30 lines
1.3 KiB
C#
30 lines
1.3 KiB
C#
using SurrealDb.Net.Models;
|
|
|
|
namespace RelayServer.Models;
|
|
|
|
/// <summary>
|
|
/// Surreal record for the `server_encryption_keys` table. Stores both:
|
|
/// - The server's RSA keypair (for receiving encrypted client→server payloads).
|
|
/// - The single AES-256 key used to encrypt channel_messages at rest.
|
|
///
|
|
/// Generated once on first boot by ServerBootstrapService. Loaded into static fields on
|
|
/// ChatSocketBehavior at boot so handlers can use them without a DB round-trip.
|
|
/// </summary>
|
|
public class ServerEncryptionKeys : Record
|
|
{
|
|
/// <summary>Base64 AES-256 key used by ChannelCryptoService for at-rest message encryption.</summary>
|
|
public required string KeyBase64 { get; set; }
|
|
|
|
/// <summary>Base64 SubjectPublicKeyInfo of the server's RSA public key. Sent to clients on GetServerKey.</summary>
|
|
public required string PublicKey { get; set; }
|
|
|
|
/// <summary>Base64 PKCS8 of the server's RSA private key. Never leaves the server.</summary>
|
|
public required string PrivateKey { get; set; }
|
|
|
|
/// <summary>When the keys were generated.</summary>
|
|
public required DateTime CreatedAt { get; set; }
|
|
|
|
/// <summary>When the keys were last rotated. Currently same as CreatedAt — rotation isn't implemented.</summary>
|
|
public required DateTime UpdatedAt { get; set; }
|
|
}
|