git.stella-ops.org/src/__Libraries/StellaOps.Cryptography.DependencyInjection/CryptoProviderRegistryOptions.cs

using System;
using System.Collections.Generic;
using System.Collections.ObjectModel;
using System.Linq;

namespace StellaOps.Cryptography.DependencyInjection;

/// <summary>
/// Options controlling crypto provider registry ordering and selection.
/// </summary>
public sealed class CryptoProviderRegistryOptions
{
    private readonly Dictionary<string, CryptoProviderProfileOptions> profiles =
        new(StringComparer.OrdinalIgnoreCase);

    /// <summary>
    /// Registry configuration factory that aligns with the 2025-11-18 sovereign crypto decision.
    /// </summary>
    public static CryptoProviderRegistryOptions SovereignDefault()
    {
        var options = new CryptoProviderRegistryOptions
        {
            ActiveProfile = "ru-offline"
        };

        options.PreferredProviders.Add("default");
        options.PreferredProviders.Add("ru.openssl.gost");
        options.PreferredProviders.Add("ru.pkcs11");

        var ruOffline = new CryptoProviderProfileOptions();
        ruOffline.PreferredProviders.Add("ru.cryptopro.csp");
        ruOffline.PreferredProviders.Add("ru.openssl.gost");
        ruOffline.PreferredProviders.Add("ru.pkcs11");
        options.Profiles["ru-offline"] = ruOffline;

        return options;
    }

    /// <summary>
    /// Ordered list of preferred provider names. Providers appearing here are consulted first.
    /// </summary>
    public IList<string> PreferredProviders { get; } = new List<string>();

    /// <summary>
    /// Active profile name (e.g. "ru-offline") that overrides <see cref="PreferredProviders"/>.
    /// </summary>
    public string ActiveProfile { get; set; } = "default";

    /// <summary>
    /// Regional or environment-specific provider preference profiles.
    /// </summary>
    public IDictionary<string, CryptoProviderProfileOptions> Profiles => profiles;

    public IReadOnlyList<string> ResolvePreferredProviders()
    {
        static IReadOnlyList<string> Normalise(IEnumerable<string> items)
            => new ReadOnlyCollection<string>(
                items.Where(static value => !string.IsNullOrWhiteSpace(value))
                     .Select(static value => value.Trim())
                     .ToArray());

        if (!string.IsNullOrWhiteSpace(ActiveProfile) &&
            profiles.TryGetValue(ActiveProfile, out var profile) &&
            profile.PreferredProviders.Count > 0)
        {
            return Normalise(profile.PreferredProviders);
        }

        if (PreferredProviders.Count > 0)
        {
            return Normalise(PreferredProviders);
        }

        return Array.Empty<string>();
    }
}