stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 16 Releases Wiki Activity

Refactor code structure for improved readability and maintainability

Browse Source
This commit is contained in:
master
2025-11-06 19:30:31 +02:00
parent 822e3b6037
commit 62086949a4
22 changed files with 70 additions and 52 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
src/__Libraries/StellaOps.Cryptography.Kms/AwsKmsFacade.cs
View File

@@ -5,7 +5,7 @@ using Amazon.KeyManagementService.Model;
namespace StellaOps.Cryptography.Kms;
internal interface IAwsKmsFacade : IDisposable
public interface IAwsKmsFacade : IDisposable
{
Task<AwsSignResult> SignAsync(string keyResource, ReadOnlyMemory<byte> digest, CancellationToken cancellationToken);
@@ -16,11 +16,11 @@ internal interface IAwsKmsFacade : IDisposable
Task<AwsPublicKeyMaterial> GetPublicKeyAsync(string keyResource, CancellationToken cancellationToken);
}
internal sealed record AwsSignResult(string KeyResource, string VersionId, byte[] Signature);
public sealed record AwsSignResult(string KeyResource, string VersionId, byte[] Signature);
internal sealed record AwsKeyMetadata(string KeyId, string Arn, DateTimeOffset CreatedAt, AwsKeyStatus Status);
public sealed record AwsKeyMetadata(string KeyId, string Arn, DateTimeOffset CreatedAt, AwsKeyStatus Status);
internal enum AwsKeyStatus
public enum AwsKeyStatus
{
Unspecified = 0,
Enabled = 1,
@@ -31,7 +31,7 @@ internal enum AwsKeyStatus
Unavailable = 6,
}
internal sealed record AwsPublicKeyMaterial(string KeyId, string VersionId, string Curve, byte[] SubjectPublicKeyInfo);
public sealed record AwsPublicKeyMaterial(string KeyId, string VersionId, string Curve, byte[] SubjectPublicKeyInfo);
internal sealed class AwsKmsFacade : IAwsKmsFacade
{

12
src/__Libraries/StellaOps.Cryptography.Kms/GcpKmsFacade.cs
View File

@@ -4,7 +4,7 @@ using Google.Protobuf.WellKnownTypes;
namespace StellaOps.Cryptography.Kms;
internal interface IGcpKmsFacade : IDisposable
public interface IGcpKmsFacade : IDisposable
{
Task<GcpSignResult> SignAsync(string versionName, ReadOnlyMemory<byte> digest, CancellationToken cancellationToken);
@@ -15,11 +15,11 @@ internal interface IGcpKmsFacade : IDisposable
Task<GcpPublicKeyMaterial> GetPublicKeyAsync(string versionName, CancellationToken cancellationToken);
}
internal sealed record GcpSignResult(string VersionName, byte[] Signature);
public sealed record GcpSignResult(string VersionName, byte[] Signature);
internal sealed record GcpCryptoKeyMetadata(string KeyName, string? PrimaryVersionName, DateTimeOffset CreateTime);
public sealed record GcpCryptoKeyMetadata(string KeyName, string? PrimaryVersionName, DateTimeOffset CreateTime);
internal enum GcpCryptoKeyVersionState
public enum GcpCryptoKeyVersionState
{
Unspecified = 0,
PendingGeneration = 1,
@@ -32,13 +32,13 @@ internal enum GcpCryptoKeyVersionState
GenerationFailed = 8,
}
internal sealed record GcpCryptoKeyVersionMetadata(
public sealed record GcpCryptoKeyVersionMetadata(
string VersionName,
GcpCryptoKeyVersionState State,
DateTimeOffset CreateTime,
DateTimeOffset? DestroyTime);
internal sealed record GcpPublicKeyMaterial(string VersionName, string Algorithm, string Pem);
public sealed record GcpPublicKeyMaterial(string VersionName, string Algorithm, string Pem);
internal sealed class GcpKmsFacade : IGcpKmsFacade
{

27
src/__Libraries/StellaOps.Cryptography.Kms/Pkcs11Facade.cs
View File

@@ -1,13 +1,20 @@
using Net.Pkcs11Interop.Common;
using Net.Pkcs11Interop.HighLevelAPI;
using Net.Pkcs11Interop.HighLevelAPI.MechanismParams;
using Pkcs11 = Net.Pkcs11Interop.HighLevelAPI.Pkcs11;
using Slot = Net.Pkcs11Interop.HighLevelAPI.Slot;
using ISession = Net.Pkcs11Interop.HighLevelAPI.Session;
using ObjectHandle = Net.Pkcs11Interop.HighLevelAPI.ObjectHandle;
using ObjectAttribute = Net.Pkcs11Interop.HighLevelAPI.ObjectAttribute;
using Mechanism = Net.Pkcs11Interop.HighLevelAPI.Mechanism;
using System.Collections.Concurrent;
using System.Formats.Asn1;
using System.Security.Cryptography;
using Microsoft.IdentityModel.Tokens;
namespace StellaOps.Cryptography.Kms;
internal interface IPkcs11Facade : IDisposable
public interface IPkcs11Facade : IDisposable
{
Task<Pkcs11KeyDescriptor> GetKeyAsync(CancellationToken cancellationToken);
@@ -16,12 +23,12 @@ internal interface IPkcs11Facade : IDisposable
Task<byte[]> SignDigestAsync(ReadOnlyMemory<byte> digest, CancellationToken cancellationToken);
}
internal sealed record Pkcs11KeyDescriptor(
public sealed record Pkcs11KeyDescriptor(
string KeyId,
string? Label,
DateTimeOffset CreatedAt);
internal sealed record Pkcs11PublicKeyMaterial(
public sealed record Pkcs11PublicKeyMaterial(
string KeyId,
string Curve,
byte[] Qx,
@@ -57,11 +64,11 @@ internal sealed class Pkcs11InteropFacade : IPkcs11Facade
throw new InvalidOperationException("PKCS#11 private key not found.");
}
var labelAttr = GetAttribute(session, privateHandle.Value, CKA.CKA_LABEL);
var labelAttr = GetAttribute(session, privateHandle, CKA.CKA_LABEL);
var label = labelAttr?.GetValueAsString();
return new Pkcs11KeyDescriptor(
KeyId: label ?? privateHandle.Value.ObjectId.ToString(),
KeyId: label ?? privateHandle.ObjectId.ToString(),
Label: label,
CreatedAt: DateTimeOffset.UtcNow);
}
@@ -76,9 +83,9 @@ internal sealed class Pkcs11InteropFacade : IPkcs11Facade
throw new InvalidOperationException("PKCS#11 public key not found.");
}
var pointAttr = GetAttribute(session, publicHandle.Value, CKA.CKA_EC_POINT)
var pointAttr = GetAttribute(session, publicHandle, CKA.CKA_EC_POINT)
?? throw new InvalidOperationException("Public key missing EC point.");
var paramsAttr = GetAttribute(session, publicHandle.Value, CKA.CKA_EC_PARAMS)
var paramsAttr = GetAttribute(session, publicHandle, CKA.CKA_EC_PARAMS)
?? throw new InvalidOperationException("Public key missing EC parameters.");
var ecPoint = ExtractEcPoint(pointAttr.GetValueAsByteArray());
@@ -92,8 +99,8 @@ internal sealed class Pkcs11InteropFacade : IPkcs11Facade
var qx = ecPoint.AsSpan(1, coordinateSize).ToArray();
var qy = ecPoint.AsSpan(1 + coordinateSize, coordinateSize).ToArray();
var keyId = GetAttribute(session, publicHandle.Value, CKA.CKA_LABEL)?.GetValueAsString()
?? publicHandle.Value.ObjectId.ToString();
var keyId = GetAttribute(session, publicHandle, CKA.CKA_LABEL)?.GetValueAsString()
?? publicHandle.ObjectId.ToString();
return new Pkcs11PublicKeyMaterial(
keyId,
@@ -110,7 +117,7 @@ internal sealed class Pkcs11InteropFacade : IPkcs11Facade
?? throw new InvalidOperationException("PKCS#11 private key not found.");
var mechanism = new Mechanism(_options.MechanismId);
return session.Sign(mechanism, privateHandle.Value, digest.ToArray());
return session.Sign(mechanism, privateHandle, digest.ToArray());
}
private async Task<SessionContext> OpenSessionAsync(CancellationToken cancellationToken)

1
src/__Libraries/StellaOps.Cryptography.Kms/Pkcs11KmsClient.cs
View File

@@ -1,6 +1,7 @@
using System.Collections.Concurrent;
using System.Collections.Immutable;
using System.Security.Cryptography;
using Microsoft.IdentityModel.Tokens;
namespace StellaOps.Cryptography.Kms;

2
src/__Libraries/StellaOps.Cryptography.Kms/Pkcs11Options.cs
View File

@@ -64,7 +64,7 @@ public sealed class Pkcs11Options
/// <summary>
/// Gets or sets an optional factory for advanced facade injection (testing, custom providers).
/// </summary>
internal Func<IServiceProvider, IPkcs11Facade>? FacadeFactory { get; set; }
public Func<IServiceProvider, IPkcs11Facade>? FacadeFactory { get; set; }
private static TimeSpan EnsurePositive(TimeSpan value, TimeSpan fallback)
=> value <= TimeSpan.Zero ? fallback : value;

2
src/__Libraries/StellaOps.Cryptography.Kms/StellaOps.Cryptography.Kms.csproj
View File

@@ -9,7 +9,7 @@
<PackageReference Include="Microsoft.Extensions.Options" Version="9.0.0" />
<PackageReference Include="AWSSDK.KeyManagementService" Version="4.0.6" />
<PackageReference Include="Google.Cloud.Kms.V1" Version="3.19.0" />
<PackageReference Include="Pkcs11Interop" Version="5.3.0" />
<PackageReference Include="Pkcs11Interop" Version="4.1.0" />
</ItemGroup>
<ItemGroup>
<ProjectReference Include="../StellaOps.Cryptography/StellaOps.Cryptography.csproj" />