part #2

src/__Libraries/StellaOps.Cryptography.Kms/Fido2KmsClient.Helpers.cs

@@ -0,0 +1,39 @@
+using Microsoft.IdentityModel.Tokens;
+using System;
+using System.Security.Cryptography;
+
+namespace StellaOps.Cryptography.Kms;
+
+public sealed partial class Fido2KmsClient
+{
+    private static byte[] ComputeSha256(ReadOnlyMemory<byte> data)
+    {
+        var digest = new byte[32];
+        if (!SHA256.TryHashData(data.Span, digest, out _))
+        {
+            throw new InvalidOperationException("Failed to hash payload with SHA-256.");
+        }
+
+        return digest;
+    }
+
+    private void ThrowIfDisposed()
+    {
+        if (_disposed)
+        {
+            throw new ObjectDisposedException(nameof(Fido2KmsClient));
+        }
+    }
+
+    private static string ResolveCurveName(ECCurve curve)
+    {
+        var oid = curve.Oid?.Value;
+        return oid switch
+        {
+            "1.2.840.10045.3.1.7" => JsonWebKeyECTypes.P256,
+            "1.3.132.0.34" => JsonWebKeyECTypes.P384,
+            "1.3.132.0.35" => JsonWebKeyECTypes.P521,
+            _ => throw new InvalidOperationException($"Unsupported FIDO2 curve OID '{oid}'."),
+        };
+    }
+}