Description
We recently made a major refactoring of DataProtection apis as part of aspnet/DataProtection#134 to better support DI.
Note: There are NO changes to the basic IDataProtectionProvider and IDataProtector apis.
Here is a list of the breaking changes,
Replaced:
IAuthenticatedEncryptorConfiguration => AlgorithmConfiguration
Merged:
CngCbcAuthenticatedEncryptionSettings => CngCbcAuthenticatedEncryptorConfiguration
CngGcmAuthenticatedEncryptionSettings => CngGcmAuthenticatedEncryptorConfiguration
ManagedAuthenticatedEncryptionSettings => ManagedAuthenticatedEncryptorConfiguration
AuthenticatedEncryptionSettings => AuthenticatedEncryptorConfiguration
Added:
IAuthenticatedEncryptorFactory
CngCbcAuthenticatedEncryptorFactory
CngGcmAuthenticatedEncryptorFactory
ManagedAuthenticatedEncryptorFactory
AuthenticatedEncryptorFactory
IAuthenticatedEncryptorDescriptor Descriptor property on IKey
Moved:
IAuthenticatedEncryptorDescriptor.CreateEncryptorInstance() => IAuthenticatedEncryptorFactory.CreateEncryptorInstance()
Renamed:
IKey.CreateEncryptorInstance() => IKey.CreateEncryptor()
Removed:
DataProtectionServices
Other changes:
The following services are now settable in KeyManagementOptions instead of in the DI directly,
AlgorithmConfiguration (previously IAuthenticatedEncryptorConfiguration)
IKeyEscrowSink
IXmlRepository
IXmlEncryptor
IAuthenticatedEncryptorFactory (new api)
Changes to DataProtectionBuilderExtensions:
Methods UseCryptographicAlgorithms and UseCustomCryptographicAlgorithms now take *AuthenticatedEncryptorConfiguration instead of *AuthenticatedEncryptorSettings.
Constructor signature of the below classes has changed from having an optional IServiceProvider to non-optional services like ILoggerFactory,
EphemeralDataProtectionProvider
IAuthenticatedEncryptorDescriptor implementations
IAuthenticatedEncryptorDescriptorDeserializer implementations
XmlKeyManager
IXmlRepository implementations
IXmlEncryptor implementations
The docs will be updated to reflect the new changes.