Addressed comments from Levi

Author: ajaybhargavb

samples/NonDISample/Program.cs

@@ -5,6 +5,7 @@
 using System.IO;
 using System.Runtime.InteropServices;
 using Microsoft.AspNetCore.DataProtection;
+using Microsoft.AspNetCore.DataProtection.AuthenticatedEncryption.ConfigurationModel;
 
 namespace NonDISample
 {

src/Microsoft.AspNetCore.DataProtection/AuthenticatedEncryption/AuthenticatedEncryptorFactory.cs

@@ -2,6 +2,8 @@
 // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
 
 using System;
+using System.Security.Cryptography;
+using Microsoft.AspNetCore.Cryptography;
 using Microsoft.AspNetCore.Cryptography.Cng;
 using Microsoft.AspNetCore.DataProtection.AuthenticatedEncryption.ConfigurationModel;
 using Microsoft.AspNetCore.DataProtection.KeyManagement;
@@ -26,7 +28,7 @@ public IAuthenticatedEncryptor CreateEncryptorInstance(IKey key)
                 return null;
             }
 
-            return CreateAuthenticatedEncryptorInstance(descriptor.MasterKey, descriptor.Settings);
+            return CreateAuthenticatedEncryptorInstance(descriptor.MasterKey, descriptor.Configuration);
         }
 
         internal IAuthenticatedEncryptor CreateAuthenticatedEncryptorInstance(
@@ -38,7 +40,7 @@ internal IAuthenticatedEncryptor CreateAuthenticatedEncryptorInstance(
                 return null;
             }
 
-            if (authenticatedConfiguration.IsGcmAlgorithm())
+            if (IsGcmAlgorithm(authenticatedConfiguration.EncryptionAlgorithm))
             {
                 // GCM requires CNG, and CNG is only supported on Windows.
                 if (!OSVersionUtil.IsWindows())
@@ -48,8 +50,8 @@ internal IAuthenticatedEncryptor CreateAuthenticatedEncryptorInstance(
 
                 var configuration = new CngGcmAuthenticatedEncryptorConfiguration()
                 {
-                    EncryptionAlgorithm = authenticatedConfiguration.GetBCryptAlgorithmNameFromEncryptionAlgorithm(),
-                    EncryptionAlgorithmKeySize = authenticatedConfiguration.GetAlgorithmKeySizeInBits()
+                    EncryptionAlgorithm = GetBCryptAlgorithmNameFromEncryptionAlgorithm(authenticatedConfiguration.EncryptionAlgorithm),
+                    EncryptionAlgorithmKeySize = GetAlgorithmKeySizeInBits(authenticatedConfiguration.EncryptionAlgorithm)
                 };
 
                 return new CngGcmAuthenticatedEncryptorFactory(_loggerFactory).CreateAuthenticatedEncryptorInstance(secret, configuration);
@@ -61,9 +63,9 @@ internal IAuthenticatedEncryptor CreateAuthenticatedEncryptorInstance(
                     // CNG preferred over managed implementations if running on Windows
                     var configuration = new CngCbcAuthenticatedEncryptorConfiguration()
                     {
-                        EncryptionAlgorithm = authenticatedConfiguration.GetBCryptAlgorithmNameFromEncryptionAlgorithm(),
-                        EncryptionAlgorithmKeySize = authenticatedConfiguration.GetAlgorithmKeySizeInBits(),
-                        HashAlgorithm = authenticatedConfiguration.GetBCryptAlgorithmNameFromValidationAlgorithm()
+                        EncryptionAlgorithm = GetBCryptAlgorithmNameFromEncryptionAlgorithm(authenticatedConfiguration.EncryptionAlgorithm),
+                        EncryptionAlgorithmKeySize = GetAlgorithmKeySizeInBits(authenticatedConfiguration.EncryptionAlgorithm),
+                        HashAlgorithm = GetBCryptAlgorithmNameFromValidationAlgorithm(authenticatedConfiguration.ValidationAlgorithm)
                     };
 
                     return new CngCbcAuthenticatedEncryptorFactory(_loggerFactory).CreateAuthenticatedEncryptorInstance(secret, configuration);
@@ -73,14 +75,104 @@ internal IAuthenticatedEncryptor CreateAuthenticatedEncryptorInstance(
                     // Use managed implementations as a fallback
                     var configuration = new ManagedAuthenticatedEncryptorConfiguration()
                     {
-                        EncryptionAlgorithmType = authenticatedConfiguration.GetManagedTypeFromEncryptionAlgorithm(),
-                        EncryptionAlgorithmKeySize = authenticatedConfiguration.GetAlgorithmKeySizeInBits(),
-                        ValidationAlgorithmType = authenticatedConfiguration.GetManagedTypeFromValidationAlgorithm()
+                        EncryptionAlgorithmType = GetManagedTypeFromEncryptionAlgorithm(authenticatedConfiguration.EncryptionAlgorithm),
+                        EncryptionAlgorithmKeySize = GetAlgorithmKeySizeInBits(authenticatedConfiguration.EncryptionAlgorithm),
+                        ValidationAlgorithmType = GetManagedTypeFromValidationAlgorithm(authenticatedConfiguration.ValidationAlgorithm)
                     };
 
                     return new ManagedAuthenticatedEncryptorFactory(_loggerFactory).CreateAuthenticatedEncryptorInstance(secret, configuration);
                 }
             }
         }
+
+        internal static bool IsGcmAlgorithm(EncryptionAlgorithm algorithm)
+        {
+            return (EncryptionAlgorithm.AES_128_GCM <= algorithm && algorithm <= EncryptionAlgorithm.AES_256_GCM);
+        }
+
+        private static int GetAlgorithmKeySizeInBits(EncryptionAlgorithm algorithm)
+        {
+            switch (algorithm)
+            {
+                case EncryptionAlgorithm.AES_128_CBC:
+                case EncryptionAlgorithm.AES_128_GCM:
+                    return 128;
+
+                case EncryptionAlgorithm.AES_192_CBC:
+                case EncryptionAlgorithm.AES_192_GCM:
+                    return 192;
+
+                case EncryptionAlgorithm.AES_256_CBC:
+                case EncryptionAlgorithm.AES_256_GCM:
+                    return 256;
+
+                default:
+                    throw new ArgumentOutOfRangeException(nameof(EncryptionAlgorithm));
+            }
+        }
+
+        private static string GetBCryptAlgorithmNameFromEncryptionAlgorithm(EncryptionAlgorithm algorithm)
+        {
+            switch (algorithm)
+            {
+                case EncryptionAlgorithm.AES_128_CBC:
+                case EncryptionAlgorithm.AES_192_CBC:
+                case EncryptionAlgorithm.AES_256_CBC:
+                case EncryptionAlgorithm.AES_128_GCM:
+                case EncryptionAlgorithm.AES_192_GCM:
+                case EncryptionAlgorithm.AES_256_GCM:
+                    return Constants.BCRYPT_AES_ALGORITHM;
+
+                default:
+                    throw new ArgumentOutOfRangeException(nameof(EncryptionAlgorithm));
+            }
+        }
+
+        private static string GetBCryptAlgorithmNameFromValidationAlgorithm(ValidationAlgorithm algorithm)
+        {
+            switch (algorithm)
+            {
+                case ValidationAlgorithm.HMACSHA256:
+                    return Constants.BCRYPT_SHA256_ALGORITHM;
+
+                case ValidationAlgorithm.HMACSHA512:
+                    return Constants.BCRYPT_SHA512_ALGORITHM;
+
+                default:
+                    throw new ArgumentOutOfRangeException(nameof(ValidationAlgorithm));
+            }
+        }
+
+        private static Type GetManagedTypeFromEncryptionAlgorithm(EncryptionAlgorithm algorithm)
+        {
+            switch (algorithm)
+            {
+                case EncryptionAlgorithm.AES_128_CBC:
+                case EncryptionAlgorithm.AES_192_CBC:
+                case EncryptionAlgorithm.AES_256_CBC:
+                case EncryptionAlgorithm.AES_128_GCM:
+                case EncryptionAlgorithm.AES_192_GCM:
+                case EncryptionAlgorithm.AES_256_GCM:
+                    return typeof(Aes);
+
+                default:
+                    throw new ArgumentOutOfRangeException(nameof(EncryptionAlgorithm));
+            }
+        }
+
+        private static Type GetManagedTypeFromValidationAlgorithm(ValidationAlgorithm algorithm)
+        {
+            switch (algorithm)
+            {
+                case ValidationAlgorithm.HMACSHA256:
+                    return typeof(HMACSHA256);
+
+                case ValidationAlgorithm.HMACSHA512:
+                    return typeof(HMACSHA512);
+
+                default:
+                    throw new ArgumentOutOfRangeException(nameof(ValidationAlgorithm));
+            }
+        }
     }
 }

src/Microsoft.AspNetCore.DataProtection/AuthenticatedEncryption/CngCbcAuthenticatedEncryptorFactory.cs

@@ -29,7 +29,7 @@ public IAuthenticatedEncryptor CreateEncryptorInstance(IKey key)
                 return null;
             }
 
-            return CreateAuthenticatedEncryptorInstance(descriptor.MasterKey, descriptor.Settings);
+            return CreateAuthenticatedEncryptorInstance(descriptor.MasterKey, descriptor.Configuration);
         }
 
         internal CbcAuthenticatedEncryptor CreateAuthenticatedEncryptorInstance(

src/Microsoft.AspNetCore.DataProtection/AuthenticatedEncryption/CngGcmAuthenticatedEncryptorFactory.cs

@@ -29,7 +29,7 @@ public IAuthenticatedEncryptor CreateEncryptorInstance(IKey key)
                 return null;
             }
 
-            return CreateAuthenticatedEncryptorInstance(descriptor.MasterKey, descriptor.Settings);
+            return CreateAuthenticatedEncryptorInstance(descriptor.MasterKey, descriptor.Configuration);
         }
 
         internal GcmAuthenticatedEncryptor CreateAuthenticatedEncryptorInstance(

src/Microsoft.AspNetCore.DataProtection/AuthenticatedEncryption/ConfigurationModel/AlgorithmConfiguration.cs

@@ -1,7 +1,7 @@
 // Copyright (c) .NET Foundation. All rights reserved.
 // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
 
-using System.Xml.Linq;
+using System;
 
 namespace Microsoft.AspNetCore.DataProtection.AuthenticatedEncryption.ConfigurationModel
 {
@@ -16,20 +16,5 @@ public abstract class AlgorithmConfiguration
         /// </summary>
         /// <returns>A unique <see cref="IAuthenticatedEncryptorDescriptor"/>.</returns>
         public abstract IAuthenticatedEncryptorDescriptor CreateNewDescriptor();
-
-        /// <summary>
-        /// Creates a new <see cref="IAuthenticatedEncryptorDescriptor"/> instance from this configuration
-        /// fiven specific secret key material.
-        /// </summary>
-        /// <remarks>
-        /// This type is not public because we don't want to lock ourselves into a contract stating
-        /// that a descriptor is simply a configuration plus a single serializable, reproducible secret.
-        /// </remarks>
-        internal abstract IAuthenticatedEncryptorDescriptor CreateDescriptorFromSecret(ISecret secret);
-
-        /// <summary>
-        /// Performs a self-test of the algorithm specified by the configuration object.
-        /// </summary>
-        internal abstract void Validate();
     }
 }

src/Microsoft.AspNetCore.DataProtection/AuthenticatedEncryption/ConfigurationModel/AuthenticatedEncryptorConfiguration.cs

@@ -10,7 +10,7 @@ namespace Microsoft.AspNetCore.DataProtection.AuthenticatedEncryption.Configurat
     /// <summary>
     /// Represents a generalized authenticated encryption mechanism.
     /// </summary>
-    public sealed class AuthenticatedEncryptorConfiguration : AlgorithmConfiguration
+    public sealed class AuthenticatedEncryptorConfiguration : AlgorithmConfiguration, IInternalAlgorithmConfiguration
     {
         /// <summary>
         /// The algorithm to use for symmetric encryption (confidentiality).
@@ -31,15 +31,16 @@ public sealed class AuthenticatedEncryptorConfiguration : AlgorithmConfiguration
 
         public override IAuthenticatedEncryptorDescriptor CreateNewDescriptor()
         {
-            return CreateDescriptorFromSecret(Secret.Random(KDK_SIZE_IN_BYTES));
+            var internalConfiguration = (IInternalAlgorithmConfiguration)this;
+            return internalConfiguration.CreateDescriptorFromSecret(Secret.Random(KDK_SIZE_IN_BYTES));
         }
 
-        internal override IAuthenticatedEncryptorDescriptor CreateDescriptorFromSecret(ISecret secret)
+        IAuthenticatedEncryptorDescriptor IInternalAlgorithmConfiguration.CreateDescriptorFromSecret(ISecret secret)
         {
             return new AuthenticatedEncryptorDescriptor(this, secret);
         }
 
-        internal override void Validate()
+        void IInternalAlgorithmConfiguration.Validate()
         {
             var factory = new AuthenticatedEncryptorFactory(DataProtectionProviderFactory.GetDefaultLoggerFactory());
             // Run a sample payload through an encrypt -> decrypt operation to make sure data round-trips properly.
@@ -53,95 +54,5 @@ internal override void Validate()
                 (encryptor as IDisposable)?.Dispose();
             }
         }
-
-        public bool IsGcmAlgorithm()
-        {
-            return (EncryptionAlgorithm.AES_128_GCM <= EncryptionAlgorithm && EncryptionAlgorithm <= EncryptionAlgorithm.AES_256_GCM);
-        }
-
-        public int GetAlgorithmKeySizeInBits()
-        {
-            switch (EncryptionAlgorithm)
-            {
-                case EncryptionAlgorithm.AES_128_CBC:
-                case EncryptionAlgorithm.AES_128_GCM:
-                    return 128;
-
-                case EncryptionAlgorithm.AES_192_CBC:
-                case EncryptionAlgorithm.AES_192_GCM:
-                    return 192;
-
-                case EncryptionAlgorithm.AES_256_CBC:
-                case EncryptionAlgorithm.AES_256_GCM:
-                    return 256;
-
-                default:
-                    throw new ArgumentOutOfRangeException(nameof(EncryptionAlgorithm));
-            }
-        }
-
-        public string GetBCryptAlgorithmNameFromEncryptionAlgorithm()
-        {
-            switch (EncryptionAlgorithm)
-            {
-                case EncryptionAlgorithm.AES_128_CBC:
-                case EncryptionAlgorithm.AES_192_CBC:
-                case EncryptionAlgorithm.AES_256_CBC:
-                case EncryptionAlgorithm.AES_128_GCM:
-                case EncryptionAlgorithm.AES_192_GCM:
-                case EncryptionAlgorithm.AES_256_GCM:
-                    return Constants.BCRYPT_AES_ALGORITHM;
-
-                default:
-                    throw new ArgumentOutOfRangeException(nameof(EncryptionAlgorithm));
-            }
-        }
-
-        public string GetBCryptAlgorithmNameFromValidationAlgorithm()
-        {
-            switch (ValidationAlgorithm)
-            {
-                case ValidationAlgorithm.HMACSHA256:
-                    return Constants.BCRYPT_SHA256_ALGORITHM;
-
-                case ValidationAlgorithm.HMACSHA512:
-                    return Constants.BCRYPT_SHA512_ALGORITHM;
-
-                default:
-                    throw new ArgumentOutOfRangeException(nameof(ValidationAlgorithm));
-            }
-        }
-
-        public Type GetManagedTypeFromEncryptionAlgorithm()
-        {
-            switch (EncryptionAlgorithm)
-            {
-                case EncryptionAlgorithm.AES_128_CBC:
-                case EncryptionAlgorithm.AES_192_CBC:
-                case EncryptionAlgorithm.AES_256_CBC:
-                case EncryptionAlgorithm.AES_128_GCM:
-                case EncryptionAlgorithm.AES_192_GCM:
-                case EncryptionAlgorithm.AES_256_GCM:
-                    return typeof(Aes);
-
-                default:
-                    throw new ArgumentOutOfRangeException(nameof(EncryptionAlgorithm));
-            }
-        }
-
-        public Type GetManagedTypeFromValidationAlgorithm()
-        {
-            switch (ValidationAlgorithm)
-            {
-                case ValidationAlgorithm.HMACSHA256:
-                    return typeof(HMACSHA256);
-
-                case ValidationAlgorithm.HMACSHA512:
-                    return typeof(HMACSHA512);
-
-                default:
-                    throw new ArgumentOutOfRangeException(nameof(ValidationAlgorithm));
-            }
-        }
     }
 }

src/Microsoft.AspNetCore.DataProtection/AuthenticatedEncryption/ConfigurationModel/AuthenticatedEncryptorDescriptor.cs

@@ -12,25 +12,25 @@ namespace Microsoft.AspNetCore.DataProtection.AuthenticatedEncryption.Configurat
     /// </summary>
     public sealed class AuthenticatedEncryptorDescriptor : IAuthenticatedEncryptorDescriptor
     {
-        public AuthenticatedEncryptorDescriptor(AuthenticatedEncryptorConfiguration settings, ISecret masterKey)
+        public AuthenticatedEncryptorDescriptor(AuthenticatedEncryptorConfiguration configuration, ISecret masterKey)
         {
-            if (settings == null)
+            if (configuration == null)
             {
-                throw new ArgumentNullException(nameof(settings));
+                throw new ArgumentNullException(nameof(configuration));
             }
 
             if (masterKey == null)
             {
                 throw new ArgumentNullException(nameof(masterKey));
             }
 
-            Settings = settings;
+            Configuration = configuration;
             MasterKey = masterKey;
         }
 
         internal ISecret MasterKey { get; }
 
-        internal AuthenticatedEncryptorConfiguration Settings { get; }
+        internal AuthenticatedEncryptorConfiguration Configuration { get; }
 
         public XmlSerializedDescriptorInfo ExportToXml()
         {
@@ -41,12 +41,12 @@ public XmlSerializedDescriptorInfo ExportToXml()
             // </descriptor>
 
             var encryptionElement = new XElement("encryption",
-                new XAttribute("algorithm", Settings.EncryptionAlgorithm));
+                new XAttribute("algorithm", Configuration.EncryptionAlgorithm));
 
-            var validationElement = (Settings.IsGcmAlgorithm())
+            var validationElement = (AuthenticatedEncryptorFactory.IsGcmAlgorithm(Configuration.EncryptionAlgorithm))
                 ? (object)new XComment(" AES-GCM includes a 128-bit authentication tag, no extra validation algorithm required. ")
                 : (object)new XElement("validation",
-                    new XAttribute("algorithm", Settings.ValidationAlgorithm));
+                    new XAttribute("algorithm", Configuration.ValidationAlgorithm));
 
             var outerElement = new XElement("descriptor",
                 encryptionElement,