< Summary

Class:Azure.Extensions.AspNetCore.DataProtection.Keys.AzureKeyVaultXmlEncryptor
Assembly:Azure.Extensions.AspNetCore.DataProtection.Keys
File(s):C:\Git\azure-sdk-for-net\sdk\extensions\Azure.Extensions.AspNetCore.DataProtection.Keys\src\AzureKeyVaultXmlEncryptor.cs
Covered lines:32
Uncovered lines:2
Coverable lines:34
Total lines:80
Line coverage:94.1% (32 of 34)
Covered branches:0
Total branches:0

Metrics

MethodCyclomatic complexity Line coverage Branch coverage
.cctor()-100%100%
.ctor(...)-0%100%
.ctor(...)-100%100%
Encrypt(...)-100%100%
EncryptAsync()-100%100%

File(s)

C:\Git\azure-sdk-for-net\sdk\extensions\Azure.Extensions.AspNetCore.DataProtection.Keys\src\AzureKeyVaultXmlEncryptor.cs

#LineLine coverage
 1// Copyright (c) Microsoft Corporation. All rights reserved.
 2// Licensed under the MIT License.
 3
 4using System;
 5using System.IO;
 6using System.Security.Cryptography;
 7using System.Threading.Tasks;
 8using System.Xml.Linq;
 9using Azure.Core.Cryptography;
 10using Azure.Security.KeyVault.Keys.Cryptography;
 11using Microsoft.AspNetCore.DataProtection.XmlEncryption;
 12
 13namespace Azure.Extensions.AspNetCore.DataProtection.Keys
 14{
 15    internal class AzureKeyVaultXmlEncryptor : IXmlEncryptor
 16    {
 217        internal static readonly string DefaultKeyEncryption = KeyWrapAlgorithm.RsaOaep.ToString();
 218        internal static readonly Func<SymmetricAlgorithm> DefaultSymmetricAlgorithmFactory = Aes.Create;
 19
 20        private readonly RandomNumberGenerator _randomNumberGenerator;
 21        private readonly IKeyEncryptionKeyResolver _client;
 22        private readonly string _keyId;
 23
 24        public AzureKeyVaultXmlEncryptor(IKeyEncryptionKeyResolver client, string keyId)
 025            : this(client, keyId, RandomNumberGenerator.Create())
 26        {
 027        }
 28
 229        internal AzureKeyVaultXmlEncryptor(IKeyEncryptionKeyResolver client, string keyId,
 230            RandomNumberGenerator randomNumberGenerator)
 31        {
 232            _client = client;
 233            _keyId = keyId;
 234            _randomNumberGenerator = randomNumberGenerator;
 235        }
 36
 37        public EncryptedXmlInfo Encrypt(XElement plaintextElement)
 38        {
 439            return Task.Run(() => EncryptAsync(plaintextElement)).GetAwaiter().GetResult();
 40        }
 41
 42        private async Task<EncryptedXmlInfo> EncryptAsync(XElement plaintextElement)
 43        {
 44            byte[] value;
 245            using (var memoryStream = new MemoryStream())
 46            {
 247                plaintextElement.Save(memoryStream, SaveOptions.DisableFormatting);
 248                value = memoryStream.ToArray();
 249            }
 50
 251            using (var symmetricAlgorithm = DefaultSymmetricAlgorithmFactory())
 52            {
 253                var symmetricBlockSize = symmetricAlgorithm.BlockSize / 8;
 254                var symmetricKey = new byte[symmetricBlockSize];
 255                var symmetricIV = new byte[symmetricBlockSize];
 256                _randomNumberGenerator.GetBytes(symmetricKey);
 257                _randomNumberGenerator.GetBytes(symmetricIV);
 58
 59                byte[] encryptedValue;
 260                using (var encryptor = symmetricAlgorithm.CreateEncryptor(symmetricKey, symmetricIV))
 61                {
 262                    encryptedValue = encryptor.TransformFinalBlock(value, 0, value.Length);
 263                }
 64
 265                var key = await _client.ResolveAsync(_keyId).ConfigureAwait(false);
 266                var wrappedKey = await key.WrapKeyAsync(DefaultKeyEncryption, symmetricKey).ConfigureAwait(false);
 67
 268                var element = new XElement("encryptedKey",
 269                    new XComment(" This key is encrypted with Azure KeyVault. "),
 270                    new XElement("kid", key.KeyId),
 271                    new XElement("key", Convert.ToBase64String(wrappedKey)),
 272                    new XElement("iv", Convert.ToBase64String(symmetricIV)),
 273                    new XElement("value", Convert.ToBase64String(encryptedValue)));
 74
 275                return new EncryptedXmlInfo(element, typeof(AzureKeyVaultXmlDecryptor));
 76            }
 77
 278        }
 79    }
 80}
Generated by: ReportGenerator 4.6.4.0
8/12/2020 - 3:46:41 PM
GitHub | www.palmmedia.de

Methods/Properties

.cctor()
.ctor(...)
.ctor(...)
Encrypt(...)
EncryptAsync()