public AdmPwd.PDS.KeyStore.KeyData GetPublicKey(uint KeyID) { if (!_keys.Keys.Contains(KeyID)) { throw new ArgumentException(string.Format("Key with this ID does not exist: {0}", KeyID)); } if (_keys[KeyID] == null) { return(null); } using (var csp = new RSACryptoServiceProvider(new CspParameters { Flags = CspProviderFlags.UseMachineKeyStore })) { csp.ImportCspBlob(_keys[KeyID].Key); byte[] pubKey = csp.ExportCspBlob(false); VaultKeyData pubKeyData = new VaultKeyData(KeyID, pubKey, _keys[KeyID].Area); AdmPwd.PDS.KeyStore.KeyData retVal = new KeyStore.KeyData(); retVal.ID = KeyID; retVal.Key = pubKeyData.ToString(); retVal.Size = csp.KeySize; retVal.Type = "CryptoAPI_RSA"; return(retVal); } }
public string Decrypt(uint keyID, string EncryptedPwd) { using (var csp = new RSACryptoServiceProvider(new CspParameters { Flags = CspProviderFlags.UseMachineKeyStore })) { VaultKeyData privKey = _keys[keyID]; csp.ImportCspBlob(privKey.Key); byte[] decryptedData = null; decryptedData = csp.Decrypt(Convert.FromBase64String(EncryptedPwd), true); return(System.Text.UnicodeEncoding.Unicode.GetString(decryptedData)); // decrypted password } }
public string Encrypt(ref uint keyID, string plainTextPwd) { using (var csp = new RSACryptoServiceProvider(new CspParameters { Flags = CspProviderFlags.UseMachineKeyStore })) { if (keyID == 0) { keyID = _keys.Keys.Max(); } VaultKeyData key = _keys[keyID]; csp.ImportCspBlob(key.Key); byte[] encryptedData = null; encryptedData = csp.Encrypt(System.Text.Encoding.Unicode.GetBytes(plainTextPwd), true); return($"{Convert.ToBase64String(encryptedData)}"); } }
public uint GenerateKeyPair(int KeySize) { CspParameters CSPParam = new CspParameters(); CSPParam.Flags = CspProviderFlags.UseMachineKeyStore; UInt32 KeyID = 1; if (_keys.Keys.Count > 0) { KeyID = _keys.Keys.Max <UInt32>() + 1; } using (var csp = new RSACryptoServiceProvider(KeySize, CSPParam)) { var privKey = new VaultKeyData(KeyID, csp.ExportCspBlob(true), _area); AzureKeyVault.SecretUpdate.SecretUpdate privSecret = privKey.ToSecretUpdate(); SaveSecret(privSecret, (Guid.NewGuid().ToString())).Wait(); _keys.Add(KeyID, privKey); return(KeyID); } }
protected async Task LoadKeys() { AuthenticationResult result = await Authenticate(); List <VaultKeyData> keys = new List <VaultKeyData>(); using (var client = new HttpClient()) { client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", result.AccessToken); client.DefaultRequestHeaders.Accept.Clear(); client.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json")); UriBuilder ub = new UriBuilder(_vaultUri); ub.Path += "secrets"; //maxresults seems to be required by current version of API ub.Query = "api-version=" + _apiVersion + "&maxresults=25"; HttpResponseMessage response = await client.GetAsync(ub.Uri); if (!response.IsSuccessStatusCode) { throw new KeyStoreException(response.ReasonPhrase); } bool isAtEnd = false; DataContractJsonSerializer serializer = new DataContractJsonSerializer(typeof(AzureKeyVault.SecretList.SecretList)); DataContractJsonSerializer serializer2 = new DataContractJsonSerializer(typeof(AzureKeyVault.Secret.Secret)); do { AzureKeyVault.SecretList.SecretList secrets = null; using (var data = await response.Content.ReadAsStreamAsync()) { secrets = (AzureKeyVault.SecretList.SecretList)serializer.ReadObject(data); } if (secrets.value != null) { foreach (var secret in secrets.value) { UriBuilder ub2 = new UriBuilder(secret.id); ub2.Query = "api-version=" + _apiVersion; response = await client.GetAsync(ub2.Uri); if (!response.IsSuccessStatusCode) { throw new KeyStoreException(response.ReasonPhrase); } using (var details = await response.Content.ReadAsStreamAsync()) { AzureKeyVault.Secret.Secret sec = (AzureKeyVault.Secret.Secret)serializer2.ReadObject(details); if (_area != null && string.Compare(_area, sec.tags.Area, true) != 0) { continue; } VaultKeyData key = new VaultKeyData(Convert.FromBase64String(sec.value), _area); _keys.Add(key.Id, key); } } } if (secrets.nextLink != null) { response = await client.GetAsync(secrets.nextLink); } else { isAtEnd = true; } } while (!isAtEnd); } }