34 lines
1.3 KiB
C#
34 lines
1.3 KiB
C#
using System;
|
|
using System.Security.Cryptography;
|
|
namespace EonaCat.SecretVault.Helpers
|
|
{
|
|
public static class TenantKeyProtector
|
|
{
|
|
public static string EncryptTenantKey(string base64Key, string rootKeyBase64)
|
|
{
|
|
var key = Convert.FromBase64String(rootKeyBase64);
|
|
using var aes = Aes.Create();
|
|
aes.Key = key;
|
|
aes.GenerateIV();
|
|
var encryptor = aes.CreateEncryptor();
|
|
var encrypted = encryptor.TransformFinalBlock(Convert.FromBase64String(base64Key), 0, 32);
|
|
return $"{Convert.ToBase64String(aes.IV)}.{Convert.ToBase64String(encrypted)}";
|
|
}
|
|
|
|
public static string DecryptTenantKey(string encryptedPayload, string rootKeyBase64)
|
|
{
|
|
var key = Convert.FromBase64String(rootKeyBase64);
|
|
var parts = encryptedPayload.Split('.');
|
|
var iv = Convert.FromBase64String(parts[0]);
|
|
var encrypted = Convert.FromBase64String(parts[1]);
|
|
using var aes = Aes.Create();
|
|
aes.Key = key;
|
|
aes.IV = iv;
|
|
var decryptor = aes.CreateDecryptor();
|
|
var decrypted = decryptor.TransformFinalBlock(encrypted, 0, encrypted.Length);
|
|
return Convert.ToBase64String(decrypted);
|
|
}
|
|
}
|
|
|
|
}
|