Add Dapr.Cryptography package + fix for large files#1527
Merged
WhitWaldo merged 43 commits intodapr:release-1.16from May 2, 2025
Merged
Add Dapr.Cryptography package + fix for large files#1527WhitWaldo merged 43 commits intodapr:release-1.16from
WhitWaldo merged 43 commits intodapr:release-1.16from
Conversation
Signed-off-by: Whit Waldo <whit.waldo@innovian.net>
Signed-off-by: Whit Waldo <whit.waldo@innovian.net>
…tory Signed-off-by: Whit Waldo <whit.waldo@innovian.net>
Signed-off-by: Whit Waldo <whit.waldo@innovian.net>
Signed-off-by: Whit Waldo <whit.waldo@innovian.net>
…equire more than one message to process Signed-off-by: Whit Waldo <whit.waldo@innovian.net>
Signed-off-by: Whit Waldo <whit.waldo@innovian.net>
Signed-off-by: Whit Waldo <whit.waldo@innovian.net>
Signed-off-by: Whit Waldo <whit.waldo@innovian.net>
Signed-off-by: Whit Waldo <whit.waldo@innovian.net>
Signed-off-by: Whit Waldo <whit.waldo@innovian.net>
Signed-off-by: Whit Waldo <whit.waldo@innovian.net>
Signed-off-by: Whit Waldo <whit.waldo@innovian.net>
Signed-off-by: Whit Waldo <whit.waldo@innovian.net>
Signed-off-by: Whit Waldo <whit.waldo@innovian.net>
Signed-off-by: Whit Waldo <whit.waldo@innovian.net>
Signed-off-by: Whit Waldo <whit.waldo@innovian.net>
Signed-off-by: Whit Waldo <whit.waldo@innovian.net>
Signed-off-by: Whit Waldo <whit.waldo@innovian.net>
Signed-off-by: Whit Waldo <whit.waldo@innovian.net>
… for in a separate file Signed-off-by: Whit Waldo <whit.waldo@innovian.net>
Signed-off-by: Whit Waldo <whit.waldo@innovian.net>
watfordsuzy
reviewed
May 1, 2025
daprdocs/content/en/dotnet-sdk-docs/dotnet-cryptography/_index.md
Outdated
Show resolved
Hide resolved
watfordsuzy
reviewed
May 1, 2025
daprdocs/content/en/dotnet-sdk-docs/dotnet-cryptography/dotnet-cryptography-usage.md
Outdated
Show resolved
Hide resolved
watfordsuzy
reviewed
May 1, 2025
examples/Cryptography/Examples/EncryptDecryptLargeFileExample.cs
Outdated
Show resolved
Hide resolved
Signed-off-by: Whit Waldo <whit.waldo@innovian.net>
Co-authored-by: Christopher Watford <83599748+watfordsuzy@users.noreply.github.com> Signed-off-by: Whit Waldo <whit.waldo@innovian.net>
…-cryptography-usage.md Co-authored-by: Christopher Watford <83599748+watfordsuzy@users.noreply.github.com> Signed-off-by: Whit Waldo <whit.waldo@innovian.net>
Co-authored-by: Christopher Watford <83599748+watfordsuzy@users.noreply.github.com> Signed-off-by: Whit Waldo <whit.waldo@innovian.net>
watfordsuzy
reviewed
May 1, 2025
Contributor
watfordsuzy
left a comment
watfordsuzy
left a comment
There was a problem hiding this comment.
Couple of nits, some notes, and an unobserved task exception issue.
| var duplexStream = Client.DecryptAlpha1(grpcCallOptions); | ||
|
|
||
| using var streamProcessor = new DecryptionStreamProcessor(); | ||
| await streamProcessor.ProcessStreamAsync(ciphertextStream, duplexStream, options.StreamingBlockSizeInBytes, |
Contributor
There was a problem hiding this comment.
This await doesn't really do anything given how the processor is setup.
I think a design like you see in the Azure.Data.Tables library would be amenable here: https://learn.microsoft.com/en-us/dotnet/api/azure.data.tables.tableclient.queryasync?view=azure-dotnet
Basically, instead of returning a Task the process stream returns a wrapper which includes the IAsyncEnumerable.
Contributor
Author
There was a problem hiding this comment.
It's true that await doesn't really do anything, but between it and just discarding the value, C# requires that I put something there. I don't know that I want to return any additional public types just for the sake of it when I could just return the IAsyncEnumerable and leave it to consumers to decide what to do with it.
| var duplexStream = Client.EncryptAlpha1(grpcCallOptions); | ||
|
|
||
| using var streamProcessor = new EncryptionStreamProcessor(); | ||
| await streamProcessor.ProcessStreamAsync(plaintextStream, duplexStream, encryptRequestOptions, |
Contributor
There was a problem hiding this comment.
One interesting thing I noticed in the dapr Go code is that it does encryption/decryption on the full buffer in memory (byte[]) rather than streaming.
Contributor
Author
There was a problem hiding this comment.
I can't speak to what happens in the runtime, but the specification is that this is implemented using a bidirectional streaming connection.
Signed-off-by: Whit Waldo <whit.waldo@innovian.net>
Co-authored-by: Christopher Watford <83599748+watfordsuzy@users.noreply.github.com> Signed-off-by: Whit Waldo <whit.waldo@innovian.net>
Signed-off-by: Whit Waldo <whit.waldo@innovian.net>
Signed-off-by: Whit Waldo <whit.waldo@innovian.net>
Signed-off-by: Whit Waldo <whit.waldo@innovian.net>
…wing Signed-off-by: Whit Waldo <whit.waldo@innovian.net>
Signed-off-by: Whit Waldo <whit.waldo@innovian.net>
Signed-off-by: Whit Waldo <whit.waldo@innovian.net>
Signed-off-by: Whit Waldo <whit.waldo@innovian.net>
watfordsuzy
reviewed
May 2, 2025
Co-authored-by: Christopher Watford <83599748+watfordsuzy@users.noreply.github.com> Signed-off-by: Whit Waldo <whit.waldo@innovian.net>
…uggestion. Signed-off-by: Whit Waldo <whit.waldo@innovian.net>
…ly block in case of exception Signed-off-by: Whit Waldo <whit.waldo@innovian.net>
… the scope was no longer effective. Signed-off-by: Whit Waldo <whit.waldo@innovian.net>
Signed-off-by: Whit Waldo <whit.waldo@innovian.net>
Signed-off-by: Whit Waldo <whit.waldo@innovian.net>
3 tasks
WhitWaldo
added a commit
to WhitWaldo/dapr-dotnet-sdk
that referenced
this pull request
Aug 12, 2025
* Implementation of the new crypto client Signed-off-by: Whit Waldo <whit.waldo@innovian.net> Co-authored-by: Christopher Watford <83599748+watfordsuzy@users.noreply.github.com>
WhitWaldo
added a commit
to WhitWaldo/dapr-dotnet-sdk
that referenced
this pull request
Aug 13, 2025
* Implementation of the new crypto client Signed-off-by: Whit Waldo <whit.waldo@innovian.net> Co-authored-by: Christopher Watford <83599748+watfordsuzy@users.noreply.github.com>
WhitWaldo
added a commit
to WhitWaldo/dapr-dotnet-sdk
that referenced
this pull request
Aug 13, 2025
* Implementation of the new crypto client Signed-off-by: Whit Waldo <whit.waldo@innovian.net> Co-authored-by: Christopher Watford <83599748+watfordsuzy@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
This PR implements three things:
Dapr.Cryptographypackage to be released with 1.16. All existing methods on Dapr.Client have an updated [Obsolete] attribute with a message telling developers that this method will be removed with the release of 1.17.Dapr.Cryptographypackage and modernized to reflect a DI-first approach. It features three samples that demonstrate encryption and decryption of strings, streams and byte arrays of small (a dozen bytes), medium (~1 KB) and 1 GB files.Issue reference
We strive to have all PR being opened based on an issue, where the problem or feature have been discussed prior to implementation.
Please reference the issue this PR will close: #1488 dapr/dapr#8244
Checklist
Please make sure you've completed the relevant tasks for this PR, out of the following list: