Encrypt realm data with dek which is encrypted with kek. The signing keys are also encrypted with the kek.

IdentityShroud.Core/Services/EncryptionService.cs

@@ -1,92 +0,0 @@
-using System.Security.Cryptography;
-using IdentityShroud.Core.Contracts;
-
-namespace IdentityShroud.Core.Services;
-
-/// <summary>
-/// 
-/// </summary>
-public class EncryptionService : IEncryptionService
-{
-    private record struct AlgVersion(int NonceSize, int TagSize);
-
-    private AlgVersion[] _versions = 
-    [
-        new(0, 0), // version 0 does not realy exist
-        new (12, 16), // version 1
-    ];
-    
-    // Note this array is expected to have one item in it most of the during key rotation it will have two
-    // until it is ensured the old key can safely be removed. More then two will work but is not really expected.
-    private readonly EncryptionKey[] _encryptionKeys;
-
-    private EncryptionKey ActiveKey => _encryptionKeys.Single(k => k.Active);
-    private EncryptionKey GetKey(string keyId) => _encryptionKeys.Single(k => k.Id == keyId);
-
-    public EncryptionService(ISecretProvider secretProvider)
-    {
-        _encryptionKeys = secretProvider.GetKeys("master");
-        // if (_encryptionKey.Length != 32) // 256‑bit key
-        //     throw new Exception("Key must be 256 bits (32 bytes) for AES‑256‑GCM.");
-    }
-
-    public EncryptedValue Encrypt(ReadOnlyMemory<byte> plaintext)
-    {
-        const int versionNumber = 1; 
-        AlgVersion versionParams = _versions[versionNumber];
-
-        int resultSize = 1 + versionParams.NonceSize + versionParams.TagSize + plaintext.Length;
-        // allocate buffer for complete response 
-        var result = new byte[resultSize];
-        
-        result[0] = (byte)versionNumber;
-
-        // make the spans that point to the parts of the result where their data is located
-        var nonce = result.AsSpan(1, versionParams.NonceSize); 
-        var tag = result.AsSpan(1 + versionParams.NonceSize, versionParams.TagSize);
-        var cipher = result.AsSpan(1 + versionParams.NonceSize + versionParams.TagSize);
-
-        // use the spans to place the data directly in its place
-        RandomNumberGenerator.Fill(nonce);
-        var encryptionKey = ActiveKey;
-        using var aes = new AesGcm(encryptionKey.Key, versionParams.TagSize);
-        aes.Encrypt(nonce, plaintext.Span, cipher, tag);
-
-        return new (encryptionKey.Id, result);
-    }
-
-    public byte[] Decrypt(EncryptedValue input)
-    {
-        var encryptionKey = GetKey(input.KeyId);
-        
-        var payload = input.Value.AsSpan();
-        int versionNumber = (int)payload[0];
-        if (versionNumber != 1)
-            throw new ArgumentException("Invalid payload");
-        
-        AlgVersion versionParams = _versions[versionNumber];
-        
-        
-        if (payload.Length < 1 + versionParams.NonceSize + versionParams.TagSize)
-            throw new ArgumentException("Payload is too short to contain nonce, ciphertext, and tag.", nameof(payload));
-
-        ReadOnlySpan<byte> nonce = payload.Slice(1, versionParams.NonceSize);
-        ReadOnlySpan<byte> tag = payload.Slice(1 + versionParams.NonceSize, versionParams.TagSize);
-        ReadOnlySpan<byte> cipher = payload.Slice(1 + versionParams.NonceSize + versionParams.TagSize);
-
-        byte[] plaintext = new byte[cipher.Length];
-
-        using var aes = new AesGcm(encryptionKey.Key, versionParams.TagSize);
-        try
-        {
-            aes.Decrypt(nonce, cipher, tag, plaintext);
-        }
-        catch (CryptographicException ex)
-        {
-            // Tag verification failed → tampering or wrong key/nonce.
-            throw new InvalidOperationException("Decryption failed – authentication tag mismatch.", ex);
-        }
-
-        return plaintext;
-    }
-}