IdentityShroud/IdentityShroud.Core/Security/Encryption.cs

using System.Security.Cryptography;

namespace IdentityShroud.Core.Security;

public static class Encryption
{
    private record struct AlgVersion(int Version, int NonceSize, int TagSize);

    private static AlgVersion[] _versions = 
    [
        new(0, 0, 0), // version 0 does not realy exist
        new(1, 12, 16), // version 1
    ];
    
    public static byte[] Encrypt(ReadOnlySpan<byte> plaintext, ReadOnlySpan<byte> key)
    {
        const int versionNumber = 1; 
        AlgVersion versionParams = _versions[versionNumber];

        int resultSize = 1 + versionParams.NonceSize + versionParams.TagSize + plaintext.Length;
        // allocate buffer for complete response 
        var result = new byte[resultSize];
        
        result[0] = (byte)versionParams.Version;

        // make the spans that point to the parts of the result where their data is located
        var nonce = result.AsSpan(1, versionParams.NonceSize); 
        var tag = result.AsSpan(1 + versionParams.NonceSize, versionParams.TagSize);
        var cipher = result.AsSpan(1 + versionParams.NonceSize + versionParams.TagSize);

        // use the spans to place the data directly in its place
        RandomNumberGenerator.Fill(nonce);
        using var aes = new AesGcm(key, versionParams.TagSize);
        aes.Encrypt(nonce, plaintext, cipher, tag);
        return result;
    }
    
    public static byte[] Decrypt(ReadOnlyMemory<byte> input, ReadOnlySpan<byte> key)
    {
        var payload = input.Span;
        int versionNumber = (int)payload[0];
        if (versionNumber != 1)
            throw new ArgumentException("Invalid payload");
        
        AlgVersion versionParams = _versions[versionNumber];
        
        
        if (payload.Length < 1 + versionParams.NonceSize + versionParams.TagSize)
            throw new ArgumentException("Payload is too short to contain nonce, ciphertext, and tag.", nameof(payload));

        ReadOnlySpan<byte> nonce = payload.Slice(1, versionParams.NonceSize);
        ReadOnlySpan<byte> tag = payload.Slice(1 + versionParams.NonceSize, versionParams.TagSize);
        ReadOnlySpan<byte> cipher = payload.Slice(1 + versionParams.NonceSize + versionParams.TagSize);

        byte[] plaintext = new byte[cipher.Length];

        using var aes = new AesGcm(key, versionParams.TagSize);
        try
        {
            aes.Decrypt(nonce, cipher, tag, plaintext);
        }
        catch (CryptographicException ex)
        {
            // Tag verification failed → tampering or wrong key/nonce.
            throw new InvalidOperationException("Decryption failed – authentication tag mismatch.", ex);
        }

        return plaintext;
    }
}
-												Improve the binary storage format of encrypted secrets. Move the related code from AesGcmHelper into the EncryptionService.

											
										
										
											2026-02-22 19:11:17 +01:00
+								using System.Security.Cryptography;
-												EncryptionService should be using ISecretProvider

Remove Async from method that was not Async

											
										
										
											2026-02-15 19:18:02 +01:00
-												Encrypt realm data with dek which is encrypted with kek. The signing keys are also encrypted with the kek.

											
										
										
											2026-02-26 16:53:02 +01:00
+								namespace IdentityShroud.Core.Security;
-												EncryptionService should be using ISecretProvider

Remove Async from method that was not Async

											
										
										
											2026-02-15 19:18:02 +01:00
-												Encrypt realm data with dek which is encrypted with kek. The signing keys are also encrypted with the kek.

											
										
										
											2026-02-26 16:53:02 +01:00
+								public static class Encryption
-												EncryptionService should be using ISecretProvider

Remove Async from method that was not Async

											
										
										
											2026-02-15 19:18:02 +01:00
+								{
-												Encrypt realm data with dek which is encrypted with kek. The signing keys are also encrypted with the kek.

											
										
										
											2026-02-26 16:53:02 +01:00
+								    private record struct AlgVersion(int Version, int NonceSize, int TagSize);
-												Improve the binary storage format of encrypted secrets. Move the related code from AesGcmHelper into the EncryptionService.

											
										
										
											2026-02-22 19:11:17 +01:00
-												Encrypt realm data with dek which is encrypted with kek. The signing keys are also encrypted with the kek.

											
										
										
											2026-02-26 16:53:02 +01:00
+								    private static AlgVersion[] _versions =
-												Improve the binary storage format of encrypted secrets. Move the related code from AesGcmHelper into the EncryptionService.

											
										
										
											2026-02-22 19:11:17 +01:00
+								    [
-												Encrypt realm data with dek which is encrypted with kek. The signing keys are also encrypted with the kek.

											
										
										
											2026-02-26 16:53:02 +01:00
+								        new(0, 0, 0), // version 0 does not realy exist
 								        new(1, 12, 16), // version 1
-												Improve the binary storage format of encrypted secrets. Move the related code from AesGcmHelper into the EncryptionService.

											
										
										
											2026-02-22 19:11:17 +01:00
+								    ];
-												Pass Span instead of Memory

											
										
										
											2026-02-26 20:39:48 +01:00
+								    public static byte[] Encrypt(ReadOnlySpan<byte> plaintext, ReadOnlySpan<byte> key)
-												EncryptionService should be using ISecretProvider

Remove Async from method that was not Async

											
										
										
											2026-02-15 19:18:02 +01:00
+								    {
-												Improve the binary storage format of encrypted secrets. Move the related code from AesGcmHelper into the EncryptionService.

											
										
										
											2026-02-22 19:11:17 +01:00
+								        const int versionNumber = 1;
 								        AlgVersion versionParams = _versions[versionNumber];
 								        int resultSize = 1 + versionParams.NonceSize + versionParams.TagSize + plaintext.Length;
 								        // allocate buffer for complete response
 								        var result = new byte[resultSize];
-												Encrypt realm data with dek which is encrypted with kek. The signing keys are also encrypted with the kek.

											
										
										
											2026-02-26 16:53:02 +01:00
+								        result[0] = (byte)versionParams.Version;
-												Improve the binary storage format of encrypted secrets. Move the related code from AesGcmHelper into the EncryptionService.

											
										
										
											2026-02-22 19:11:17 +01:00
 								        // make the spans that point to the parts of the result where their data is located
 								        var nonce = result.AsSpan(1, versionParams.NonceSize);
 								        var tag = result.AsSpan(1 + versionParams.NonceSize, versionParams.TagSize);
 								        var cipher = result.AsSpan(1 + versionParams.NonceSize + versionParams.TagSize);
 								        // use the spans to place the data directly in its place
 								        RandomNumberGenerator.Fill(nonce);
-												Encrypt realm data with dek which is encrypted with kek. The signing keys are also encrypted with the kek.

											
										
										
											2026-02-26 16:53:02 +01:00
+								        using var aes = new AesGcm(key, versionParams.TagSize);
-												Pass Span instead of Memory

											
										
										
											2026-02-26 20:39:48 +01:00
+								        aes.Encrypt(nonce, plaintext, cipher, tag);
-												Encrypt realm data with dek which is encrypted with kek. The signing keys are also encrypted with the kek.

											
										
										
											2026-02-26 16:53:02 +01:00
+								        return result;
-												EncryptionService should be using ISecretProvider

Remove Async from method that was not Async

											
										
										
											2026-02-15 19:18:02 +01:00
+								    }
-												Encrypt realm data with dek which is encrypted with kek. The signing keys are also encrypted with the kek.

											
										
										
											2026-02-26 16:53:02 +01:00
 								    public static byte[] Decrypt(ReadOnlyMemory<byte> input, ReadOnlySpan<byte> key)
-												EncryptionService should be using ISecretProvider

Remove Async from method that was not Async

											
										
										
											2026-02-15 19:18:02 +01:00
+								    {
-												Encrypt realm data with dek which is encrypted with kek. The signing keys are also encrypted with the kek.

											
										
										
											2026-02-26 16:53:02 +01:00
+								        var payload = input.Span;
-												Improve the binary storage format of encrypted secrets. Move the related code from AesGcmHelper into the EncryptionService.

											
										
										
											2026-02-22 19:11:17 +01:00
+								        int versionNumber = (int)payload[0];
 								        if (versionNumber != 1)
-												Support rotation of master key.

The EncryptionService now loads a set of keys and uses the active one to encrypt and selects key based on keyid during decryption. Introduced EncryptedValue to hold keyId and encrypted data.

(There are no intermeddiate keys yet)

											
										
										
											2026-02-24 06:32:58 +01:00
+								            throw new ArgumentException("Invalid payload");
-												Improve the binary storage format of encrypted secrets. Move the related code from AesGcmHelper into the EncryptionService.

											
										
										
											2026-02-22 19:11:17 +01:00
 								        AlgVersion versionParams = _versions[versionNumber];
 								        if (payload.Length < 1 + versionParams.NonceSize + versionParams.TagSize)
 								            throw new ArgumentException("Payload is too short to contain nonce, ciphertext, and tag.", nameof(payload));
 								        ReadOnlySpan<byte> nonce = payload.Slice(1, versionParams.NonceSize);
 								        ReadOnlySpan<byte> tag = payload.Slice(1 + versionParams.NonceSize, versionParams.TagSize);
 								        ReadOnlySpan<byte> cipher = payload.Slice(1 + versionParams.NonceSize + versionParams.TagSize);
 								        byte[] plaintext = new byte[cipher.Length];
-												Encrypt realm data with dek which is encrypted with kek. The signing keys are also encrypted with the kek.

											
										
										
											2026-02-26 16:53:02 +01:00
+								        using var aes = new AesGcm(key, versionParams.TagSize);
-												Improve the binary storage format of encrypted secrets. Move the related code from AesGcmHelper into the EncryptionService.

											
										
										
											2026-02-22 19:11:17 +01:00
+								        try
 								        {
 								            aes.Decrypt(nonce, cipher, tag, plaintext);
 								        }
 								        catch (CryptographicException ex)
 								        {
 								            // Tag verification failed → tampering or wrong key/nonce.
 								            throw new InvalidOperationException("Decryption failed – authentication tag mismatch.", ex);
 								        }
 								        return plaintext;
-												EncryptionService should be using ISecretProvider

Remove Async from method that was not Async

											
										
										
											2026-02-15 19:18:02 +01:00
+								    }
 								}