingProtector.Protect(plaintext); return wrappingProtector.Protect(plaintext);
} }
@ -44,8 +62,18 @@ namespace Microsoft.AspNet.DataProtection
/// <param name="plaintext">The plaintext data to protect.</param> /// <param name="plaintext">The plaintext data to protect.</param>
/// <param name="lifetime">The amount of time after which the payload should no longer be unprotectable.</param> /// <param name="lifetime">The amount of time after which the payload should no longer be unprotectable.</param>
/// <returns>The protected form of the plaintext data.</returns> /// <returns>The protected form of the plaintext data.</returns>
public static string Protect([NotNull] this ITimeLimitedDataProtector protector, [NotNull] string plaintext, TimeSpan lifetime) public static string Protect(this ITimeLimitedDataProtector protector, string plaintext, TimeSpan lifetime)
{ {
if (protector == null)
{
throw new ArgumentNullException(nameof(protector));
}
if (plaintext == null)
{
throw new ArgumentNullException(nameof(plaintext));
}
return Protect(protector, plaintext, DateTimeOffset.Now + lifetime); return Protect(protector, plaintext, DateTimeOffset.Now + lifetime);
} }
@ -55,8 +83,13 @@ namespace Microsoft.AspNet.DataProtection
/// </summary> /// </summary>
/// <param name="protector">The <see cref="IDataProtector"/> to convert to a time-limited protector.</param> /// <param name="protector">The <see cref="IDataProtector"/> to convert to a time-limited protector.</param>
/// <returns>An <see cref="ITimeLimitedDataProtector"/>.</returns> /// <returns>An <see cref="ITimeLimitedDataProtector"/>.</returns>
public static ITimeLimitedDataProtector ToTimeLimitedDataProtector([NotNull] this IDataProtector protector) public static ITimeLimitedDataProtector ToTimeLimitedDataProtector(this IDataProtector protector)
{ {
if (protector == null)
{
throw new ArgumentNullException(nameof(protector));
}
return (protector as ITimeLimitedDataProtector) ?? new TimeLimitedDataProtector(protector); return (protector as ITimeLimitedDataProtector) ?? new TimeLimitedDataProtector(protector);
} }
@ -71,8 +104,18 @@ namespace Microsoft.AspNet.DataProtection
/// <exception cref="CryptographicException"> /// <exception cref="CryptographicException">
/// Thrown if <paramref name="protectedData"/> is invalid, malformed, or expired. /// Thrown if <paramref name="protectedData"/> is invalid, malformed, or expired.
/// </exception> /// </exception>
public static string Unprotect([NotNull] this ITimeLimitedDataProtector protector, [NotNull] string protectedData, out DateTimeOffset expiration) public static string Unprotect(this ITimeLimitedDataProtector protector, string protectedData, out DateTimeOffset expiration)
{ {
if (protector == null)
{
throw new ArgumentNullException(nameof(protector));
}
if (protectedData == null)
{
throw new ArgumentNullException(nameof(protectedData));
}
var wrappingProtector = new TimeLimitedWrappingProtector(protector); var wrappingProtector = new TimeLimitedWrappingProtector(protector);
string retVal = wrappingProtector.Unprotect(protectedData); string retVal = wrappingProtector.Unprotect(protectedData);
expiration = wrappingProtector.Expiration; expiration = wrappingProtector.Expiration;
@ -91,16 +134,31 @@ namespace Microsoft.AspNet.DataProtection
public IDataProtector CreateProtector(string purpose) public IDataProtector CreateProtector(string purpose)
{ {
if (purpose == null)
{
throw new ArgumentNullException(nameof(purpose));
}
throw new NotImplementedException(); throw new NotImplementedException();
} }
public byte[] Protect(byte[] plaintext) public byte[] Protect(byte[] plaintext)
{ {
if (plaintext == null)
{
throw new ArgumentNullException(nameof(plaintext));
}
return _innerProtector.Protect(plaintext, Expiration); return _innerProtector.Protect(plaintext, Expiration);
} }
public byte[] Unprotect(byte[] protectedData) public byte[] Unprotect(byte[] protectedData)
{ {
if (protectedData == null)
{
throw new ArgumentNullException(nameof(protectedData));
}
return _innerProtector.Unprotect(protectedData, out Expiration); return _innerProtector.Unprotect(protectedData, out Expiration);
} }
} }

View File

@ -4,7 +4,6 @@
using System; using System;
using System.IO; using System.IO;
using Microsoft.Extensions.DependencyInjection; using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Internal;
namespace Microsoft.AspNet.DataProtection namespace Microsoft.AspNet.DataProtection
{ {
@ -21,7 +20,7 @@ namespace Microsoft.AspNet.DataProtection
/// </summary> /// </summary>
/// <param name="keyDirectory">The <see cref="DirectoryInfo"/> in which keys should be stored. This may /// <param name="keyDirectory">The <see cref="DirectoryInfo"/> in which keys should be stored. This may
/// represent a directory on a local disk or a UNC share.</param> /// represent a directory on a local disk or a UNC share.</param>
public DataProtectionProvider([NotNull] DirectoryInfo keyDirectory) public DataProtectionProvider(DirectoryInfo keyDirectory)
: this(keyDirectory, configure: null) : this(keyDirectory, configure: null)
{ {
} }
@ -34,8 +33,13 @@ namespace Microsoft.AspNet.DataProtection
/// represent a directory on a local disk or a UNC share.</param> /// represent a directory on a local disk or a UNC share.</param>
/// <param name="configure">An optional callback which provides further configuration of the data protection /// <param name="configure">An optional callback which provides further configuration of the data protection
/// system. See <see cref="DataProtectionConfiguration"/> for more information.</param> /// system. See <see cref="DataProtectionConfiguration"/> for more information.</param>
public DataProtectionProvider([NotNull] DirectoryInfo keyDirectory, Action<DataProtectionConfiguration> configure) public DataProtectionProvider(DirectoryInfo keyDirectory, Action<DataProtectionConfiguration> configure)
{ {
if (keyDirectory == null)
{
throw new ArgumentNullException(nameof(keyDirectory));
}
// build the service collection // build the service collection
ServiceCollection serviceCollection = new ServiceCollection(); ServiceCollection serviceCollection = new ServiceCollection();
serviceCollection.AddDataProtection(); serviceCollection.AddDataProtection();
@ -52,8 +56,13 @@ namespace Microsoft.AspNet.DataProtection
/// <summary> /// <summary>
/// Implements <see cref="IDataProtectionProvider.CreateProtector(string)"/>. /// Implements <see cref="IDataProtectionProvider.CreateProtector(string)"/>.
/// </summary> /// </summary>
public IDataProtector CreateProtector([NotNull] string purpose) public IDataProtector CreateProtector(string purpose)
{ {
if (purpose == null)
{
throw new ArgumentNullException(nameof(purpose));
}
return _innerProvider.CreateProtector(purpose); return _innerProvider.CreateProtector(purpose);
} }
} }

View File

@ -2,8 +2,6 @@
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using System; using System;
using System.Security.Cryptography;
using Microsoft.Extensions.Internal;
namespace Microsoft.AspNet.DataProtection namespace Microsoft.AspNet.DataProtection
{ {
@ -31,7 +29,7 @@ namespace Microsoft.AspNet.DataProtection
/// values will not be able to decipher each other's payloads. The <paramref name="purpose"/> parameter /// values will not be able to decipher each other's payloads. The <paramref name="purpose"/> parameter
/// value is not intended to be kept secret. /// value is not intended to be kept secret.
/// </remarks> /// </remarks>
new ITimeLimitedDataProtector CreateProtector([NotNull] string purpose); new ITimeLimitedDataProtector CreateProtector(string purpose);
/// <summary> /// <summary>
/// Cryptographically protects a piece of plaintext data, expiring the data at /// Cryptographically protects a piece of plaintext data, expiring the data at
@ -40,7 +38,7 @@ namespace Microsoft.AspNet.DataProtection
/// <param name="plaintext">The plaintext data to protect.</param> /// <param name="plaintext">The plaintext data to protect.</param>
/// <param name="expiration">The time when this payload should expire.</param> /// <param name="expiration">The time when this payload should expire.</param>
/// <returns>The protected form of the plaintext data.</returns> /// <returns>The protected form of the plaintext data.</returns>
byte[] Protect([NotNull] byte[] plaintext, DateTimeOffset expiration); byte[] Protect(byte[] plaintext, DateTimeOffset expiration);
/// <summary> /// <summary>
/// Cryptographically unprotects a piece of protected data. /// Cryptographically unprotects a piece of protected data.
@ -52,6 +50,6 @@ namespace Microsoft.AspNet.DataProtection
/// <exception cref="CryptographicException"> /// <exception cref="CryptographicException">
/// Thrown if <paramref name="protectedData"/> is invalid, malformed, or expired. /// Thrown if <paramref name="protectedData"/> is invalid, malformed, or expired.
/// </exception> /// </exception>
byte[] Unprotect([NotNull] byte[] protectedData, out DateTimeOffset expiration); byte[] Unprotect(byte[] protectedData, out DateTimeOffset expiration);
} }
} }

View File

@ -5,7 +5,6 @@ using System;
using System.Security.Cryptography; using System.Security.Cryptography;
using System.Threading; using System.Threading;
using Microsoft.AspNet.DataProtection.Extensions; using Microsoft.AspNet.DataProtection.Extensions;
using Microsoft.Extensions.Internal;
namespace Microsoft.AspNet.DataProtection namespace Microsoft.AspNet.DataProtection
{ {
@ -25,8 +24,13 @@ namespace Microsoft.AspNet.DataProtection
_innerProtector = innerProtector; _innerProtector = innerProtector;
} }
public ITimeLimitedDataProtector CreateProtector([NotNull] string purpose) public ITimeLimitedDataProtector CreateProtector(string purpose)
{ {
if (purpose == null)
{
throw new ArgumentNullException(nameof(purpose));
}
return new TimeLimitedDataProtector(_innerProtector.CreateProtector(purpose)); return new TimeLimitedDataProtector(_innerProtector.CreateProtector(purpose));
} }
@ -42,8 +46,13 @@ namespace Microsoft.AspNet.DataProtection
return retVal; return retVal;
} }
public byte[] Protect([NotNull] byte[] plaintext, DateTimeOffset expiration) public byte[] Protect(byte[] plaintext, DateTimeOffset expiration)
{ {
if (plaintext == null)
{
throw new ArgumentNullException(nameof(plaintext));
}
// We prepend the expiration time (as a 64-bit UTC tick count) to the unprotected data. // We prepend the expiration time (as a 64-bit UTC tick count) to the unprotected data.
byte[] plaintextWithHeader = new byte[checked(8 + plaintext.Length)]; byte[] plaintextWithHeader = new byte[checked(8 + plaintext.Length)];
BitHelpers.WriteUInt64(plaintextWithHeader, 0, (ulong)expiration.UtcTicks); BitHelpers.WriteUInt64(plaintextWithHeader, 0, (ulong)expiration.UtcTicks);
@ -52,13 +61,23 @@ namespace Microsoft.AspNet.DataProtection
return GetInnerProtectorWithTimeLimitedPurpose().Protect(plaintextWithHeader); return GetInnerProtectorWithTimeLimitedPurpose().Protect(plaintextWithHeader);
} }
public byte[] Unprotect([NotNull] byte[] protectedData, out DateTimeOffset expiration) public byte[] Unprotect(byte[] protectedData, out DateTimeOffset expiration)
{ {
if (protectedData == null)
{
throw new ArgumentNullException(nameof(protectedData));
}
return UnprotectCore(protectedData, DateTimeOffset.UtcNow, out expiration); return UnprotectCore(protectedData, DateTimeOffset.UtcNow, out expiration);
} }
internal byte[] UnprotectCore([NotNull] byte[] protectedData, DateTimeOffset now, out DateTimeOffset expiration) internal byte[] UnprotectCore(byte[] protectedData, DateTimeOffset now, out DateTimeOffset expiration)
{ {
if (protectedData == null)
{
throw new ArgumentNullException(nameof(protectedData));
}
try try
{ {
byte[] plaintextWithHeader = GetInnerProtectorWithTimeLimitedPurpose().Unprotect(protectedData); byte[] plaintextWithHeader = GetInnerProtectorWithTimeLimitedPurpose().Unprotect(protectedData);
@ -97,17 +116,32 @@ namespace Microsoft.AspNet.DataProtection
IDataProtector IDataProtectionProvider.CreateProtector(string purpose) IDataProtector IDataProtectionProvider.CreateProtector(string purpose)
{ {
if (purpose == null)
{
throw new ArgumentNullException(nameof(purpose));
}
return CreateProtector(purpose); return CreateProtector(purpose);
} }
byte[] IDataProtector.Protect(byte[] plaintext) byte[] IDataProtector.Protect(byte[] plaintext)
{ {
if (plaintext == null)
{
throw new ArgumentNullException(nameof(plaintext));
}
// MaxValue essentially means 'no expiration' // MaxValue essentially means 'no expiration'
return Protect(plaintext, DateTimeOffset.MaxValue); return Protect(plaintext, DateTimeOffset.MaxValue);
} }
byte[] IDataProtector.Unprotect(byte[] protectedData) byte[] IDataProtector.Unprotect(byte[] protectedData)
{ {
if (protectedData == null)
{
throw new ArgumentNullException(nameof(protectedData));
}
DateTimeOffset expiration; // unused DateTimeOffset expiration; // unused
return Unprotect(protectedData, out expiration); return Unprotect(protectedData, out expiration);
} }

View File

@ -8,8 +8,7 @@
"dependencies": { "dependencies": {
"Microsoft.AspNet.DataProtection": "1.0.0-*", "Microsoft.AspNet.DataProtection": "1.0.0-*",
"Microsoft.AspNet.DataProtection.Sources": { "type": "build", "version": "" }, "Microsoft.AspNet.DataProtection.Sources": { "type": "build", "version": "" },
"Microsoft.Extensions.DependencyInjection": "1.0.0-*", "Microsoft.Extensions.DependencyInjection": "1.0.0-*"
"Microsoft.Extensions.NotNullAttribute.Sources": { "type": "build", "version": "1.0.0-*" }
}, },
"frameworks": { "frameworks": {
"net451": { }, "net451": { },

View File

@ -5,7 +5,6 @@ using System;
using System.Reflection; using System.Reflection;
using Microsoft.AspNet.Cryptography; using Microsoft.AspNet.Cryptography;
using Microsoft.Extensions.DependencyInjection; using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Internal;
namespace Microsoft.AspNet.DataProtection namespace Microsoft.AspNet.DataProtection
{ {
@ -18,9 +17,14 @@ namespace Microsoft.AspNet.DataProtection
/// Creates an instance of <paramref name="implementationTypeName"/> and ensures /// Creates an instance of <paramref name="implementationTypeName"/> and ensures
/// that it is assignable to <typeparamref name="T"/>. /// that it is assignable to <typeparamref name="T"/>.
/// </summary> /// </summary>
public static T CreateInstance<T>(this IActivator activator, [NotNull] string implementationTypeName) public static T CreateInstance<T>(this IActivator activator, string implementationTypeName)
where T : class where T : class
{ {
if (implementationTypeName == null)
{
throw new ArgumentNullException(nameof(implementationTypeName));
}
return activator.CreateInstance(typeof(T), implementationTypeName) as T return activator.CreateInstance(typeof(T), implementationTypeName) as T
?? CryptoUtil.Fail<T>("CreateInstance returned null."); ?? CryptoUtil.Fail<T>("CreateInstance returned null.");
} }

View File

@ -2,7 +2,6 @@
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using System; using System;
using Microsoft.Extensions.Internal;
namespace Microsoft.AspNet.DataProtection.AuthenticatedEncryption.ConfigurationModel namespace Microsoft.AspNet.DataProtection.AuthenticatedEncryption.ConfigurationModel
{ {
@ -13,13 +12,18 @@ namespace Microsoft.AspNet.DataProtection.AuthenticatedEncryption.ConfigurationM
{ {
private readonly IServiceProvider _services; private readonly IServiceProvider _services;
public AuthenticatedEncryptorConfiguration([NotNull] AuthenticatedEncryptionOptions options) public AuthenticatedEncryptorConfiguration(AuthenticatedEncryptionOptions options)
: this(options, services: null) : this(options, services: null)
{ {
} }
public AuthenticatedEncryptorConfiguration([NotNull] AuthenticatedEncryptionOptions options, IServiceProvider services) public AuthenticatedEncryptorConfiguration(AuthenticatedEncryptionOptions options, IServiceProvider services)
{ {
if (options == null)
{
throw new ArgumentNullException(nameof(options));
}
Options = options; Options = options;
_services = services; _services = services;
} }
@ -30,7 +34,7 @@ namespace Microsoft.AspNet.DataProtection.AuthenticatedEncryption.ConfigurationM
{ {
return this.CreateNewDescriptorCore(); return this.CreateNewDescriptorCore();
} }
IAuthenticatedEncryptorDescriptor IInternalAuthenticatedEncryptorConfiguration.CreateDescriptorFromSecret(ISecret secret) IAuthenticatedEncryptorDescriptor IInternalAuthenticatedEncryptorConfiguration.CreateDescriptorFromSecret(ISecret secret)
{ {
return new AuthenticatedEncryptorDescriptor(Options, secret, _services); return new AuthenticatedEncryptorDescriptor(Options, secret, _services);

View File

@ -3,7 +3,6 @@
using System; using System;
using System.Xml.Linq; using System.Xml.Linq;
using Microsoft.Extensions.Internal;
namespace Microsoft.AspNet.DataProtection.AuthenticatedEncryption.ConfigurationModel namespace Microsoft.AspNet.DataProtection.AuthenticatedEncryption.ConfigurationModel
{ {
@ -15,13 +14,23 @@ namespace Microsoft.AspNet.DataProtection.AuthenticatedEncryption.ConfigurationM
{ {
private readonly IServiceProvider _services; private readonly IServiceProvider _services;
public AuthenticatedEncryptorDescriptor([NotNull] AuthenticatedEncryptionOptions options, [NotNull] ISecret masterKey) public AuthenticatedEncryptorDescriptor(AuthenticatedEncryptionOptions options, ISecret masterKey)
: this(options, masterKey, services: null) : this(options, masterKey, services: null)
{ {
} }
public AuthenticatedEncryptorDescriptor([NotNull] AuthenticatedEncryptionOptions options, [NotNull] ISecret masterKey, IServiceProvider services) public AuthenticatedEncryptorDescriptor(AuthenticatedEncryptionOptions options, ISecret masterKey, IServiceProvider services)
{ {
if (options == null)
{
throw new ArgumentNullException(nameof(options));
}
if (masterKey == null)
{
throw new ArgumentNullException(nameof(masterKey));
}
Options = options; Options = options;
MasterKey = masterKey; MasterKey = masterKey;
_services = services; _services = services;
@ -30,7 +39,7 @@ namespace Microsoft.AspNet.DataProtection.AuthenticatedEncryption.ConfigurationM
internal ISecret MasterKey { get; } internal ISecret MasterKey { get; }
internal AuthenticatedEncryptionOptions Options { get; } internal AuthenticatedEncryptionOptions Options { get; }
public IAuthenticatedEncryptor CreateEncryptorInstance() public IAuthenticatedEncryptor CreateEncryptorInstance()
{ {
return Options.CreateAuthenticatedEncryptorInstance(MasterKey, _services); return Options.CreateAuthenticatedEncryptorInstance(MasterKey, _services);

View File

@ -4,7 +4,6 @@
using System; using System;
using System.Linq; using System.Linq;
using System.Xml.Linq; using System.Xml.Linq;
using Microsoft.Extensions.Internal;
namespace Microsoft.AspNet.DataProtection.AuthenticatedEncryption.ConfigurationModel namespace Microsoft.AspNet.DataProtection.AuthenticatedEncryption.ConfigurationModel
{ {
@ -29,8 +28,13 @@ namespace Microsoft.AspNet.DataProtection.AuthenticatedEncryption.ConfigurationM
/// <summary> /// <summary>
/// Imports the <see cref="AuthenticatedEncryptorDescriptor"/> from serialized XML. /// Imports the <see cref="AuthenticatedEncryptorDescriptor"/> from serialized XML.
/// </summary> /// </summary>
public IAuthenticatedEncryptorDescriptor ImportFromXml([NotNull] XElement element) public IAuthenticatedEncryptorDescriptor ImportFromXml(XElement element)
{ {
if (element == null)
{
throw new ArgumentNullException(nameof(element));
}
// <descriptor> // <descriptor>
// <encryption algorithm="..." /> // <encryption algorithm="..." />
// <validation algorithm="..." /> <!-- only if not GCM --> // <validation algorithm="..." /> <!-- only if not GCM -->

View File

@ -2,7 +2,6 @@
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using System; using System;
using Microsoft.Extensions.Internal;
namespace Microsoft.AspNet.DataProtection.AuthenticatedEncryption.ConfigurationModel namespace Microsoft.AspNet.DataProtection.AuthenticatedEncryption.ConfigurationModel
{ {
@ -14,13 +13,18 @@ namespace Microsoft.AspNet.DataProtection.AuthenticatedEncryption.ConfigurationM
{ {
private readonly IServiceProvider _services; private readonly IServiceProvider _services;
public CngCbcAuthenticatedEncryptorConfiguration([NotNull] CngCbcAuthenticatedEncryptionOptions options) public CngCbcAuthenticatedEncryptorConfiguration(CngCbcAuthenticatedEncryptionOptions options)
: this(options, services: null) : this(options, services: null)
{ {
} }
public CngCbcAuthenticatedEncryptorConfiguration([NotNull] CngCbcAuthenticatedEncryptionOptions options, IServiceProvider services) public CngCbcAuthenticatedEncryptorConfiguration(CngCbcAuthenticatedEncryptionOptions options, IServiceProvider services)
{ {
if (options == null)
{
throw new ArgumentNullException(nameof(options));
}
Options = options; Options = options;
_services = services; _services = services;
} }

View File

@ -3,7 +3,6 @@
using System; using System;
using System.Xml.Linq; using System.Xml.Linq;
using Microsoft.Extensions.Internal;
using Microsoft.Extensions.Logging; using Microsoft.Extensions.Logging;
namespace Microsoft.AspNet.DataProtection.AuthenticatedEncryption.ConfigurationModel namespace Microsoft.AspNet.DataProtection.AuthenticatedEncryption.ConfigurationModel
@ -16,13 +15,23 @@ namespace Microsoft.AspNet.DataProtection.AuthenticatedEncryption.ConfigurationM
{ {
private readonly ILogger _log; private readonly ILogger _log;
public CngCbcAuthenticatedEncryptorDescriptor([NotNull] CngCbcAuthenticatedEncryptionOptions options, [NotNull] ISecret masterKey) public CngCbcAuthenticatedEncryptorDescriptor(CngCbcAuthenticatedEncryptionOptions options, ISecret masterKey)
: this(options, masterKey, services: null) : this(options, masterKey, services: null)
{ {
} }
public CngCbcAuthenticatedEncryptorDescriptor([NotNull] CngCbcAuthenticatedEncryptionOptions options, [NotNull] ISecret masterKey, IServiceProvider services) public CngCbcAuthenticatedEncryptorDescriptor(CngCbcAuthenticatedEncryptionOptions options, ISecret masterKey, IServiceProvider services)
{ {
if (options == null)
{
throw new ArgumentNullException(nameof(options));
}
if (masterKey == null)
{
throw new ArgumentNullException(nameof(masterKey));
}
Options = options; Options = options;
MasterKey = masterKey; MasterKey = masterKey;
_log = services.GetLogger<CngCbcAuthenticatedEncryptorDescriptor>(); _log = services.GetLogger<CngCbcAuthenticatedEncryptorDescriptor>();

View File

@ -3,7 +3,6 @@
using System; using System;
using System.Xml.Linq; using System.Xml.Linq;
using Microsoft.Extensions.Internal;
namespace Microsoft.AspNet.DataProtection.AuthenticatedEncryption.ConfigurationModel namespace Microsoft.AspNet.DataProtection.AuthenticatedEncryption.ConfigurationModel
{ {
@ -28,8 +27,13 @@ namespace Microsoft.AspNet.DataProtection.AuthenticatedEncryption.ConfigurationM
/// <summary> /// <summary>
/// Imports the <see cref="CngCbcAuthenticatedEncryptorDescriptor"/> from serialized XML. /// Imports the <see cref="CngCbcAuthenticatedEncryptorDescriptor"/> from serialized XML.
/// </summary> /// </summary>
public IAuthenticatedEncryptorDescriptor ImportFromXml([NotNull] XElement element) public IAuthenticatedEncryptorDescriptor ImportFromXml(XElement element)
{ {
if (element == null)
{
throw new ArgumentNullException(nameof(element));
}
// <descriptor> // <descriptor>
// <!-- Windows CNG-CBC --> // <!-- Windows CNG-CBC -->
// <encryption algorithm="..." keyLength="..." [provider="..."] /> // <encryption algorithm="..." keyLength="..." [provider="..."] />

View File

@ -2,7 +2,6 @@
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using System; using System;
using Microsoft.Extensions.Internal;
namespace Microsoft.AspNet.DataProtection.AuthenticatedEncryption.ConfigurationModel namespace Microsoft.AspNet.DataProtection.AuthenticatedEncryption.ConfigurationModel
{ {
@ -14,13 +13,18 @@ namespace Microsoft.AspNet.DataProtection.AuthenticatedEncryption.ConfigurationM
{ {
private readonly IServiceProvider _services; private readonly IServiceProvider _services;
public CngGcmAuthenticatedEncryptorConfiguration([NotNull] CngGcmAuthenticatedEncryptionOptions options) public CngGcmAuthenticatedEncryptorConfiguration(CngGcmAuthenticatedEncryptionOptions options)
: this(options, services: null) : this(options, services: null)
{ {
} }
public CngGcmAuthenticatedEncryptorConfiguration([NotNull] CngGcmAuthenticatedEncryptionOptions options, IServiceProvider services) public CngGcmAuthenticatedEncryptorConfiguration(CngGcmAuthenticatedEncryptionOptions options, IServiceProvider services)
{ {
if (options == null)
{
throw new ArgumentNullException(nameof(options));
}
Options = options; Options = options;
_services = services; _services = services;
} }

View File

@ -3,7 +3,6 @@
using System; using System;
using System.Xml.Linq; using System.Xml.Linq;
using Microsoft.Extensions.Internal;
using Microsoft.Extensions.Logging; using Microsoft.Extensions.Logging;
namespace Microsoft.AspNet.DataProtection.AuthenticatedEncryption.ConfigurationModel namespace Microsoft.AspNet.DataProtection.AuthenticatedEncryption.ConfigurationModel
@ -16,13 +15,23 @@ namespace Microsoft.AspNet.DataProtection.AuthenticatedEncryption.ConfigurationM
{ {
private readonly ILogger _log; private readonly ILogger _log;
public CngGcmAuthenticatedEncryptorDescriptor([NotNull] CngGcmAuthenticatedEncryptionOptions options, [NotNull] ISecret masterKey) public CngGcmAuthenticatedEncryptorDescriptor(CngGcmAuthenticatedEncryptionOptions options, ISecret masterKey)
: this(options, masterKey, services: null) : this(options, masterKey, services: null)
{ {
} }
public CngGcmAuthenticatedEncryptorDescriptor([NotNull] CngGcmAuthenticatedEncryptionOptions options, [NotNull] ISecret masterKey, IServiceProvider services) public CngGcmAuthenticatedEncryptorDescriptor(CngGcmAuthenticatedEncryptionOptions options, ISecret masterKey, IServiceProvider services)
{ {
if (options == null)
{
throw new ArgumentNullException(nameof(options));
}
if (masterKey == null)
{
throw new ArgumentNullException(nameof(masterKey));
}
Options = options; Options = options;
MasterKey = masterKey; MasterKey = masterKey;
_log = services.GetLogger<CngGcmAuthenticatedEncryptorDescriptor>(); _log = services.GetLogger<CngGcmAuthenticatedEncryptorDescriptor>();

View File

@ -3,7 +3,6 @@
using System; using System;
using System.Xml.Linq; using System.Xml.Linq;
using Microsoft.Extensions.Internal;
namespace Microsoft.AspNet.DataProtection.AuthenticatedEncryption.ConfigurationModel namespace Microsoft.AspNet.DataProtection.AuthenticatedEncryption.ConfigurationModel
{ {
@ -28,8 +27,13 @@ namespace Microsoft.AspNet.DataProtection.AuthenticatedEncryption.ConfigurationM
/// <summary> /// <summary>
/// Imports the <see cref="CngCbcAuthenticatedEncryptorDescriptor"/> from serialized XML. /// Imports the <see cref="CngCbcAuthenticatedEncryptorDescriptor"/> from serialized XML.
/// </summary> /// </summary>
public IAuthenticatedEncryptorDescriptor ImportFromXml([NotNull] XElement element) public IAuthenticatedEncryptorDescriptor ImportFromXml(XElement element)
{ {
if (element == null)
{
throw new ArgumentNullException(nameof(element));
}
// <descriptor> // <descriptor>
// <!-- Windows CNG-GCM --> // <!-- Windows CNG-GCM -->
// <encryption algorithm="..." keyLength="..." [provider="..."] /> // <encryption algorithm="..." keyLength="..." [provider="..."] />

View File

@ -1,9 +1,7 @@
// Copyright (c) .NET Foundation. All rights reserved. // Copyright (c) .NET Foundation. All rights reserved.
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using System;
using System.Xml.Linq; using System.Xml.Linq;
using Microsoft.Extensions.Internal;
namespace Microsoft.AspNet.DataProtection.AuthenticatedEncryption.ConfigurationModel namespace Microsoft.AspNet.DataProtection.AuthenticatedEncryption.ConfigurationModel
{ {
@ -17,6 +15,6 @@ namespace Microsoft.AspNet.DataProtection.AuthenticatedEncryption.ConfigurationM
/// </summary> /// </summary>
/// <param name="element">The element to deserialize.</param> /// <param name="element">The element to deserialize.</param>
/// <returns>The <see cref="IAuthenticatedEncryptorDescriptor"/> represented by <paramref name="element"/>.</returns> /// <returns>The <see cref="IAuthenticatedEncryptorDescriptor"/> represented by <paramref name="element"/>.</returns>
IAuthenticatedEncryptorDescriptor ImportFromXml([NotNull] XElement element); IAuthenticatedEncryptorDescriptor ImportFromXml(XElement element);
} }
} }

View File

@ -2,8 +2,6 @@
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using System; using System;
using Microsoft.Extensions.Internal;
using System.Security.Cryptography;
namespace Microsoft.AspNet.DataProtection.AuthenticatedEncryption.ConfigurationModel namespace Microsoft.AspNet.DataProtection.AuthenticatedEncryption.ConfigurationModel
{ {
@ -15,13 +13,18 @@ namespace Microsoft.AspNet.DataProtection.AuthenticatedEncryption.ConfigurationM
{ {
private readonly IServiceProvider _services; private readonly IServiceProvider _services;
public ManagedAuthenticatedEncryptorConfiguration([NotNull] ManagedAuthenticatedEncryptionOptions options) public ManagedAuthenticatedEncryptorConfiguration(ManagedAuthenticatedEncryptionOptions options)
: this(options, services: null) : this(options, services: null)
{ {
} }
public ManagedAuthenticatedEncryptorConfiguration([NotNull] ManagedAuthenticatedEncryptionOptions options, IServiceProvider services) public ManagedAuthenticatedEncryptorConfiguration(ManagedAuthenticatedEncryptionOptions options, IServiceProvider services)
{ {
if (options == null)
{
throw new ArgumentNullException(nameof(options));
}
Options = options; Options = options;
_services = services; _services = services;
} }

View File

@ -4,7 +4,6 @@
using System; using System;
using System.Security.Cryptography; using System.Security.Cryptography;
using System.Xml.Linq; using System.Xml.Linq;
using Microsoft.Extensions.Internal;
using Microsoft.Extensions.Logging; using Microsoft.Extensions.Logging;
namespace Microsoft.AspNet.DataProtection.AuthenticatedEncryption.ConfigurationModel namespace Microsoft.AspNet.DataProtection.AuthenticatedEncryption.ConfigurationModel
@ -17,13 +16,23 @@ namespace Microsoft.AspNet.DataProtection.AuthenticatedEncryption.ConfigurationM
{ {
private readonly ILogger _log; private readonly ILogger _log;
public ManagedAuthenticatedEncryptorDescriptor([NotNull] ManagedAuthenticatedEncryptionOptions options, [NotNull] ISecret masterKey) public ManagedAuthenticatedEncryptorDescriptor(ManagedAuthenticatedEncryptionOptions options, ISecret masterKey)
: this(options, masterKey, services: null) : this(options, masterKey, services: null)
{ {
} }
public ManagedAuthenticatedEncryptorDescriptor([NotNull] ManagedAuthenticatedEncryptionOptions options, [NotNull] ISecret masterKey, IServiceProvider services) public ManagedAuthenticatedEncryptorDescriptor(ManagedAuthenticatedEncryptionOptions options, ISecret masterKey, IServiceProvider services)
{ {
if (options == null)
{
throw new ArgumentNullException(nameof(options));
}
if (masterKey == null)
{
throw new ArgumentNullException(nameof(masterKey));
}
Options = options; Options = options;
MasterKey = masterKey; MasterKey = masterKey;
_log = services.GetLogger<ManagedAuthenticatedEncryptorDescriptor>(); _log = services.GetLogger<ManagedAuthenticatedEncryptorDescriptor>();

View File

@ -4,7 +4,6 @@
using System; using System;
using System.Security.Cryptography; using System.Security.Cryptography;
using System.Xml.Linq; using System.Xml.Linq;
using Microsoft.Extensions.Internal;
namespace Microsoft.AspNet.DataProtection.AuthenticatedEncryption.ConfigurationModel namespace Microsoft.AspNet.DataProtection.AuthenticatedEncryption.ConfigurationModel
{ {
@ -29,8 +28,13 @@ namespace Microsoft.AspNet.DataProtection.AuthenticatedEncryption.ConfigurationM
/// <summary> /// <summary>
/// Imports the <see cref="ManagedAuthenticatedEncryptorDescriptor"/> from serialized XML. /// Imports the <see cref="ManagedAuthenticatedEncryptorDescriptor"/> from serialized XML.
/// </summary> /// </summary>
public IAuthenticatedEncryptorDescriptor ImportFromXml([NotNull] XElement element) public IAuthenticatedEncryptorDescriptor ImportFromXml(XElement element)
{ {
if (element == null)
{
throw new ArgumentNullException(nameof(element));
}
// <descriptor> // <descriptor>
// <!-- managed implementations --> // <!-- managed implementations -->
// <encryption algorithm="..." keyLength="..." /> // <encryption algorithm="..." keyLength="..." />

View File

@ -3,7 +3,6 @@
using System; using System;
using System.Xml.Linq; using System.Xml.Linq;
using Microsoft.Extensions.Internal;
namespace Microsoft.AspNet.DataProtection.AuthenticatedEncryption.ConfigurationModel namespace Microsoft.AspNet.DataProtection.AuthenticatedEncryption.ConfigurationModel
{ {
@ -18,8 +17,13 @@ namespace Microsoft.AspNet.DataProtection.AuthenticatedEncryption.ConfigurationM
/// Marks the provided <see cref="XElement"/> as requiring encryption before being persisted /// Marks the provided <see cref="XElement"/> as requiring encryption before being persisted
/// to storage. Use when implementing <see cref="IAuthenticatedEncryptorDescriptor.ExportToXml"/>. /// to storage. Use when implementing <see cref="IAuthenticatedEncryptorDescriptor.ExportToXml"/>.
/// </summary> /// </summary>
public static void MarkAsRequiresEncryption([NotNull] this XElement element) public static void MarkAsRequiresEncryption(this XElement element)
{ {
if (element == null)
{
throw new ArgumentNullException(nameof(element));
}
element.SetAttributeValue(XmlConstants.RequiresEncryptionAttributeName, true); element.SetAttributeValue(XmlConstants.RequiresEncryptionAttributeName, true);
} }
} }

View File

@ -4,7 +4,6 @@
using System; using System;
using System.Reflection; using System.Reflection;
using System.Xml.Linq; using System.Xml.Linq;
using Microsoft.Extensions.Internal;
namespace Microsoft.AspNet.DataProtection.AuthenticatedEncryption.ConfigurationModel namespace Microsoft.AspNet.DataProtection.AuthenticatedEncryption.ConfigurationModel
{ {
@ -21,8 +20,18 @@ namespace Microsoft.AspNet.DataProtection.AuthenticatedEncryption.ConfigurationM
/// <param name="serializedDescriptorElement">The XML-serialized form of the <see cref="IAuthenticatedEncryptorDescriptor"/>.</param> /// <param name="serializedDescriptorElement">The XML-serialized form of the <see cref="IAuthenticatedEncryptorDescriptor"/>.</param>
/// <param name="deserializerType">The class whose <see cref="IAuthenticatedEncryptorDescriptorDeserializer.ImportFromXml(XElement)"/> /// <param name="deserializerType">The class whose <see cref="IAuthenticatedEncryptorDescriptorDeserializer.ImportFromXml(XElement)"/>
/// method can be used to deserialize <paramref name="serializedDescriptorElement"/>.</param> /// method can be used to deserialize <paramref name="serializedDescriptorElement"/>.</param>
public XmlSerializedDescriptorInfo([NotNull] XElement serializedDescriptorElement, [NotNull] Type deserializerType) public XmlSerializedDescriptorInfo(XElement serializedDescriptorElement, Type deserializerType)
{ {
if (serializedDescriptorElement == null)
{
throw new ArgumentNullException(nameof(serializedDescriptorElement));
}
if (deserializerType == null)
{
throw new ArgumentNullException(nameof(deserializerType));
}
if (!typeof(IAuthenticatedEncryptorDescriptorDeserializer).IsAssignableFrom(deserializerType)) if (!typeof(IAuthenticatedEncryptorDescriptorDeserializer).IsAssignableFrom(deserializerType))
{ {
throw new ArgumentException( throw new ArgumentException(

View File

@ -9,7 +9,6 @@ using Microsoft.AspNet.DataProtection.KeyManagement;
using Microsoft.AspNet.DataProtection.XmlEncryption; using Microsoft.AspNet.DataProtection.XmlEncryption;
using Microsoft.Extensions.DependencyInjection; using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.DependencyInjection.Extensions; using Microsoft.Extensions.DependencyInjection.Extensions;
using Microsoft.Extensions.Internal;
using Microsoft.Win32; using Microsoft.Win32;
#if !DNXCORE50 // [[ISSUE60]] Remove this #ifdef when Core CLR gets support for EncryptedXml #if !DNXCORE50 // [[ISSUE60]] Remove this #ifdef when Core CLR gets support for EncryptedXml
@ -49,8 +48,13 @@ namespace Microsoft.AspNet.DataProtection
/// <summary> /// <summary>
/// Creates a new configuration object linked to a <see cref="IServiceCollection"/>. /// Creates a new configuration object linked to a <see cref="IServiceCollection"/>.
/// </summary> /// </summary>
public DataProtectionConfiguration([NotNull] IServiceCollection services) public DataProtectionConfiguration(IServiceCollection services)
{ {
if (services == null)
{
throw new ArgumentNullException(nameof(services));
}
Services = services; Services = services;
} }
@ -68,8 +72,13 @@ namespace Microsoft.AspNet.DataProtection
/// <remarks> /// <remarks>
/// Registrations are additive. /// Registrations are additive.
/// </remarks> /// </remarks>
public DataProtectionConfiguration AddKeyEscrowSink([NotNull] IKeyEscrowSink sink) public DataProtectionConfiguration AddKeyEscrowSink(IKeyEscrowSink sink)
{ {
if (sink == null)
{
throw new ArgumentNullException(nameof(sink));
}
Services.AddInstance<IKeyEscrowSink>(sink); Services.AddInstance<IKeyEscrowSink>(sink);
return this; return this;
} }
@ -97,8 +106,13 @@ namespace Microsoft.AspNet.DataProtection
/// <remarks> /// <remarks>
/// Registrations are additive. The factory is registered as <see cref="ServiceLifetime.Singleton"/>. /// Registrations are additive. The factory is registered as <see cref="ServiceLifetime.Singleton"/>.
/// </remarks> /// </remarks>
public DataProtectionConfiguration AddKeyEscrowSink([NotNull] Func<IServiceProvider, IKeyEscrowSink> factory) public DataProtectionConfiguration AddKeyEscrowSink(Func<IServiceProvider, IKeyEscrowSink> factory)
{ {
if (factory == null)
{
throw new ArgumentNullException(nameof(factory));
}
Services.AddSingleton<IKeyEscrowSink>(factory); Services.AddSingleton<IKeyEscrowSink>(factory);
return this; return this;
} }
@ -108,8 +122,13 @@ namespace Microsoft.AspNet.DataProtection
/// </summary> /// </summary>
/// <param name="setupAction">A callback that configures the global options.</param> /// <param name="setupAction">A callback that configures the global options.</param>
/// <returns>The 'this' instance.</returns> /// <returns>The 'this' instance.</returns>
public DataProtectionConfiguration ConfigureGlobalOptions([NotNull] Action<DataProtectionOptions> setupAction) public DataProtectionConfiguration ConfigureGlobalOptions(Action<DataProtectionOptions> setupAction)
{ {
if (setupAction == null)
{
throw new ArgumentNullException(nameof(setupAction));
}
Services.Configure(setupAction); Services.Configure(setupAction);
return this; return this;
} }
@ -137,8 +156,13 @@ namespace Microsoft.AspNet.DataProtection
/// </summary> /// </summary>
/// <param name="directory">The directory in which to store keys.</param> /// <param name="directory">The directory in which to store keys.</param>
/// <returns>The 'this' instance.</returns> /// <returns>The 'this' instance.</returns>
public DataProtectionConfiguration PersistKeysToFileSystem([NotNull] DirectoryInfo directory) public DataProtectionConfiguration PersistKeysToFileSystem(DirectoryInfo directory)
{ {
if (directory == null)
{
throw new ArgumentNullException(nameof(directory));
}
Use(DataProtectionServiceDescriptors.IXmlRepository_FileSystem(directory)); Use(DataProtectionServiceDescriptors.IXmlRepository_FileSystem(directory));
return this; return this;
} }
@ -148,8 +172,13 @@ namespace Microsoft.AspNet.DataProtection
/// </summary> /// </summary>
/// <param name="registryKey">The location in the registry where keys should be stored.</param> /// <param name="registryKey">The location in the registry where keys should be stored.</param>
/// <returns>The 'this' instance.</returns> /// <returns>The 'this' instance.</returns>
public DataProtectionConfiguration PersistKeysToRegistry([NotNull] RegistryKey registryKey) public DataProtectionConfiguration PersistKeysToRegistry(RegistryKey registryKey)
{ {
if (registryKey == null)
{
throw new ArgumentNullException(nameof(registryKey));
}
Use(DataProtectionServiceDescriptors.IXmlRepository_Registry(registryKey)); Use(DataProtectionServiceDescriptors.IXmlRepository_Registry(registryKey));
return this; return this;
} }
@ -161,8 +190,13 @@ namespace Microsoft.AspNet.DataProtection
/// </summary> /// </summary>
/// <param name="certificate">The certificate to use when encrypting keys.</param> /// <param name="certificate">The certificate to use when encrypting keys.</param>
/// <returns>The 'this' instance.</returns> /// <returns>The 'this' instance.</returns>
public DataProtectionConfiguration ProtectKeysWithCertificate([NotNull] X509Certificate2 certificate) public DataProtectionConfiguration ProtectKeysWithCertificate(X509Certificate2 certificate)
{ {
if (certificate == null)
{
throw new ArgumentNullException(nameof(certificate));
}
Use(DataProtectionServiceDescriptors.IXmlEncryptor_Certificate(certificate)); Use(DataProtectionServiceDescriptors.IXmlEncryptor_Certificate(certificate));
return this; return this;
} }
@ -172,8 +206,13 @@ namespace Microsoft.AspNet.DataProtection
/// </summary> /// </summary>
/// <param name="thumbprint">The thumbprint of the certificate to use when encrypting keys.</param> /// <param name="thumbprint">The thumbprint of the certificate to use when encrypting keys.</param>
/// <returns>The 'this' instance.</returns> /// <returns>The 'this' instance.</returns>
public DataProtectionConfiguration ProtectKeysWithCertificate([NotNull] string thumbprint) public DataProtectionConfiguration ProtectKeysWithCertificate(string thumbprint)
{ {
if (thumbprint == null)
{
throw new ArgumentNullException(nameof(thumbprint));
}
// Make sure the thumbprint corresponds to a valid certificate. // Make sure the thumbprint corresponds to a valid certificate.
if (new CertificateResolver().ResolveCertificate(thumbprint) == null) if (new CertificateResolver().ResolveCertificate(thumbprint) == null)
{ {
@ -249,8 +288,13 @@ namespace Microsoft.AspNet.DataProtection
/// and <paramref name="flags"/> arguments. /// and <paramref name="flags"/> arguments.
/// This API is only supported on Windows 8 / Windows Server 2012 and higher. /// This API is only supported on Windows 8 / Windows Server 2012 and higher.
/// </remarks> /// </remarks>
public DataProtectionConfiguration ProtectKeysWithDpapiNG([NotNull] string protectionDescriptorRule, DpapiNGProtectionDescriptorFlags flags) public DataProtectionConfiguration ProtectKeysWithDpapiNG(string protectionDescriptorRule, DpapiNGProtectionDescriptorFlags flags)
{ {
if (protectionDescriptorRule == null)
{
throw new ArgumentNullException(nameof(protectionDescriptorRule));
}
Use(DataProtectionServiceDescriptors.IXmlEncryptor_DpapiNG(protectionDescriptorRule, flags)); Use(DataProtectionServiceDescriptors.IXmlEncryptor_DpapiNG(protectionDescriptorRule, flags));
return this; return this;
} }
@ -287,15 +331,20 @@ namespace Microsoft.AspNet.DataProtection
}); });
return this; return this;
} }
/// <summary> /// <summary>
/// Configures the data protection system to use the specified cryptographic algorithms /// Configures the data protection system to use the specified cryptographic algorithms
/// by default when generating protected payloads. /// by default when generating protected payloads.
/// </summary> /// </summary>
/// <param name="options">Information about what cryptographic algorithms should be used.</param> /// <param name="options">Information about what cryptographic algorithms should be used.</param>
/// <returns>The 'this' instance.</returns> /// <returns>The 'this' instance.</returns>
public DataProtectionConfiguration UseCryptographicAlgorithms([NotNull] AuthenticatedEncryptionOptions options) public DataProtectionConfiguration UseCryptographicAlgorithms(AuthenticatedEncryptionOptions options)
{ {
if (options == null)
{
throw new ArgumentNullException(nameof(options));
}
return UseCryptographicAlgorithmsCore(options); return UseCryptographicAlgorithmsCore(options);
} }
@ -311,8 +360,13 @@ namespace Microsoft.AspNet.DataProtection
/// This API is only available on Windows. /// This API is only available on Windows.
/// </remarks> /// </remarks>
[EditorBrowsable(EditorBrowsableState.Advanced)] [EditorBrowsable(EditorBrowsableState.Advanced)]
public DataProtectionConfiguration UseCustomCryptographicAlgorithms([NotNull] CngCbcAuthenticatedEncryptionOptions options) public DataProtectionConfiguration UseCustomCryptographicAlgorithms(CngCbcAuthenticatedEncryptionOptions options)
{ {
if (options == null)
{
throw new ArgumentNullException(nameof(options));
}
return UseCryptographicAlgorithmsCore(options); return UseCryptographicAlgorithmsCore(options);
} }
@ -328,8 +382,13 @@ namespace Microsoft.AspNet.DataProtection
/// This API is only available on Windows. /// This API is only available on Windows.
/// </remarks> /// </remarks>
[EditorBrowsable(EditorBrowsableState.Advanced)] [EditorBrowsable(EditorBrowsableState.Advanced)]
public DataProtectionConfiguration UseCustomCryptographicAlgorithms([NotNull] CngGcmAuthenticatedEncryptionOptions options) public DataProtectionConfiguration UseCustomCryptographicAlgorithms(CngGcmAuthenticatedEncryptionOptions options)
{ {
if (options == null)
{
throw new ArgumentNullException(nameof(options));
}
return UseCryptographicAlgorithmsCore(options); return UseCryptographicAlgorithmsCore(options);
} }
@ -342,8 +401,13 @@ namespace Microsoft.AspNet.DataProtection
/// <param name="options">Information about what cryptographic algorithms should be used.</param> /// <param name="options">Information about what cryptographic algorithms should be used.</param>
/// <returns>The 'this' instance.</returns> /// <returns>The 'this' instance.</returns>
[EditorBrowsable(EditorBrowsableState.Advanced)] [EditorBrowsable(EditorBrowsableState.Advanced)]
public DataProtectionConfiguration UseCustomCryptographicAlgorithms([NotNull] ManagedAuthenticatedEncryptionOptions options) public DataProtectionConfiguration UseCustomCryptographicAlgorithms(ManagedAuthenticatedEncryptionOptions options)
{ {
if (options == null)
{
throw new ArgumentNullException(nameof(options));
}
return UseCryptographicAlgorithmsCore(options); return UseCryptographicAlgorithmsCore(options);
} }

View File

@ -4,7 +4,6 @@
using System; using System;
using Microsoft.AspNet.DataProtection.KeyManagement; using Microsoft.AspNet.DataProtection.KeyManagement;
using Microsoft.Extensions.DependencyInjection; using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Internal;
using Microsoft.Extensions.OptionsModel; using Microsoft.Extensions.OptionsModel;
namespace Microsoft.AspNet.DataProtection namespace Microsoft.AspNet.DataProtection
@ -20,13 +19,33 @@ namespace Microsoft.AspNet.DataProtection
/// <param name="options">The global options to use when creating the provider.</param> /// <param name="options">The global options to use when creating the provider.</param>
/// <param name="services">Provides mandatory services for use by the provider.</param> /// <param name="services">Provides mandatory services for use by the provider.</param>
/// <returns>An <see cref="IDataProtectionProvider"/>.</returns> /// <returns>An <see cref="IDataProtectionProvider"/>.</returns>
public static IDataProtectionProvider GetProviderFromServices([NotNull] DataProtectionOptions options, [NotNull] IServiceProvider services) public static IDataProtectionProvider GetProviderFromServices(DataProtectionOptions options, IServiceProvider services)
{ {
if (options == null)
{
throw new ArgumentNullException(nameof(options));
}
if (services == null)
{
throw new ArgumentNullException(nameof(services));
}
return GetProviderFromServices(options, services, mustCreateImmediately: false); return GetProviderFromServices(options, services, mustCreateImmediately: false);
} }
internal static IDataProtectionProvider GetProviderFromServices([NotNull] DataProtectionOptions options, [NotNull] IServiceProvider services, bool mustCreateImmediately) internal static IDataProtectionProvider GetProviderFromServices(DataProtectionOptions options, IServiceProvider services, bool mustCreateImmediately)
{ {
if (options == null)
{
throw new ArgumentNullException(nameof(options));
}
if (services == null)
{
throw new ArgumentNullException(nameof(services));
}
IDataProtectionProvider dataProtectionProvider = null; IDataProtectionProvider dataProtectionProvider = null;
// If we're being asked to create the provider immediately, then it means that // If we're being asked to create the provider immediately, then it means that

View File

@ -4,7 +4,6 @@
using System; using System;
using Microsoft.AspNet.DataProtection; using Microsoft.AspNet.DataProtection;
using Microsoft.Extensions.DependencyInjection.Extensions; using Microsoft.Extensions.DependencyInjection.Extensions;
using Microsoft.Extensions.Internal;
namespace Microsoft.Extensions.DependencyInjection namespace Microsoft.Extensions.DependencyInjection
{ {
@ -18,8 +17,13 @@ namespace Microsoft.Extensions.DependencyInjection
/// </summary> /// </summary>
/// <param name="services">The service collection to which to add DataProtection services.</param> /// <param name="services">The service collection to which to add DataProtection services.</param>
/// <returns>The <paramref name="services"/> instance.</returns> /// <returns>The <paramref name="services"/> instance.</returns>
public static IServiceCollection AddDataProtection([NotNull] this IServiceCollection services) public static IServiceCollection AddDataProtection(this IServiceCollection services)
{ {
if (services == null)
{
throw new ArgumentNullException(nameof(services));
}
services.AddOptions(); services.AddOptions();
services.TryAdd(DataProtectionServices.GetDefaultServices()); services.TryAdd(DataProtectionServices.GetDefaultServices());
return services; return services;
@ -32,8 +36,18 @@ namespace Microsoft.Extensions.DependencyInjection
/// <param name="configure">A callback which takes a <see cref="DataProtectionConfiguration"/> parameter. /// <param name="configure">A callback which takes a <see cref="DataProtectionConfiguration"/> parameter.
/// This callback will be responsible for configuring the system.</param> /// This callback will be responsible for configuring the system.</param>
/// <returns>The <paramref name="services"/> instance.</returns> /// <returns>The <paramref name="services"/> instance.</returns>
public static IServiceCollection ConfigureDataProtection([NotNull] this IServiceCollection services, [NotNull] Action<DataProtectionConfiguration> configure) public static IServiceCollection ConfigureDataProtection(this IServiceCollection services, Action<DataProtectionConfiguration> configure)
{ {
if (services == null)
{
throw new ArgumentNullException(nameof(services));
}
if (configure == null)
{
throw new ArgumentNullException(nameof(configure));
}
configure(new DataProtectionConfiguration(services)); configure(new DataProtectionConfiguration(services));
return services; return services;
} }

View File

@ -5,7 +5,6 @@ using System;
using Microsoft.AspNet.Cryptography.Cng; using Microsoft.AspNet.Cryptography.Cng;
using Microsoft.AspNet.DataProtection.AuthenticatedEncryption; using Microsoft.AspNet.DataProtection.AuthenticatedEncryption;
using Microsoft.AspNet.DataProtection.KeyManagement; using Microsoft.AspNet.DataProtection.KeyManagement;
using Microsoft.Extensions.Internal;
using Microsoft.Extensions.Logging; using Microsoft.Extensions.Logging;
namespace Microsoft.AspNet.DataProtection namespace Microsoft.AspNet.DataProtection
@ -57,8 +56,13 @@ namespace Microsoft.AspNet.DataProtection
_dataProtectionProvider = new KeyRingBasedDataProtectionProvider(keyringProvider, services); _dataProtectionProvider = new KeyRingBasedDataProtectionProvider(keyringProvider, services);
} }
public IDataProtector CreateProtector([NotNull] string purpose) public IDataProtector CreateProtector(string purpose)
{ {
if (purpose == null)
{
throw new ArgumentNullException(nameof(purpose));
}
// just forward to the underlying provider // just forward to the underlying provider
return _dataProtectionProvider.CreateProtector(purpose); return _dataProtectionProvider.CreateProtector(purpose);
} }

View File

@ -2,7 +2,6 @@
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using System; using System;
using Microsoft.Extensions.Internal;
using Microsoft.Extensions.Logging; using Microsoft.Extensions.Logging;
namespace Microsoft.AspNet.DataProtection.KeyManagement namespace Microsoft.AspNet.DataProtection.KeyManagement
@ -18,8 +17,13 @@ namespace Microsoft.AspNet.DataProtection.KeyManagement
_logger = services.GetLogger<KeyRingBasedDataProtector>(); // note: for protector (not provider!) type, could be null _logger = services.GetLogger<KeyRingBasedDataProtector>(); // note: for protector (not provider!) type, could be null
} }
public IDataProtector CreateProtector([NotNull] string purpose) public IDataProtector CreateProtector(string purpose)
{ {
if (purpose == null)
{
throw new ArgumentNullException(nameof(purpose));
}
return new KeyRingBasedDataProtector( return new KeyRingBasedDataProtector(
logger: _logger, logger: _logger,
keyRingProvider: _keyRingProvider, keyRingProvider: _keyRingProvider,

View File

@ -9,7 +9,6 @@ using System.Linq;
using System.Threading; using System.Threading;
using Microsoft.AspNet.Cryptography; using Microsoft.AspNet.Cryptography;
using Microsoft.AspNet.DataProtection.AuthenticatedEncryption; using Microsoft.AspNet.DataProtection.AuthenticatedEncryption;
using Microsoft.Extensions.Internal;
using Microsoft.Extensions.Logging; using Microsoft.Extensions.Logging;
namespace Microsoft.AspNet.DataProtection.KeyManagement namespace Microsoft.AspNet.DataProtection.KeyManagement
@ -54,8 +53,13 @@ namespace Microsoft.AspNet.DataProtection.KeyManagement
} }
} }
public IDataProtector CreateProtector([NotNull] string purpose) public IDataProtector CreateProtector(string purpose)
{ {
if (purpose == null)
{
throw new ArgumentNullException(nameof(purpose));
}
return new KeyRingBasedDataProtector( return new KeyRingBasedDataProtector(
logger: _logger, logger: _logger,
keyRingProvider: _keyRingProvider, keyRingProvider: _keyRingProvider,
@ -86,6 +90,11 @@ namespace Microsoft.AspNet.DataProtection.KeyManagement
public byte[] Protect(byte[] plaintext) public byte[] Protect(byte[] plaintext)
{ {
if (plaintext == null)
{
throw new ArgumentNullException(nameof(plaintext));
}
// argument & state checking // argument & state checking
if (plaintext == null) if (plaintext == null)
{ {
@ -177,6 +186,11 @@ namespace Microsoft.AspNet.DataProtection.KeyManagement
public byte[] Unprotect(byte[] protectedData) public byte[] Unprotect(byte[] protectedData)
{ {
if (protectedData == null)
{
throw new ArgumentNullException(nameof(protectedData));
}
// Argument checking will be done by the callee // Argument checking will be done by the callee
bool requiresMigration, wasRevoked; // unused bool requiresMigration, wasRevoked; // unused
return DangerousUnprotect(protectedData, return DangerousUnprotect(protectedData,

View File

@ -5,7 +5,6 @@ using System;
using System.Collections.Generic; using System.Collections.Generic;
using System.Diagnostics; using System.Diagnostics;
using System.Linq; using System.Linq;
using System.Reflection;
using System.Runtime.CompilerServices; using System.Runtime.CompilerServices;
using System.Threading; using System.Threading;
using System.Xml; using System.Xml;
@ -15,7 +14,6 @@ using Microsoft.AspNet.DataProtection.AuthenticatedEncryption.ConfigurationModel
using Microsoft.AspNet.DataProtection.Repositories; using Microsoft.AspNet.DataProtection.Repositories;
using Microsoft.AspNet.DataProtection.XmlEncryption; using Microsoft.AspNet.DataProtection.XmlEncryption;
using Microsoft.Extensions.DependencyInjection; using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Internal;
using Microsoft.Extensions.Logging; using Microsoft.Extensions.Logging;
using static System.FormattableString; using static System.FormattableString;
@ -57,10 +55,20 @@ namespace Microsoft.AspNet.DataProtection.KeyManagement
/// <param name="configuration">Configuration for newly-created keys.</param> /// <param name="configuration">Configuration for newly-created keys.</param>
/// <param name="services">A provider of optional services.</param> /// <param name="services">A provider of optional services.</param>
public XmlKeyManager( public XmlKeyManager(
[NotNull] IXmlRepository repository, IXmlRepository repository,
[NotNull] IAuthenticatedEncryptorConfiguration configuration, IAuthenticatedEncryptorConfiguration configuration,
IServiceProvider services) IServiceProvider services)
{ {
if (repository == null)
{
throw new ArgumentNullException(nameof(repository));
}
if (configuration == null)
{
throw new ArgumentNullException(nameof(configuration));
}
KeyEncryptor = services.GetService<IXmlEncryptor>(); // optional KeyEncryptor = services.GetService<IXmlEncryptor>(); // optional
KeyRepository = repository; KeyRepository = repository;

View File

@ -5,7 +5,6 @@ using System;
using System.Collections.Generic; using System.Collections.Generic;
using System.Linq; using System.Linq;
using System.Xml.Linq; using System.Xml.Linq;
using Microsoft.Extensions.Internal;
using Microsoft.Extensions.Logging; using Microsoft.Extensions.Logging;
namespace Microsoft.AspNet.DataProtection.Repositories namespace Microsoft.AspNet.DataProtection.Repositories
@ -45,8 +44,13 @@ namespace Microsoft.AspNet.DataProtection.Repositories
} }
} }
public virtual void StoreElement([NotNull] XElement element, string friendlyName) public virtual void StoreElement(XElement element, string friendlyName)
{ {
if (element == null)
{
throw new ArgumentNullException(nameof(element));
}
XElement cloned = new XElement(element); // makes a deep copy so caller doesn't inadvertently modify it XElement cloned = new XElement(element); // makes a deep copy so caller doesn't inadvertently modify it
// under lock for thread safety // under lock for thread safety

View File

@ -7,7 +7,6 @@ using System.Diagnostics;
using System.IO; using System.IO;
using System.Linq; using System.Linq;
using System.Xml.Linq; using System.Xml.Linq;
using Microsoft.Extensions.Internal;
using Microsoft.Extensions.Logging; using Microsoft.Extensions.Logging;
namespace Microsoft.AspNet.DataProtection.Repositories namespace Microsoft.AspNet.DataProtection.Repositories
@ -25,9 +24,13 @@ namespace Microsoft.AspNet.DataProtection.Repositories
/// Creates a <see cref="FileSystemXmlRepository"/> with keys stored at the given directory. /// Creates a <see cref="FileSystemXmlRepository"/> with keys stored at the given directory.
/// </summary> /// </summary>
/// <param name="directory">The directory in which to persist key material.</param> /// <param name="directory">The directory in which to persist key material.</param>
public FileSystemXmlRepository([NotNull] DirectoryInfo directory) public FileSystemXmlRepository(DirectoryInfo directory)
: this(directory, services: null) : this(directory, services: null)
{ {
if (directory == null)
{
throw new ArgumentNullException(nameof(directory));
}
} }
/// <summary> /// <summary>
@ -35,8 +38,13 @@ namespace Microsoft.AspNet.DataProtection.Repositories
/// </summary> /// </summary>
/// <param name="directory">The directory in which to persist key material.</param> /// <param name="directory">The directory in which to persist key material.</param>
/// <param name="services">An optional <see cref="IServiceProvider"/> to provide ancillary services.</param> /// <param name="services">An optional <see cref="IServiceProvider"/> to provide ancillary services.</param>
public FileSystemXmlRepository([NotNull] DirectoryInfo directory, IServiceProvider services) public FileSystemXmlRepository(DirectoryInfo directory, IServiceProvider services)
{ {
if (directory == null)
{
throw new ArgumentNullException(nameof(directory));
}
Directory = directory; Directory = directory;
Services = services; Services = services;
_logger = services?.GetLogger<FileSystemXmlRepository>(); _logger = services?.GetLogger<FileSystemXmlRepository>();
@ -188,8 +196,13 @@ namespace Microsoft.AspNet.DataProtection.Repositories
} }
} }
public virtual void StoreElement([NotNull] XElement element, string friendlyName) public virtual void StoreElement(XElement element, string friendlyName)
{ {
if (element == null)
{
throw new ArgumentNullException(nameof(element));
}
if (!IsSafeFilename(friendlyName)) if (!IsSafeFilename(friendlyName))
{ {
string newFriendlyName = Guid.NewGuid().ToString(); string newFriendlyName = Guid.NewGuid().ToString();

View File

@ -6,7 +6,6 @@ using System.Collections.Generic;
using System.Linq; using System.Linq;
using System.Security.Principal; using System.Security.Principal;
using System.Xml.Linq; using System.Xml.Linq;
using Microsoft.Extensions.Internal;
using Microsoft.Extensions.Logging; using Microsoft.Extensions.Logging;
using Microsoft.Win32; using Microsoft.Win32;
@ -27,17 +26,26 @@ namespace Microsoft.AspNet.DataProtection.Repositories
/// Creates a <see cref="RegistryXmlRepository"/> with keys stored in the given registry key. /// Creates a <see cref="RegistryXmlRepository"/> with keys stored in the given registry key.
/// </summary> /// </summary>
/// <param name="registryKey">The registry key in which to persist key material.</param> /// <param name="registryKey">The registry key in which to persist key material.</param>
public RegistryXmlRepository([NotNull] RegistryKey registryKey) public RegistryXmlRepository(RegistryKey registryKey)
: this(registryKey, services: null) : this(registryKey, services: null)
{ {
if (registryKey == null)
{
throw new ArgumentNullException(nameof(registryKey));
}
} }
/// <summary> /// <summary>
/// Creates a <see cref="RegistryXmlRepository"/> with keys stored in the given registry key. /// Creates a <see cref="RegistryXmlRepository"/> with keys stored in the given registry key.
/// </summary> /// </summary>
/// <param name="registryKey">The registry key in which to persist key material.</param> /// <param name="registryKey">The registry key in which to persist key material.</param>
public RegistryXmlRepository([NotNull] RegistryKey registryKey, IServiceProvider services) public RegistryXmlRepository(RegistryKey registryKey, IServiceProvider services)
{ {
if (registryKey == null)
{
throw new ArgumentNullException(nameof(registryKey));
}
RegistryKey = registryKey; RegistryKey = registryKey;
Services = services; Services = services;
_logger = services?.GetLogger<RegistryXmlRepository>(); _logger = services?.GetLogger<RegistryXmlRepository>();
@ -141,8 +149,13 @@ namespace Microsoft.AspNet.DataProtection.Repositories
return (!String.IsNullOrEmpty(data)) ? XElement.Parse(data) : null; return (!String.IsNullOrEmpty(data)) ? XElement.Parse(data) : null;
} }
public virtual void StoreElement([NotNull] XElement element, string friendlyName) public virtual void StoreElement(XElement element, string friendlyName)
{ {
if (element == null)
{
throw new ArgumentNullException(nameof(element));
}
if (!IsSafeRegistryValueName(friendlyName)) if (!IsSafeRegistryValueName(friendlyName))
{ {
string newFriendlyName = Guid.NewGuid().ToString(); string newFriendlyName = Guid.NewGuid().ToString();

View File

@ -6,7 +6,6 @@ using Microsoft.AspNet.Cryptography;
using Microsoft.AspNet.Cryptography.Cng; using Microsoft.AspNet.Cryptography.Cng;
using Microsoft.AspNet.Cryptography.SafeHandles; using Microsoft.AspNet.Cryptography.SafeHandles;
using Microsoft.AspNet.DataProtection.Managed; using Microsoft.AspNet.DataProtection.Managed;
using Microsoft.Extensions.Internal;
namespace Microsoft.AspNet.DataProtection namespace Microsoft.AspNet.DataProtection
{ {
@ -37,9 +36,13 @@ namespace Microsoft.AspNet.DataProtection
/// Creates a new Secret from the provided input value, where the input value /// Creates a new Secret from the provided input value, where the input value
/// is specified as an array. /// is specified as an array.
/// </summary> /// </summary>
public Secret([NotNull] byte[] value) public Secret(byte[] value)
: this(new ArraySegment<byte>(value)) : this(new ArraySegment<byte>(value))
{ {
if (value == null)
{
throw new ArgumentNullException(nameof(value));
}
} }
/// <summary> /// <summary>
@ -64,8 +67,13 @@ namespace Microsoft.AspNet.DataProtection
/// <summary> /// <summary>
/// Creates a new Secret from another secret object. /// Creates a new Secret from another secret object.
/// </summary> /// </summary>
public Secret([NotNull] ISecret secret) public Secret(ISecret secret)
{ {
if (secret == null)
{
throw new ArgumentNullException(nameof(secret));
}
Secret other = secret as Secret; Secret other = secret as Secret;
if (other != null) if (other != null)
{ {

View File

@ -21,6 +21,11 @@ namespace Microsoft.AspNet.DataProtection.XmlEncryption
/// <returns>The resolved <see cref="X509Certificate2"/>, or null if the certificate cannot be found.</returns> /// <returns>The resolved <see cref="X509Certificate2"/>, or null if the certificate cannot be found.</returns>
public virtual X509Certificate2 ResolveCertificate(string thumbprint) public virtual X509Certificate2 ResolveCertificate(string thumbprint)
{ {
if (thumbprint == null)
{
throw new ArgumentNullException(nameof(thumbprint));
}
if (String.IsNullOrEmpty(thumbprint)) if (String.IsNullOrEmpty(thumbprint))
{ {
throw Error.Common_ArgumentCannotBeNullOrEmpty(nameof(thumbprint)); throw Error.Common_ArgumentCannotBeNullOrEmpty(nameof(thumbprint));

View File

@ -10,7 +10,6 @@ using System.Xml;
using System.Xml.Linq; using System.Xml.Linq;
using Microsoft.AspNet.Cryptography; using Microsoft.AspNet.Cryptography;
using Microsoft.Extensions.DependencyInjection; using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Internal;
using Microsoft.Extensions.Logging; using Microsoft.Extensions.Logging;
namespace Microsoft.AspNet.DataProtection.XmlEncryption namespace Microsoft.AspNet.DataProtection.XmlEncryption
@ -31,7 +30,7 @@ namespace Microsoft.AspNet.DataProtection.XmlEncryption
/// <param name="thumbprint">The thumbprint (as a hex string) of the certificate with which to /// <param name="thumbprint">The thumbprint (as a hex string) of the certificate with which to
/// encrypt the key material. The certificate must be locatable by <paramref name="certificateResolver"/>.</param> /// encrypt the key material. The certificate must be locatable by <paramref name="certificateResolver"/>.</param>
/// <param name="certificateResolver">A resolver which can locate <see cref="X509Certificate2"/> objects.</param> /// <param name="certificateResolver">A resolver which can locate <see cref="X509Certificate2"/> objects.</param>
public CertificateXmlEncryptor([NotNull] string thumbprint, [NotNull] ICertificateResolver certificateResolver) public CertificateXmlEncryptor(string thumbprint, ICertificateResolver certificateResolver)
: this(thumbprint, certificateResolver, services: null) : this(thumbprint, certificateResolver, services: null)
{ {
} }
@ -45,9 +44,19 @@ namespace Microsoft.AspNet.DataProtection.XmlEncryption
/// encrypt the key material. The certificate must be locatable by <paramref name="certificateResolver"/>.</param> /// encrypt the key material. The certificate must be locatable by <paramref name="certificateResolver"/>.</param>
/// <param name="certificateResolver">A resolver which can locate <see cref="X509Certificate2"/> objects.</param> /// <param name="certificateResolver">A resolver which can locate <see cref="X509Certificate2"/> objects.</param>
/// <param name="services">An optional <see cref="IServiceProvider"/> to provide ancillary services.</param> /// <param name="services">An optional <see cref="IServiceProvider"/> to provide ancillary services.</param>
public CertificateXmlEncryptor([NotNull] string thumbprint, [NotNull] ICertificateResolver certificateResolver, IServiceProvider services) public CertificateXmlEncryptor(string thumbprint, ICertificateResolver certificateResolver, IServiceProvider services)
: this(services) : this(services)
{ {
if (thumbprint == null)
{
throw new ArgumentNullException(nameof(thumbprint));
}
if (certificateResolver == null)
{
throw new ArgumentNullException(nameof(certificateResolver));
}
_certFactory = CreateCertFactory(thumbprint, certificateResolver); _certFactory = CreateCertFactory(thumbprint, certificateResolver);
} }
@ -55,7 +64,7 @@ namespace Microsoft.AspNet.DataProtection.XmlEncryption
/// Creates a <see cref="CertificateXmlEncryptor"/> given an <see cref="X509Certificate2"/> instance. /// Creates a <see cref="CertificateXmlEncryptor"/> given an <see cref="X509Certificate2"/> instance.
/// </summary> /// </summary>
/// <param name="certificate">The <see cref="X509Certificate2"/> with which to encrypt the key material.</param> /// <param name="certificate">The <see cref="X509Certificate2"/> with which to encrypt the key material.</param>
public CertificateXmlEncryptor([NotNull] X509Certificate2 certificate) public CertificateXmlEncryptor(X509Certificate2 certificate)
: this(certificate, services: null) : this(certificate, services: null)
{ {
} }
@ -66,9 +75,14 @@ namespace Microsoft.AspNet.DataProtection.XmlEncryption
/// </summary> /// </summary>
/// <param name="certificate">The <see cref="X509Certificate2"/> with which to encrypt the key material.</param> /// <param name="certificate">The <see cref="X509Certificate2"/> with which to encrypt the key material.</param>
/// <param name="services">An optional <see cref="IServiceProvider"/> to provide ancillary services.</param> /// <param name="services">An optional <see cref="IServiceProvider"/> to provide ancillary services.</param>
public CertificateXmlEncryptor([NotNull] X509Certificate2 certificate, IServiceProvider services) public CertificateXmlEncryptor(X509Certificate2 certificate, IServiceProvider services)
: this(services) : this(services)
{ {
if (certificate == null)
{
throw new ArgumentNullException(nameof(certificate));
}
_certFactory = () => certificate; _certFactory = () => certificate;
} }
@ -87,8 +101,13 @@ namespace Microsoft.AspNet.DataProtection.XmlEncryption
/// <paramref name="plaintextElement"/> along with information about how to /// <paramref name="plaintextElement"/> along with information about how to
/// decrypt it. /// decrypt it.
/// </returns> /// </returns>
public EncryptedXmlInfo Encrypt([NotNull] XElement plaintextElement) public EncryptedXmlInfo Encrypt(XElement plaintextElement)
{ {
if (plaintextElement == null)
{
throw new ArgumentNullException(nameof(plaintextElement));
}
// <EncryptedData Type="http://www.w3.org/2001/04/xmlenc#Element" xmlns="http://www.w3.org/2001/04/xmlenc#"> // <EncryptedData Type="http://www.w3.org/2001/04/xmlenc#Element" xmlns="http://www.w3.org/2001/04/xmlenc#">
// ... // ...
// </EncryptedData> // </EncryptedData>

View File

@ -5,7 +5,6 @@ using System;
using System.Xml.Linq; using System.Xml.Linq;
using Microsoft.AspNet.Cryptography; using Microsoft.AspNet.Cryptography;
using Microsoft.AspNet.DataProtection.Cng; using Microsoft.AspNet.DataProtection.Cng;
using Microsoft.Extensions.Internal;
using Microsoft.Extensions.Logging; using Microsoft.Extensions.Logging;
namespace Microsoft.AspNet.DataProtection.XmlEncryption namespace Microsoft.AspNet.DataProtection.XmlEncryption
@ -45,8 +44,13 @@ namespace Microsoft.AspNet.DataProtection.XmlEncryption
/// <param name="encryptedElement">An encrypted XML element.</param> /// <param name="encryptedElement">An encrypted XML element.</param>
/// <returns>The decrypted form of <paramref name="encryptedElement"/>.</returns> /// <returns>The decrypted form of <paramref name="encryptedElement"/>.</returns>
/// <remarks> /// <remarks>
public XElement Decrypt([NotNull] XElement encryptedElement) public XElement Decrypt(XElement encryptedElement)
{ {
if (encryptedElement == null)
{
throw new ArgumentNullException(nameof(encryptedElement));
}
try try
{ {
// <encryptedKey> // <encryptedKey>

View File

@ -7,7 +7,6 @@ using System.Xml.Linq;
using Microsoft.AspNet.Cryptography; using Microsoft.AspNet.Cryptography;
using Microsoft.AspNet.Cryptography.SafeHandles; using Microsoft.AspNet.Cryptography.SafeHandles;
using Microsoft.AspNet.DataProtection.Cng; using Microsoft.AspNet.DataProtection.Cng;
using Microsoft.Extensions.Internal;
using Microsoft.Extensions.Logging; using Microsoft.Extensions.Logging;
using static System.FormattableString; using static System.FormattableString;
@ -30,7 +29,7 @@ namespace Microsoft.AspNet.DataProtection.XmlEncryption
/// </summary> /// </summary>
/// <param name="protectionDescriptorRule">The rule string from which to create the protection descriptor.</param> /// <param name="protectionDescriptorRule">The rule string from which to create the protection descriptor.</param>
/// <param name="flags">Flags controlling the creation of the protection descriptor.</param> /// <param name="flags">Flags controlling the creation of the protection descriptor.</param>
public DpapiNGXmlEncryptor([NotNull] string protectionDescriptorRule, DpapiNGProtectionDescriptorFlags flags) public DpapiNGXmlEncryptor(string protectionDescriptorRule, DpapiNGProtectionDescriptorFlags flags)
: this(protectionDescriptorRule, flags, services: null) : this(protectionDescriptorRule, flags, services: null)
{ {
} }
@ -41,8 +40,13 @@ namespace Microsoft.AspNet.DataProtection.XmlEncryption
/// <param name="protectionDescriptorRule">The rule string from which to create the protection descriptor.</param> /// <param name="protectionDescriptorRule">The rule string from which to create the protection descriptor.</param>
/// <param name="flags">Flags controlling the creation of the protection descriptor.</param> /// <param name="flags">Flags controlling the creation of the protection descriptor.</param>
/// <param name="services">An optional <see cref="IServiceProvider"/> to provide ancillary services.</param> /// <param name="services">An optional <see cref="IServiceProvider"/> to provide ancillary services.</param>
public DpapiNGXmlEncryptor([NotNull] string protectionDescriptorRule, DpapiNGProtectionDescriptorFlags flags, IServiceProvider services) public DpapiNGXmlEncryptor(string protectionDescriptorRule, DpapiNGProtectionDescriptorFlags flags, IServiceProvider services)
{ {
if (protectionDescriptorRule == null)
{
throw new ArgumentNullException(nameof(protectionDescriptorRule));
}
CryptoUtil.AssertPlatformIsWindows8OrLater(); CryptoUtil.AssertPlatformIsWindows8OrLater();
int ntstatus = UnsafeNativeMethods.NCryptCreateProtectionDescriptor(protectionDescriptorRule, (uint)flags, out _protectionDescriptorHandle); int ntstatus = UnsafeNativeMethods.NCryptCreateProtectionDescriptor(protectionDescriptorRule, (uint)flags, out _protectionDescriptorHandle);
@ -61,8 +65,13 @@ namespace Microsoft.AspNet.DataProtection.XmlEncryption
/// <paramref name="plaintextElement"/> along with information about how to /// <paramref name="plaintextElement"/> along with information about how to
/// decrypt it. /// decrypt it.
/// </returns> /// </returns>
public EncryptedXmlInfo Encrypt([NotNull] XElement plaintextElement) public EncryptedXmlInfo Encrypt(XElement plaintextElement)
{ {
if (plaintextElement == null)
{
throw new ArgumentNullException(nameof(plaintextElement));
}
string protectionDescriptorRuleString = _protectionDescriptorHandle.GetProtectionDescriptorRuleString(); string protectionDescriptorRuleString = _protectionDescriptorHandle.GetProtectionDescriptorRuleString();
if (_logger.IsVerboseLevelEnabled()) if (_logger.IsVerboseLevelEnabled())
{ {
@ -92,7 +101,7 @@ namespace Microsoft.AspNet.DataProtection.XmlEncryption
// <!-- rule string --> // <!-- rule string -->
// <value>{base64}</value> // <value>{base64}</value>
// </encryptedKey> // </encryptedKey>
var element = new XElement("encryptedKey", var element = new XElement("encryptedKey",
new XComment(" This key is encrypted with Windows DPAPI-NG. "), new XComment(" This key is encrypted with Windows DPAPI-NG. "),
new XComment(" Rule: " + protectionDescriptorRuleString + " "), new XComment(" Rule: " + protectionDescriptorRuleString + " "),

View File

@ -5,7 +5,6 @@ using System;
using System.Xml.Linq; using System.Xml.Linq;
using Microsoft.AspNet.Cryptography; using Microsoft.AspNet.Cryptography;
using Microsoft.AspNet.DataProtection.Cng; using Microsoft.AspNet.DataProtection.Cng;
using Microsoft.Extensions.Internal;
using Microsoft.Extensions.Logging; using Microsoft.Extensions.Logging;
namespace Microsoft.AspNet.DataProtection.XmlEncryption namespace Microsoft.AspNet.DataProtection.XmlEncryption
@ -42,8 +41,13 @@ namespace Microsoft.AspNet.DataProtection.XmlEncryption
/// <param name="encryptedElement">An encrypted XML element.</param> /// <param name="encryptedElement">An encrypted XML element.</param>
/// <returns>The decrypted form of <paramref name="encryptedElement"/>.</returns> /// <returns>The decrypted form of <paramref name="encryptedElement"/>.</returns>
/// <remarks> /// <remarks>
public XElement Decrypt([NotNull] XElement encryptedElement) public XElement Decrypt(XElement encryptedElement)
{ {
if (encryptedElement == null)
{
throw new ArgumentNullException(nameof(encryptedElement));
}
if (_logger.IsVerboseLevelEnabled()) if (_logger.IsVerboseLevelEnabled())
{ {
_logger.LogVerbose("Decrypting secret element using Windows DPAPI."); _logger.LogVerbose("Decrypting secret element using Windows DPAPI.");

View File

@ -5,9 +5,7 @@ using System;
using System.Security.Principal; using System.Security.Principal;
using System.Xml.Linq; using System.Xml.Linq;
using Microsoft.AspNet.Cryptography; using Microsoft.AspNet.Cryptography;
using Microsoft.AspNet.DataProtection.AuthenticatedEncryption;
using Microsoft.AspNet.DataProtection.Cng; using Microsoft.AspNet.DataProtection.Cng;
using Microsoft.Extensions.Internal;
using Microsoft.Extensions.Logging; using Microsoft.Extensions.Logging;
namespace Microsoft.AspNet.DataProtection.XmlEncryption namespace Microsoft.AspNet.DataProtection.XmlEncryption
@ -56,8 +54,13 @@ namespace Microsoft.AspNet.DataProtection.XmlEncryption
/// <paramref name="plaintextElement"/> along with information about how to /// <paramref name="plaintextElement"/> along with information about how to
/// decrypt it. /// decrypt it.
/// </returns> /// </returns>
public EncryptedXmlInfo Encrypt([NotNull] XElement plaintextElement) public EncryptedXmlInfo Encrypt(XElement plaintextElement)
{ {
if (plaintextElement == null)
{
throw new ArgumentNullException(nameof(plaintextElement));
}
if (_logger.IsVerboseLevelEnabled()) if (_logger.IsVerboseLevelEnabled())
{ {
if (_protectToLocalMachine) if (_protectToLocalMachine)

View File

@ -9,7 +9,6 @@
using System; using System;
using System.Xml.Linq; using System.Xml.Linq;
using Microsoft.Extensions.Internal;
using Microsoft.Extensions.Logging; using Microsoft.Extensions.Logging;
namespace Microsoft.AspNet.DataProtection.XmlEncryption namespace Microsoft.AspNet.DataProtection.XmlEncryption
@ -28,7 +27,7 @@ namespace Microsoft.AspNet.DataProtection.XmlEncryption
_logger = services.GetLogger<EncryptedXmlDecryptor>(); _logger = services.GetLogger<EncryptedXmlDecryptor>();
} }
public XElement Decrypt([NotNull] XElement encryptedElement) public XElement Decrypt(XElement encryptedElement)
{ {
if (_logger.IsErrorLevelEnabled()) if (_logger.IsErrorLevelEnabled())
{ {

View File

@ -8,7 +8,6 @@ using System.Security.Cryptography.Xml;
using System.Xml; using System.Xml;
using System.Xml.Linq; using System.Xml.Linq;
using Microsoft.Extensions.DependencyInjection; using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Internal;
namespace Microsoft.AspNet.DataProtection.XmlEncryption namespace Microsoft.AspNet.DataProtection.XmlEncryption
{ {
@ -42,8 +41,13 @@ namespace Microsoft.AspNet.DataProtection.XmlEncryption
/// <param name="encryptedElement">An encrypted XML element.</param> /// <param name="encryptedElement">An encrypted XML element.</param>
/// <returns>The decrypted form of <paramref name="encryptedElement"/>.</returns> /// <returns>The decrypted form of <paramref name="encryptedElement"/>.</returns>
/// <remarks> /// <remarks>
public XElement Decrypt([NotNull] XElement encryptedElement) public XElement Decrypt(XElement encryptedElement)
{ {
if (encryptedElement == null)
{
throw new ArgumentNullException(nameof(encryptedElement));
}
// <EncryptedData Type="http://www.w3.org/2001/04/xmlenc#Element" xmlns="http://www.w3.org/2001/04/xmlenc#"> // <EncryptedData Type="http://www.w3.org/2001/04/xmlenc#Element" xmlns="http://www.w3.org/2001/04/xmlenc#">
// ... // ...
// </EncryptedData> // </EncryptedData>

View File

@ -4,7 +4,6 @@
using System; using System;
using System.Reflection; using System.Reflection;
using System.Xml.Linq; using System.Xml.Linq;
using Microsoft.Extensions.Internal;
namespace Microsoft.AspNet.DataProtection.XmlEncryption namespace Microsoft.AspNet.DataProtection.XmlEncryption
{ {
@ -20,8 +19,18 @@ namespace Microsoft.AspNet.DataProtection.XmlEncryption
/// <param name="encryptedElement">A piece of encrypted XML.</param> /// <param name="encryptedElement">A piece of encrypted XML.</param>
/// <param name="decryptorType">The class whose <see cref="IXmlDecryptor.Decrypt(XElement)"/> /// <param name="decryptorType">The class whose <see cref="IXmlDecryptor.Decrypt(XElement)"/>
/// method can be used to decrypt <paramref name="encryptedElement"/>.</param> /// method can be used to decrypt <paramref name="encryptedElement"/>.</param>
public EncryptedXmlInfo([NotNull] XElement encryptedElement, [NotNull] Type decryptorType) public EncryptedXmlInfo(XElement encryptedElement, Type decryptorType)
{ {
if (encryptedElement == null)
{
throw new ArgumentNullException(nameof(encryptedElement));
}
if (decryptorType == null)
{
throw new ArgumentNullException(nameof(decryptorType));
}
if (!typeof(IXmlDecryptor).IsAssignableFrom(decryptorType)) if (!typeof(IXmlDecryptor).IsAssignableFrom(decryptorType))
{ {
throw new ArgumentException( throw new ArgumentException(

View File

@ -3,9 +3,7 @@
#if !DNXCORE50 // [[ISSUE60]] Remove this #ifdef when Core CLR gets support for EncryptedXml #if !DNXCORE50 // [[ISSUE60]] Remove this #ifdef when Core CLR gets support for EncryptedXml
using System;
using System.Security.Cryptography.X509Certificates; using System.Security.Cryptography.X509Certificates;
using Microsoft.Extensions.Internal;
namespace Microsoft.AspNet.DataProtection.XmlEncryption namespace Microsoft.AspNet.DataProtection.XmlEncryption
{ {
@ -19,7 +17,7 @@ namespace Microsoft.AspNet.DataProtection.XmlEncryption
/// </summary> /// </summary>
/// <param name="thumbprint">The thumbprint (as a hex string) of the certificate to resolve.</param> /// <param name="thumbprint">The thumbprint (as a hex string) of the certificate to resolve.</param>
/// <returns>The resolved <see cref="X509Certificate2"/>, or null if the certificate cannot be found.</returns> /// <returns>The resolved <see cref="X509Certificate2"/>, or null if the certificate cannot be found.</returns>
X509Certificate2 ResolveCertificate([NotNull] string thumbprint); X509Certificate2 ResolveCertificate(string thumbprint);
} }
} }

View File

@ -1,9 +1,7 @@
// Copyright (c) .NET Foundation. All rights reserved. // Copyright (c) .NET Foundation. All rights reserved.
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using System;
using System.Xml.Linq; using System.Xml.Linq;
using Microsoft.Extensions.Internal;
namespace Microsoft.AspNet.DataProtection.XmlEncryption namespace Microsoft.AspNet.DataProtection.XmlEncryption
{ {
@ -21,6 +19,6 @@ namespace Microsoft.AspNet.DataProtection.XmlEncryption
/// Implementations of this method must not mutate the <see cref="XElement"/> /// Implementations of this method must not mutate the <see cref="XElement"/>
/// instance provided by <paramref name="encryptedElement"/>. /// instance provided by <paramref name="encryptedElement"/>.
/// </remarks> /// </remarks>
XElement Decrypt([NotNull] XElement encryptedElement); XElement Decrypt(XElement encryptedElement);
} }
} }

View File

@ -1,10 +1,7 @@
// Copyright (c) .NET Foundation. All rights reserved. // Copyright (c) .NET Foundation. All rights reserved.
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using System;
using System.Xml.Linq; using System.Xml.Linq;
using Microsoft.AspNet.DataProtection.AuthenticatedEncryption;
using Microsoft.Extensions.Internal;
namespace Microsoft.AspNet.DataProtection.XmlEncryption namespace Microsoft.AspNet.DataProtection.XmlEncryption
{ {
@ -26,6 +23,6 @@ namespace Microsoft.AspNet.DataProtection.XmlEncryption
/// Implementations of this method must not mutate the <see cref="XElement"/> /// Implementations of this method must not mutate the <see cref="XElement"/>
/// instance provided by <paramref name="plaintextElement"/>. /// instance provided by <paramref name="plaintextElement"/>.
/// </remarks> /// </remarks>
EncryptedXmlInfo Encrypt([NotNull] XElement plaintextElement); EncryptedXmlInfo Encrypt(XElement plaintextElement);
} }
} }

View File

@ -4,7 +4,6 @@
using System; using System;
using System.Linq; using System.Linq;
using System.Xml.Linq; using System.Xml.Linq;
using Microsoft.Extensions.Internal;
namespace Microsoft.AspNet.DataProtection.XmlEncryption namespace Microsoft.AspNet.DataProtection.XmlEncryption
{ {
@ -19,8 +18,13 @@ namespace Microsoft.AspNet.DataProtection.XmlEncryption
/// <param name="encryptedElement">An encrypted XML element.</param> /// <param name="encryptedElement">An encrypted XML element.</param>
/// <returns>The decrypted form of <paramref name="encryptedElement"/>.</returns> /// <returns>The decrypted form of <paramref name="encryptedElement"/>.</returns>
/// <remarks> /// <remarks>
public XElement Decrypt([NotNull] XElement encryptedElement) public XElement Decrypt(XElement encryptedElement)
{ {
if (encryptedElement == null)
{
throw new ArgumentNullException(nameof(encryptedElement));
}
// <unencryptedKey> // <unencryptedKey>
// <!-- This key is not encrypted. --> // <!-- This key is not encrypted. -->
// <plaintextElement /> // <plaintextElement />

View File

@ -3,7 +3,6 @@
using System; using System;
using System.Xml.Linq; using System.Xml.Linq;
using Microsoft.Extensions.Internal;
using Microsoft.Extensions.Logging; using Microsoft.Extensions.Logging;
namespace Microsoft.AspNet.DataProtection.XmlEncryption namespace Microsoft.AspNet.DataProtection.XmlEncryption
@ -42,8 +41,13 @@ namespace Microsoft.AspNet.DataProtection.XmlEncryption
/// <paramref name="plaintextElement"/> along with information about how to /// <paramref name="plaintextElement"/> along with information about how to
/// decrypt it. /// decrypt it.
/// </returns> /// </returns>
public EncryptedXmlInfo Encrypt([NotNull] XElement plaintextElement) public EncryptedXmlInfo Encrypt(XElement plaintextElement)
{ {
if (plaintextElement == null)
{
throw new ArgumentNullException(nameof(plaintextElement));
}
if (_logger.IsWarningLevelEnabled()) if (_logger.IsWarningLevelEnabled())
{ {
_logger.LogWarning("Encrypting using a null encryptor; secret information isn't being protected."); _logger.LogWarning("Encrypting using a null encryptor; secret information isn't being protected.");

View File

@ -11,7 +11,6 @@
"Microsoft.AspNet.DataProtection.Sources": { "type": "build", "version": "" }, "Microsoft.AspNet.DataProtection.Sources": { "type": "build", "version": "" },
"Microsoft.Extensions.DependencyInjection.Abstractions": "1.0.0-*", "Microsoft.Extensions.DependencyInjection.Abstractions": "1.0.0-*",
"Microsoft.Extensions.Logging.Abstractions": "1.0.0-*", "Microsoft.Extensions.Logging.Abstractions": "1.0.0-*",
"Microsoft.Extensions.NotNullAttribute.Sources": { "type": "build", "version": "1.0.0-*" },
"Microsoft.Extensions.OptionsModel": "1.0.0-*" "Microsoft.Extensions.OptionsModel": "1.0.0-*"
}, },
"frameworks": { "frameworks": {