This repository was archived by the owner on Oct 17, 2018. It is now read-only.
Refactored DI support #203
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
@ajaybhargavb Will these changes fix #154? TL;DR ... The prob described in that issue was that DI wasn't working for public class CustomXmlDecryptor : IXmlDecryptor
{
private byte[] _key;
public CustomXmlDecryptor()
{
}
public CustomXmlDecryptor(IOptions<CustomDataProtectionOptions> dataProtectionOptions)
{
_key = dataProtectionOptions.Value.Key;
}
public XElement Decrypt(XElement encryptedElement)
{
// Code here uses _key to decrypt
}
}
public CustomXmlDecryptor(IServiceProvider services)
{
var dataProtectionOptions =
services.GetRequiredService<IOptions<CustomDataProtectionOptions>>();
_key = dataProtectionOptions.Value.Key;
}... to make it work. |
|
@guardrex, this change won't fix the issue that you referenced. It was never supported. |
ajaybhargavb
force-pushed
the
ajbaaska/refactor-dp-final
branch
from
4df6218 to
8ee57f7
Compare
Eilon
suggested changes
Feb 28, 2017
| var serviceCollection = new ServiceCollection(); | ||
| serviceCollection.AddLogging(); | ||
| serviceCollection.AddDataProtection() | ||
| .PersistKeysToFileSystem(new DirectoryInfo(@"c:\temp-keys")) |
There was a problem hiding this comment.
Should this use some other path for the sake of the sample? Does this work on non-Windows?
| var serviceCollection = new ServiceCollection(); | ||
| serviceCollection.AddDataProtection() | ||
| // point at a specific folder and use DPAPI to encrypt keys | ||
| .PersistKeysToFileSystem(new DirectoryInfo(@"c:\temp-keys")) |
| // one key in the key ring | ||
| services.GetDataProtector("Sample.KeyManager.v1").Protect("payload"); | ||
| Console.WriteLine("Performed a protect operation."); | ||
| Thread.Sleep(2000); |
samples/NonDISample/Program.cs
Outdated
| { | ||
| // get the path to %LOCALAPPDATA%\myapp-keys | ||
| var destFolder = Path.Combine( | ||
| Environment.GetEnvironmentVariable("LOCALAPPDATA"), |
| { | ||
| throw Error.Common_PropertyCannotBeNullOrEmpty(nameof(configuration.EncryptionAlgorithmType)); | ||
| } | ||
| typeof(SymmetricAlgorithm).AssertIsAssignableFrom(configuration.EncryptionAlgorithmType); |
| @@ -118,7 +107,7 @@ internal static string GetDefaultProtectionDescriptorString() | |||
| using (var currentIdentity = WindowsIdentity.GetCurrent()) | |||
| { | |||
| // use the SID to create an SDDL string | |||
| return Invariant($"SID={currentIdentity.User.Value}"); | |||
| return String.Format(CultureInfo.InvariantCulture, "SID={0}", currentIdentity.User.Value); | |||
| @@ -107,7 +87,11 @@ private static RegistryKey GetDefaultHklmStorageKey() | |||
| // Even though this is in HKLM, WAS ensures that applications hosted in IIS are properly isolated. | |||
| // See APP_POOL::EnsureSharedMachineKeyStorage in WAS source for more info. | |||
| // The version number will need to change if IIS hosts Core CLR directly. | |||
| var aspnetAutoGenKeysBaseKeyName = Invariant($@"SOFTWARE\Microsoft\ASP.NET\4.0.30319.0\AutoGenKeys\{WindowsIdentity.GetCurrent().User.Value}"); | |||
| var aspnetAutoGenKeysBaseKeyName = String.Format( | |||
| @@ -21,4 +21,8 @@ | |||
| <PackageReference Include="xunit" Version="2.2.0-*" /> | |||
| </ItemGroup> | |||
|
|
|||
| <ItemGroup> | |||
| <Service Include="{82a7f48d-3b50-4b1e-b82e-3ada8210c358}" /> | |||
There was a problem hiding this comment.
Does VS just put this here? If we remove it, will VS put it back? (If so, leave it.)
There was a problem hiding this comment.
Yes, VS will just put this back.
|
|
||
| private static IAuthenticatedEncryptor CreateEncryptorInstanceFromDescriptor(CngGcmAuthenticatedEncryptorDescriptor descriptor) | ||
| { | ||
| var key = new Key( |
| IServiceCollection serviceCollection = new ServiceCollection(); | ||
| RunTestWithRegValues(serviceCollection, new Dictionary<string, object>() | ||
| // Arrange | ||
| var registryEntries = new Dictionary<string, object>() | ||
| { | ||
| ["unused"] = 42 |
There was a problem hiding this comment.
If it's unused, do we need to set any values in the registry at all?
|
🆙 📅 |
rynowak
approved these changes
Mar 14, 2017
| /// Settings for configuring authenticated encryption algorithms. | ||
| /// </summary> | ||
| public sealed class AuthenticatedEncryptionSettings : IInternalAuthenticatedEncryptionSettings | ||
| public class AuthenticatedEncryptorFactory : IAuthenticatedEncryptorFactory |
There was a problem hiding this comment.
Yes it should. Looks like I missed this one. Good catch 👍
- Refactored builder extensions and service collection extensions - Refactored Settings/Configuration/Descriptor - Removed ConfigurationCommon/AuthenticatedEncryptorConfigurationExtensions - Added IAuthenticatedEncryptorFactory and implementations - Refactored IKey to have Descriptor instead of CreateEncryptorInstance() - Handled Repository/Encryptor special logic - Added samples - Updated tests
ajaybhargavb
force-pushed
the
ajbaaska/refactor-dp-final
branch
from
6db8037 to
cde3b96
Compare
|
Thanks @Eilon @rynowak @GrabYourPitchforks |
ajaybhargavb
added a commit
to aspnet/Security
that referenced
this pull request
Mar 15, 2017
|
🎉 |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Issue - #134
@rynowak @davidfowl @blowdart