/
AuthenticatedEncryptorDescriptorDeserializer.cs
48 lines (41 loc) · 2.08 KB
/
AuthenticatedEncryptorDescriptorDeserializer.cs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
// Licensed to the .NET Foundation under one or more agreements.
// The .NET Foundation licenses this file to you under the MIT license.
using System;
using System.Linq;
using System.Xml.Linq;
namespace Microsoft.AspNetCore.DataProtection.AuthenticatedEncryption.ConfigurationModel
{
/// <summary>
/// A class that can deserialize an <see cref="XElement"/> that represents the serialized version
/// of an <see cref="AuthenticatedEncryptorDescriptor"/>.
/// </summary>
public sealed class AuthenticatedEncryptorDescriptorDeserializer : IAuthenticatedEncryptorDescriptorDeserializer
{
/// <summary>
/// Imports the <see cref="AuthenticatedEncryptorDescriptor"/> from serialized XML.
/// </summary>
public IAuthenticatedEncryptorDescriptor ImportFromXml(XElement element)
{
if (element == null)
{
throw new ArgumentNullException(nameof(element));
}
// <descriptor>
// <encryption algorithm="..." />
// <validation algorithm="..." /> <!-- only if not GCM -->
// <masterKey requiresEncryption="true">...</masterKey>
// </descriptor>
var configuration = new AuthenticatedEncryptorConfiguration();
var encryptionElement = element.Element("encryption")!;
configuration.EncryptionAlgorithm = (EncryptionAlgorithm)Enum.Parse(typeof(EncryptionAlgorithm), (string)encryptionElement.Attribute("algorithm")!);
// only read <validation> if not GCM
if (!AuthenticatedEncryptorFactory.IsGcmAlgorithm(configuration.EncryptionAlgorithm))
{
var validationElement = element.Element("validation")!;
configuration.ValidationAlgorithm = (ValidationAlgorithm)Enum.Parse(typeof(ValidationAlgorithm), (string)validationElement.Attribute("algorithm")!);
}
Secret masterKey = ((string)element.Elements("masterKey").Single()).ToSecret();
return new AuthenticatedEncryptorDescriptor(configuration, masterKey);
}
}
}