aspnet
diff --git a/‎src/Microsoft.AspNet.DataProtection/AuthenticatedEncryption/CngCbcAuthenticatedEncryptionOptions.cs
Lines changed: 2 additions & 9 deletions b/‎src/Microsoft.AspNet.DataProtection/AuthenticatedEncryption/CngCbcAuthenticatedEncryptionOptions.cs
Lines changed: 2 additions & 9 deletions
diff --git a/‎src/Microsoft.AspNet.DataProtection/AuthenticatedEncryption/CngGcmAuthenticatedEncryptionOptions.cs
Lines changed: 1 addition & 5 deletions b/‎src/Microsoft.AspNet.DataProtection/AuthenticatedEncryption/CngGcmAuthenticatedEncryptionOptions.cs
Lines changed: 1 addition & 5 deletions
diff --git a/‎src/Microsoft.AspNet.DataProtection/AuthenticatedEncryption/ManagedAuthenticatedEncryptionOptions.cs
Lines changed: 2 additions & 9 deletions b/‎src/Microsoft.AspNet.DataProtection/AuthenticatedEncryption/ManagedAuthenticatedEncryptionOptions.cs
Lines changed: 2 additions & 9 deletions
diff --git a/‎src/Microsoft.AspNet.DataProtection/EphemeralDataProtectionProvider.cs
Lines changed: 1 addition & 4 deletions b/‎src/Microsoft.AspNet.DataProtection/EphemeralDataProtectionProvider.cs
Lines changed: 1 addition & 4 deletions
diff --git a/‎src/Microsoft.AspNet.DataProtection/KeyManagement/DefaultKeyResolver.cs
Lines changed: 6 additions & 18 deletions b/‎src/Microsoft.AspNet.DataProtection/KeyManagement/DefaultKeyResolver.cs
Lines changed: 6 additions & 18 deletions
diff --git a/‎src/Microsoft.AspNet.DataProtection/KeyManagement/KeyRingBasedDataProtector.cs
Lines changed: 5 additions & 14 deletions b/‎src/Microsoft.AspNet.DataProtection/KeyManagement/KeyRingBasedDataProtector.cs
Lines changed: 5 additions & 14 deletions
diff --git a/‎src/Microsoft.AspNet.DataProtection/KeyManagement/KeyRingProvider.cs
Lines changed: 12 additions & 27 deletions b/‎src/Microsoft.AspNet.DataProtection/KeyManagement/KeyRingProvider.cs
Lines changed: 12 additions & 27 deletions
@@ -111,11 +111,7 @@ private BCryptAlgorithmHandle GetHmacAlgorithmHandle(ILogger logger)
                 throw Error.Common_PropertyCannotBeNullOrEmpty(nameof(HashAlgorithm));
             }
 
-            if (logger.IsVerboseLevelEnabled())
-            {
-                logger.LogVerboseF($"Opening CNG algorithm '{HashAlgorithm}' from provider '{HashAlgorithmProvider}' with HMAC.");
-            }
-
+            logger.OpeningCNGAlgorithmFromProviderWithHMAC(HashAlgorithm, HashAlgorithmProvider);
             BCryptAlgorithmHandle algorithmHandle = null;
 
             // Special-case cached providers
@@ -152,10 +148,7 @@ private BCryptAlgorithmHandle GetSymmetricBlockCipherAlgorithmHandle(ILogger log
                 throw Error.Common_PropertyMustBeNonNegative(nameof(EncryptionAlgorithmKeySize));
             }
 
-            if (logger.IsVerboseLevelEnabled())
-            {
-                logger.LogVerboseF($"Opening CNG algorithm '{EncryptionAlgorithm}' from provider '{EncryptionAlgorithmProvider}' with chaining mode CBC.");
-            }
+            logger.OpeningCNGAlgorithmFromProviderWithChainingModeCBC(EncryptionAlgorithm, EncryptionAlgorithmProvider);
 
             BCryptAlgorithmHandle algorithmHandle = null;
 
 
@@ -92,11 +92,7 @@ private BCryptAlgorithmHandle GetSymmetricBlockCipherAlgorithmHandle(ILogger log
 
             BCryptAlgorithmHandle algorithmHandle = null;
 
-            if (logger.IsVerboseLevelEnabled())
-            {
-                logger.LogVerboseF($"Opening CNG algorithm '{EncryptionAlgorithm}' from provider '{EncryptionAlgorithmProvider}' with chaining mode GCM.");
-            }
-
+            logger.OpeningCNGAlgorithmFromProviderWithChainingModeGCM(EncryptionAlgorithm, EncryptionAlgorithmProvider);
             // Special-case cached providers
             if (EncryptionAlgorithmProvider == null)
             {
 
@@ -86,11 +86,7 @@ private Func<KeyedHashAlgorithm> GetKeyedHashAlgorithmFactory(ILogger logger)
                 throw Error.Common_PropertyCannotBeNullOrEmpty(nameof(ValidationAlgorithmType));
             }
 
-            if (logger.IsVerboseLevelEnabled())
-            {
-                logger.LogVerboseF($"Using managed keyed hash algorithm '{ValidationAlgorithmType.FullName}'.");
-            }
-
+            logger.UsingManagedKeyedHashAlgorithm(ValidationAlgorithmType.FullName);
             if (ValidationAlgorithmType == typeof(HMACSHA256))
             {
                 return () => new HMACSHA256();
@@ -118,10 +114,7 @@ private Func<SymmetricAlgorithm> GetSymmetricBlockCipherAlgorithmFactory(ILogger
                 throw Error.Common_PropertyMustBeNonNegative(nameof(EncryptionAlgorithmKeySize));
             }
 
-            if (logger.IsVerboseLevelEnabled())
-            {
-                logger.LogVerboseF($"Using managed symmetric algorithm '{EncryptionAlgorithmType.FullName}'.");
-            }
+            logger.UsingManagedSymmetricAlgorithm(EncryptionAlgorithmType.FullName);
 
             if (EncryptionAlgorithmType == typeof(Aes))
             {
 
@@ -48,10 +48,7 @@ public EphemeralDataProtectionProvider(IServiceProvider services)
             }
 
             var logger = services.GetLogger<EphemeralDataProtectionProvider>();
-            if (logger.IsWarningLevelEnabled())
-            {
-                logger.LogWarning("Using ephemeral data protection provider. Payloads will be undecipherable upon application shutdown.");
-            }
+            logger.UsingEphemeralDataProtectionProvider();
 
             _dataProtectionProvider = new KeyRingBasedDataProtectionProvider(keyringProvider, services);
         }
 
@@ -54,10 +54,7 @@ private bool CanCreateAuthenticatedEncryptor(IKey key)
             }
             catch (Exception ex)
             {
-                if (_logger.IsWarningLevelEnabled())
-                {
-                    _logger.LogWarningF(ex, $"Key {key.KeyId:B} is ineligible to be the default key because its {nameof(IKey.CreateEncryptorInstance)} method failed.");
-                }
+                _logger.KeyIsIneligibleToBeTheDefaultKeyBecauseItsMethodFailed(key.KeyId, nameof(IKey.CreateEncryptorInstance), ex);
                 return false;
             }
         }
@@ -72,18 +69,12 @@ private IKey FindDefaultKey(DateTimeOffset now, IEnumerable<IKey> allKeys, out I
 
             if (preferredDefaultKey != null)
             {
-                if (_logger.IsVerboseLevelEnabled())
-                {
-                    _logger.LogVerboseF($"Considering key {preferredDefaultKey.KeyId:B} with expiration date {preferredDefaultKey.ExpirationDate:u} as default key.");
-                }
+                _logger.ConsideringKeyWithExpirationDateAsDefaultKey(preferredDefaultKey.KeyId, preferredDefaultKey.ExpirationDate);
 
                 // if the key has been revoked or is expired, it is no longer a candidate
                 if (preferredDefaultKey.IsRevoked || preferredDefaultKey.IsExpired(now) || !CanCreateAuthenticatedEncryptor(preferredDefaultKey))
                 {
-                    if (_logger.IsVerboseLevelEnabled())
-                    {
-                        _logger.LogVerboseF($"Key {preferredDefaultKey.KeyId:B} is no longer under consideration as default key because it is expired, revoked, or cannot be deciphered.");
-                    }
+                    _logger.KeyIsNoLongerUnderConsiderationAsDefault(preferredDefaultKey.KeyId);
                     preferredDefaultKey = null;
                 }
             }
@@ -104,9 +95,9 @@ private IKey FindDefaultKey(DateTimeOffset now, IEnumerable<IKey> allKeys, out I
                    && !key.IsExpired(now + _keyPropagationWindow)
                    && !key.IsRevoked);
 
-                if (callerShouldGenerateNewKey && _logger.IsVerboseLevelEnabled())
+                if (callerShouldGenerateNewKey)
                 {
-                    _logger.LogVerbose("Default key expiration imminent and repository contains no viable successor. Caller should generate a successor.");
+                    _logger.DefaultKeyExpirationImminentAndRepository();
                 }
 
                 fallbackKey = null;
@@ -127,10 +118,7 @@ orderby key.CreationDate ascending
                            where !key.IsRevoked && CanCreateAuthenticatedEncryptor(key)
                            select key).FirstOrDefault();
 
-            if (_logger.IsVerboseLevelEnabled())
-            {
-                _logger.LogVerbose("Repository contains no viable default key. Caller should generate a key with immediate activation.");
-            }
+            _logger.RepositoryContainsNoViableDefaultKey();
 
             callerShouldGenerateNewKey = true;
             return null;
 
@@ -111,7 +111,7 @@ public byte[] Protect(byte[] plaintext)
 
                 if (_logger.IsDebugLevelEnabled())
                 {
-                    _logger.LogDebugF($"Performing protect operation to key {defaultKeyId:B} with purposes {JoinPurposesForLog(Purposes)}.");
+                    _logger.PerformingProtectOperationToKeyWithPurposes(defaultKeyId, JoinPurposesForLog(Purposes));
                 }
 
                 // We'll need to apply the default key id to the template if it hasn't already been applied.
@@ -236,7 +236,7 @@ private byte[] UnprotectCore(byte[] protectedData, bool allowOperationsOnRevoked
 
                 if (_logger.IsDebugLevelEnabled())
                 {
-                    _logger.LogDebugF($"Performing unprotect operation to key {keyIdFromPayload:B} with purposes {JoinPurposesForLog(Purposes)}.");
+                    _logger.PerformingUnprotectOperationToKeyWithPurposes(keyIdFromPayload, JoinPurposesForLog(Purposes));
                 }
 
                 // Find the correct encryptor in the keyring.
@@ -245,10 +245,7 @@ private byte[] UnprotectCore(byte[] protectedData, bool allowOperationsOnRevoked
                 var requestedEncryptor = currentKeyRing.GetAuthenticatedEncryptorByKeyId(keyIdFromPayload, out keyWasRevoked);
                 if (requestedEncryptor == null)
                 {
-                    if (_logger.IsDebugLevelEnabled())
-                    {
-                        _logger.LogDebugF($"Key {keyIdFromPayload:B} was not found in the key ring. Unprotect operation cannot proceed.");
-                    }
+                    _logger.KeyWasNotFoundInTheKeyRingUnprotectOperationCannotProceed(keyIdFromPayload);
                     throw Error.Common_KeyNotFound(keyIdFromPayload);
                 }
 
@@ -264,18 +261,12 @@ private byte[] UnprotectCore(byte[] protectedData, bool allowOperationsOnRevoked
                 {
                     if (allowOperationsOnRevokedKeys)
                     {
-                        if (_logger.IsVerboseLevelEnabled())
-                        {
-                            _logger.LogVerboseF($"Key {keyIdFromPayload:B} was revoked. Caller requested unprotect operation proceed regardless.");
-                        }
+                        _logger.KeyWasRevokedCallerRequestedUnprotectOperationProceedRegardless(keyIdFromPayload);
                         status = UnprotectStatus.DecryptionKeyWasRevoked;
                     }
                     else
                     {
-                        if (_logger.IsVerboseLevelEnabled())
-                        {
-                            _logger.LogVerboseF($"Key {keyIdFromPayload:B} was revoked. Unprotect operation cannot proceed.");
-                        }
+                        _logger.KeyWasRevokedUnprotectOperationCannotProceed(keyIdFromPayload);
                         throw Error.Common_KeyRevoked(keyIdFromPayload);
                     }
                 }
 
@@ -45,10 +45,7 @@ private CacheableKeyRing CreateCacheableKeyRingCore(DateTimeOffset now, IKey key
                 return CreateCacheableKeyRingCoreStep2(now, cacheExpirationToken, defaultKeyPolicy.DefaultKey, allKeys);
             }
 
-            if (_logger.IsVerboseLevelEnabled())
-            {
-                _logger.LogVerbose("Policy resolution states that a new key should be added to the key ring.");
-            }
+            _logger.PolicyResolutionStatesThatANewKeyShouldBeAddedToTheKeyRing();
 
             // We shouldn't call CreateKey more than once, else we risk stack diving. This code path shouldn't
             // get hit unless there was an ineligible key with an activation date slightly later than the one we
@@ -69,18 +66,12 @@ private CacheableKeyRing CreateCacheableKeyRingCore(DateTimeOffset now, IKey key
                 var keyToUse = defaultKeyPolicy.DefaultKey ?? defaultKeyPolicy.FallbackKey;
                 if (keyToUse == null)
                 {
-                    if (_logger.IsErrorLevelEnabled())
-                    {
-                        _logger.LogError("The key ring does not contain a valid default key, and the key manager is configured with auto-generation of keys disabled.");
-                    }
+                    _logger.KeyRingDoesNotContainValidDefaultKey();
                     throw new InvalidOperationException(Resources.KeyRingProvider_NoDefaultKey_AutoGenerateDisabled);
                 }
                 else
                 {
-                    if (_logger.IsWarningLevelEnabled())
-                    {
-                        _logger.LogWarningF($"Policy resolution states that a new key should be added to the key ring, but automatic generation of keys is disabled. Using fallback key {keyToUse.KeyId:B} with expiration {keyToUse.ExpirationDate:u} as default key.");
-                    }
+                    _logger.UsingFallbackKeyWithExpirationAsDefaultKey(keyToUse.KeyId, keyToUse.ExpirationDate);
                     return CreateCacheableKeyRingCoreStep2(now, cacheExpirationToken, keyToUse, allKeys);
                 }
             }
@@ -109,10 +100,7 @@ private CacheableKeyRing CreateCacheableKeyRingCoreStep2(DateTimeOffset now, Can
             // Invariant: our caller ensures that CreateEncryptorInstance succeeded at least once
             Debug.Assert(defaultKey.CreateEncryptorInstance() != null);
 
-            if (_logger.IsVerboseLevelEnabled())
-            {
-                _logger.LogVerboseF($"Using key {defaultKey.KeyId:B} as the default key.");
-            }
+            _logger.UsingKeyAsDefaultKey(defaultKey.KeyId);
 
             DateTimeOffset nextAutoRefreshTime = now + GetRefreshPeriodWithJitter(_keyManagementOptions.KeyRingRefreshPeriod);
 
@@ -165,9 +153,9 @@ internal IKeyRing GetCurrentKeyRingCore(DateTime utcNow)
                         return existingCacheableKeyRing.KeyRing;
                     }
 
-                    if (existingCacheableKeyRing != null && _logger.IsVerboseLevelEnabled())
+                    if (existingCacheableKeyRing != null)
                     {
-                        _logger.LogVerbose("Existing cached key ring is expired. Refreshing.");
+                        _logger.ExistingCachedKeyRingIsExpired();
                     }
 
                     // It's up to us to refresh the cached keyring.
@@ -180,16 +168,13 @@ internal IKeyRing GetCurrentKeyRingCore(DateTime utcNow)
                     }
                     catch (Exception ex)
                     {
-                        if (_logger.IsErrorLevelEnabled())
+                        if (existingCacheableKeyRing != null)
+                        {
+                            _logger.ErrorOccurredWhileRefreshingKeyRing(ex);
+                        }
+                        else
                         {
-                            if (existingCacheableKeyRing != null)
-                            {
-                                _logger.LogError(ex, "An error occurred while refreshing the key ring. Will try again in 2 minutes.");
-                            }
-                            else
-                            {
-                                _logger.LogError(ex, "An error occurred while reading the key ring.");
-                            }
+                            _logger.ErrorOccurredWhileReadingKeyRing(ex);
                         }
 
                         // Failures that occur while refreshing the keyring are most likely transient, perhaps due to a
Original file line number	Diff line number	Diff line change
`@@ -86,11 +86,7 @@ private Func<KeyedHashAlgorithm> GetKeyedHashAlgorithmFactory(ILogger logger)`
`86`	`86`	`throw Error.Common_PropertyCannotBeNullOrEmpty(nameof(ValidationAlgorithmType));`
`87`	`87`	`}`
`88`	`88`
`89`		`- if (logger.IsVerboseLevelEnabled())`
`90`		`- {`
`91`		`- logger.LogVerboseF($"Using managed keyed hash algorithm '{ValidationAlgorithmType.FullName}'.");`
`92`		`- }`
`93`		`-`
	`89`	`+ logger.UsingManagedKeyedHashAlgorithm(ValidationAlgorithmType.FullName);`
`94`	`90`	`if (ValidationAlgorithmType == typeof(HMACSHA256))`
`95`	`91`	`{`
`96`	`92`	`return () => new HMACSHA256();`
`@@ -118,10 +114,7 @@ private Func<SymmetricAlgorithm> GetSymmetricBlockCipherAlgorithmFactory(ILogger`
`118`	`114`	`throw Error.Common_PropertyMustBeNonNegative(nameof(EncryptionAlgorithmKeySize));`
`119`	`115`	`}`
`120`	`116`
`121`		`- if (logger.IsVerboseLevelEnabled())`
`122`		`- {`
`123`		`- logger.LogVerboseF($"Using managed symmetric algorithm '{EncryptionAlgorithmType.FullName}'.");`
`124`		`- }`
	`117`	`+ logger.UsingManagedSymmetricAlgorithm(EncryptionAlgorithmType.FullName);`
`125`	`118`
`126`	`119`	`if (EncryptionAlgorithmType == typeof(Aes))`
`127`	`120`	`{`
Original file line number	Diff line number	Diff line change
`@@ -48,10 +48,7 @@ public EphemeralDataProtectionProvider(IServiceProvider services)`
`48`	`48`	`}`
`49`	`49`
`50`	`50`	`var logger = services.GetLogger<EphemeralDataProtectionProvider>();`
`51`		`- if (logger.IsWarningLevelEnabled())`
`52`		`- {`
`53`		`- logger.LogWarning("Using ephemeral data protection provider. Payloads will be undecipherable upon application shutdown.");`
`54`		`- }`
	`51`	`+ logger.UsingEphemeralDataProtectionProvider();`
`55`	`52`
`56`	`53`	`_dataProtectionProvider = new KeyRingBasedDataProtectionProvider(keyringProvider, services);`
`57`	`54`	`}`
Original file line number	Diff line number	Diff line change
`@@ -54,10 +54,7 @@ private bool CanCreateAuthenticatedEncryptor(IKey key)`
`54`	`54`	`}`
`55`	`55`	`catch (Exception ex)`
`56`	`56`	`{`
`57`		`- if (_logger.IsWarningLevelEnabled())`
`58`		`- {`
`59`		`- _logger.LogWarningF(ex, $"Key {key.KeyId:B} is ineligible to be the default key because its {nameof(IKey.CreateEncryptorInstance)} method failed.");`
`60`		`- }`
	`57`	`+ _logger.KeyIsIneligibleToBeTheDefaultKeyBecauseItsMethodFailed(key.KeyId, nameof(IKey.CreateEncryptorInstance), ex);`
`61`	`58`	`return false;`
`62`	`59`	`}`
`63`	`60`	`}`
`@@ -72,18 +69,12 @@ private IKey FindDefaultKey(DateTimeOffset now, IEnumerable<IKey> allKeys, out I`
`72`	`69`
`73`	`70`	`if (preferredDefaultKey != null)`
`74`	`71`	`{`
`75`		`- if (_logger.IsVerboseLevelEnabled())`
`76`		`- {`
`77`		`- _logger.LogVerboseF($"Considering key {preferredDefaultKey.KeyId:B} with expiration date {preferredDefaultKey.ExpirationDate:u} as default key.");`
`78`		`- }`
	`72`	`+ _logger.ConsideringKeyWithExpirationDateAsDefaultKey(preferredDefaultKey.KeyId, preferredDefaultKey.ExpirationDate);`
`79`	`73`
`80`	`74`	`// if the key has been revoked or is expired, it is no longer a candidate`
`81`	`75`	`if (preferredDefaultKey.IsRevoked \|\| preferredDefaultKey.IsExpired(now) \|\| !CanCreateAuthenticatedEncryptor(preferredDefaultKey))`
`82`	`76`	`{`
`83`		`- if (_logger.IsVerboseLevelEnabled())`
`84`		`- {`
`85`		`- _logger.LogVerboseF($"Key {preferredDefaultKey.KeyId:B} is no longer under consideration as default key because it is expired, revoked, or cannot be deciphered.");`
`86`		`- }`
	`77`	`+ _logger.KeyIsNoLongerUnderConsiderationAsDefault(preferredDefaultKey.KeyId);`
`87`	`78`	`preferredDefaultKey = null;`
`88`	`79`	`}`
`89`	`80`	`}`
`@@ -104,9 +95,9 @@ private IKey FindDefaultKey(DateTimeOffset now, IEnumerable<IKey> allKeys, out I`
`104`	`95`	`&& !key.IsExpired(now + _keyPropagationWindow)`
`105`	`96`	`&& !key.IsRevoked);`
`106`	`97`
`107`		`- if (callerShouldGenerateNewKey && _logger.IsVerboseLevelEnabled())`
	`98`	`+ if (callerShouldGenerateNewKey)`
`108`	`99`	`{`
`109`		`- _logger.LogVerbose("Default key expiration imminent and repository contains no viable successor. Caller should generate a successor.");`
	`100`	`+ _logger.DefaultKeyExpirationImminentAndRepository();`
`110`	`101`	`}`
`111`	`102`
`112`	`103`	`fallbackKey = null;`
`@@ -127,10 +118,7 @@ orderby key.CreationDate ascending`
`127`	`118`	`where !key.IsRevoked && CanCreateAuthenticatedEncryptor(key)`
`128`	`119`	`select key).FirstOrDefault();`
`129`	`120`
`130`		`- if (_logger.IsVerboseLevelEnabled())`
`131`		`- {`
`132`		`- _logger.LogVerbose("Repository contains no viable default key. Caller should generate a key with immediate activation.");`
`133`		`- }`
	`121`	`+ _logger.RepositoryContainsNoViableDefaultKey();`
`134`	`122`
`135`	`123`	`callerShouldGenerateNewKey = true;`
`136`	`124`	`return null;`
Original file line number	Diff line number	Diff line change
`@@ -111,7 +111,7 @@ public byte[] Protect(byte[] plaintext)`
`111`	`111`
`112`	`112`	`if (_logger.IsDebugLevelEnabled())`
`113`	`113`	`{`
`114`		`- _logger.LogDebugF($"Performing protect operation to key {defaultKeyId:B} with purposes {JoinPurposesForLog(Purposes)}.");`
	`114`	`+ _logger.PerformingProtectOperationToKeyWithPurposes(defaultKeyId, JoinPurposesForLog(Purposes));`
`115`	`115`	`}`
`116`	`116`
`117`	`117`	`// We'll need to apply the default key id to the template if it hasn't already been applied.`
`@@ -236,7 +236,7 @@ private byte[] UnprotectCore(byte[] protectedData, bool allowOperationsOnRevoked`
`236`	`236`
`237`	`237`	`if (_logger.IsDebugLevelEnabled())`
`238`	`238`	`{`
`239`		`- _logger.LogDebugF($"Performing unprotect operation to key {keyIdFromPayload:B} with purposes {JoinPurposesForLog(Purposes)}.");`
	`239`	`+ _logger.PerformingUnprotectOperationToKeyWithPurposes(keyIdFromPayload, JoinPurposesForLog(Purposes));`
`240`	`240`	`}`
`241`	`241`
`242`	`242`	`// Find the correct encryptor in the keyring.`
`@@ -245,10 +245,7 @@ private byte[] UnprotectCore(byte[] protectedData, bool allowOperationsOnRevoked`
`245`	`245`	`var requestedEncryptor = currentKeyRing.GetAuthenticatedEncryptorByKeyId(keyIdFromPayload, out keyWasRevoked);`
`246`	`246`	`if (requestedEncryptor == null)`
`247`	`247`	`{`
`248`		`- if (_logger.IsDebugLevelEnabled())`
`249`		`- {`
`250`		`- _logger.LogDebugF($"Key {keyIdFromPayload:B} was not found in the key ring. Unprotect operation cannot proceed.");`
`251`		`- }`
	`248`	`+ _logger.KeyWasNotFoundInTheKeyRingUnprotectOperationCannotProceed(keyIdFromPayload);`
`252`	`249`	`throw Error.Common_KeyNotFound(keyIdFromPayload);`
`253`	`250`	`}`
`254`	`251`
`@@ -264,18 +261,12 @@ private byte[] UnprotectCore(byte[] protectedData, bool allowOperationsOnRevoked`
`264`	`261`	`{`
`265`	`262`	`if (allowOperationsOnRevokedKeys)`
`266`	`263`	`{`
`267`		`- if (_logger.IsVerboseLevelEnabled())`
`268`		`- {`
`269`		`- _logger.LogVerboseF($"Key {keyIdFromPayload:B} was revoked. Caller requested unprotect operation proceed regardless.");`
`270`		`- }`
	`264`	`+ _logger.KeyWasRevokedCallerRequestedUnprotectOperationProceedRegardless(keyIdFromPayload);`
`271`	`265`	`status = UnprotectStatus.DecryptionKeyWasRevoked;`
`272`	`266`	`}`
`273`	`267`	`else`
`274`	`268`	`{`
`275`		`- if (_logger.IsVerboseLevelEnabled())`
`276`		`- {`
`277`		`- _logger.LogVerboseF($"Key {keyIdFromPayload:B} was revoked. Unprotect operation cannot proceed.");`
`278`		`- }`
	`269`	`+ _logger.KeyWasRevokedUnprotectOperationCannotProceed(keyIdFromPayload);`
`279`	`270`	`throw Error.Common_KeyRevoked(keyIdFromPayload);`
`280`	`271`	`}`
`281`	`272`	`}`
Original file line number	Diff line number	Diff line change
`@@ -45,10 +45,7 @@ private CacheableKeyRing CreateCacheableKeyRingCore(DateTimeOffset now, IKey key`
`45`	`45`	`return CreateCacheableKeyRingCoreStep2(now, cacheExpirationToken, defaultKeyPolicy.DefaultKey, allKeys);`
`46`	`46`	`}`
`47`	`47`
`48`		`- if (_logger.IsVerboseLevelEnabled())`
`49`		`- {`
`50`		`- _logger.LogVerbose("Policy resolution states that a new key should be added to the key ring.");`
`51`		`- }`
	`48`	`+ _logger.PolicyResolutionStatesThatANewKeyShouldBeAddedToTheKeyRing();`
`52`	`49`
`53`	`50`	`// We shouldn't call CreateKey more than once, else we risk stack diving. This code path shouldn't`
`54`	`51`	`// get hit unless there was an ineligible key with an activation date slightly later than the one we`
`@@ -69,18 +66,12 @@ private CacheableKeyRing CreateCacheableKeyRingCore(DateTimeOffset now, IKey key`
`69`	`66`	`var keyToUse = defaultKeyPolicy.DefaultKey ?? defaultKeyPolicy.FallbackKey;`
`70`	`67`	`if (keyToUse == null)`
`71`	`68`	`{`
`72`		`- if (_logger.IsErrorLevelEnabled())`
`73`		`- {`
`74`		`- _logger.LogError("The key ring does not contain a valid default key, and the key manager is configured with auto-generation of keys disabled.");`
`75`		`- }`
	`69`	`+ _logger.KeyRingDoesNotContainValidDefaultKey();`
`76`	`70`	`throw new InvalidOperationException(Resources.KeyRingProvider_NoDefaultKey_AutoGenerateDisabled);`
`77`	`71`	`}`
`78`	`72`	`else`
`79`	`73`	`{`
`80`		`- if (_logger.IsWarningLevelEnabled())`
`81`		`- {`
`82`		`- _logger.LogWarningF($"Policy resolution states that a new key should be added to the key ring, but automatic generation of keys is disabled. Using fallback key {keyToUse.KeyId:B} with expiration {keyToUse.ExpirationDate:u} as default key.");`
`83`		`- }`
	`74`	`+ _logger.UsingFallbackKeyWithExpirationAsDefaultKey(keyToUse.KeyId, keyToUse.ExpirationDate);`
`84`	`75`	`return CreateCacheableKeyRingCoreStep2(now, cacheExpirationToken, keyToUse, allKeys);`
`85`	`76`	`}`
`86`	`77`	`}`
`@@ -109,10 +100,7 @@ private CacheableKeyRing CreateCacheableKeyRingCoreStep2(DateTimeOffset now, Can`
`109`	`100`	`// Invariant: our caller ensures that CreateEncryptorInstance succeeded at least once`
`110`	`101`	`Debug.Assert(defaultKey.CreateEncryptorInstance() != null);`
`111`	`102`
`112`		`- if (_logger.IsVerboseLevelEnabled())`
`113`		`- {`
`114`		`- _logger.LogVerboseF($"Using key {defaultKey.KeyId:B} as the default key.");`
`115`		`- }`
	`103`	`+ _logger.UsingKeyAsDefaultKey(defaultKey.KeyId);`
`116`	`104`
`117`	`105`	`DateTimeOffset nextAutoRefreshTime = now + GetRefreshPeriodWithJitter(_keyManagementOptions.KeyRingRefreshPeriod);`
`118`	`106`
`@@ -165,9 +153,9 @@ internal IKeyRing GetCurrentKeyRingCore(DateTime utcNow)`
`165`	`153`	`return existingCacheableKeyRing.KeyRing;`
`166`	`154`	`}`
`167`	`155`
`168`		`- if (existingCacheableKeyRing != null && _logger.IsVerboseLevelEnabled())`
	`156`	`+ if (existingCacheableKeyRing != null)`
`169`	`157`	`{`
`170`		`- _logger.LogVerbose("Existing cached key ring is expired. Refreshing.");`
	`158`	`+ _logger.ExistingCachedKeyRingIsExpired();`
`171`	`159`	`}`
`172`	`160`
`173`	`161`	`// It's up to us to refresh the cached keyring.`
`@@ -180,16 +168,13 @@ internal IKeyRing GetCurrentKeyRingCore(DateTime utcNow)`
`180`	`168`	`}`
`181`	`169`	`catch (Exception ex)`
`182`	`170`	`{`
`183`		`- if (_logger.IsErrorLevelEnabled())`
	`171`	`+ if (existingCacheableKeyRing != null)`
	`172`	`+ {`
	`173`	`+ _logger.ErrorOccurredWhileRefreshingKeyRing(ex);`
	`174`	`+ }`
	`175`	`+ else`
`184`	`176`	`{`
`185`		`- if (existingCacheableKeyRing != null)`
`186`		`- {`
`187`		`- _logger.LogError(ex, "An error occurred while refreshing the key ring. Will try again in 2 minutes.");`
`188`		`- }`
`189`		`- else`
`190`		`- {`
`191`		`- _logger.LogError(ex, "An error occurred while reading the key ring.");`
`192`		`- }`
	`177`	`+ _logger.ErrorOccurredWhileReadingKeyRing(ex);`
`193`	`178`	`}`
`194`	`179`
`195`	`180`	`// Failures that occur while refreshing the keyring are most likely transient, perhaps due to a`