52 lines
1.5 KiB
C#
52 lines
1.5 KiB
C#
using System.Security.Cryptography;
|
|
using IdentityShroud.Core.Contracts;
|
|
using IdentityShroud.Core.Messages;
|
|
using IdentityShroud.Core.Model;
|
|
using IdentityShroud.Core.Security.Keys;
|
|
|
|
namespace IdentityShroud.Core.Services;
|
|
|
|
public class KeyService(
|
|
IEncryptionService cryptor,
|
|
IKeyProviderFactory keyProviderFactory,
|
|
IClock clock) : IKeyService
|
|
{
|
|
public RealmKey CreateKey(KeyPolicy policy)
|
|
{
|
|
IKeyProvider provider = keyProviderFactory.CreateProvider(policy.KeyType);
|
|
var plainKey = provider.CreateKey(policy);
|
|
|
|
return CreateKey(policy.KeyType, plainKey);
|
|
}
|
|
|
|
public JsonWebKey? CreateJsonWebKey(RealmKey realmKey)
|
|
{
|
|
JsonWebKey jwk = new()
|
|
{
|
|
KeyId = realmKey.Id.ToString(),
|
|
KeyType = realmKey.KeyType,
|
|
Use = "sig",
|
|
};
|
|
|
|
IKeyProvider provider = keyProviderFactory.CreateProvider(realmKey.KeyType);
|
|
provider.SetJwkParameters(
|
|
cryptor.Decrypt(realmKey.KeyDataEncrypted),
|
|
jwk);
|
|
|
|
return jwk;
|
|
}
|
|
|
|
private RealmKey CreateKey(string keyType, byte[] plainKey) =>
|
|
new RealmKey(
|
|
Guid.NewGuid(),
|
|
keyType,
|
|
cryptor.Encrypt(plainKey),
|
|
clock.UtcNow());
|
|
|
|
// public byte[] GetPrivateKey(IEncryptionService encryptionService)
|
|
// {
|
|
// if (_privateKeyDecrypted.Length == 0 && PrivateKeyEncrypted.Length > 0)
|
|
// _privateKeyDecrypted = encryptionService.Decrypt(PrivateKeyEncrypted);
|
|
// return _privateKeyDecrypted;
|
|
// }
|
|
}
|