644b005f2a
The EncryptionService now loads a set of keys and uses the active one to encrypt and selects key based on keyid during decryption. Introduced EncryptedValue to hold keyId and encrypted data. (There are no intermeddiate keys yet)
26 lines
No EOL
767 B
C#
26 lines
No EOL
767 B
C#
using System.ComponentModel.DataAnnotations.Schema;
|
|
using IdentityShroud.Core.Contracts;
|
|
using Microsoft.EntityFrameworkCore;
|
|
|
|
namespace IdentityShroud.Core.Model;
|
|
|
|
|
|
[Table("realm_key")]
|
|
public record RealmKey
|
|
{
|
|
public required Guid Id { get; init; }
|
|
public required string KeyType { get; init; }
|
|
|
|
|
|
public required EncryptedValue Key { get; init; }
|
|
public required DateTime CreatedAt { get; init; }
|
|
public DateTime? RevokedAt { get; set; }
|
|
|
|
/// <summary>
|
|
/// Key with highest priority will be used. While there is not really a use case for this I know some users
|
|
/// are more comfortable replacing keys by using priority then directly deactivating the old key.
|
|
/// </summary>
|
|
public int Priority { get; set; } = 10;
|
|
|
|
|
|
} |