public static String Encrypt(Object Value, String Thumbprint) { if (Value == null) { return(null); } else { X509Certificate2 EncryptCert = AutomationSelfSignedCertificate.GetCertificateWithThumbprint(Thumbprint); RSACryptoServiceProvider rsaEncryptor = (RSACryptoServiceProvider)EncryptCert.PublicKey.Key; var valueJson = JsonConvert.SerializeObject(Value); var EncryptedBytes = System.Text.Encoding.Default.GetBytes(valueJson); byte[] EncryptedData = rsaEncryptor.Encrypt(EncryptedBytes, true); return(Convert.ToBase64String(EncryptedData)); } }
public static Object Decrypt(Object EncryptedValue, String Thumbprint) { if (EncryptedValue == null) { return(null); } else if (!(EncryptedValue is string)) { throw new Exception("Cannot decrypt value. Value to decrypt was not a string."); } else { X509Certificate2 EncryptCert = AutomationSelfSignedCertificate.GetCertificateWithThumbprint(Thumbprint); Byte[] EncryptedString = Convert.FromBase64String((string)EncryptedValue); RSACryptoServiceProvider rsaEncryptor = (RSACryptoServiceProvider)EncryptCert.PrivateKey; byte[] EncryptedData = rsaEncryptor.Decrypt(EncryptedString, true); var valueJson = System.Text.Encoding.Default.GetString(EncryptedData); return(JsonConvert.DeserializeObject(valueJson)); } }
public async Task <X509Certificate2> CreateLocalRunAs(string applicationID, String certName) { X509Certificate2 cert = null; var runAsApplication = await graphClient.Applications.ListAsync("$filter=appId eq '" + applicationID + "'"); foreach (var app in runAsApplication) { if (app.AppId == applicationID) { var existingCredentialKeys = await graphClient.Applications.ListKeyCredentialsAsync(app.ObjectId); if (existingCredentialKeys != null) { var thumbprint = CreateSelfSignedCertificate(certName); cert = AutomationSelfSignedCertificate.GetCertificateWithThumbprint(thumbprint); await UpdateADApplication(cert.NotBefore, cert.NotAfter, Convert.ToBase64String(cert.RawData), app.ObjectId); } } } return(cert); }
private string updateEncryptionCertificateIfExpiring(String baseWorkspace, String thumbprint) { if (thumbprint != null) { var encryptionCert = AutomationSelfSignedCertificate.GetCertificateWithThumbprint(thumbprint); // If the certificate will expire 30 days from now, ask to create a new one and encyprt assets with new thumbprint. if (Convert.ToDateTime(encryptionCert.GetExpirationDateString()) < DateTime.Now.AddDays(30)) { var messageBoxResult = System.Windows.Forms.MessageBox.Show( string.Format("Your certificate to encrypt local assets will expire on '{0}'. Do you want to generate a new certificate?", encryptionCert.GetExpirationDateString()) , "Expiring certificate", System.Windows.Forms.MessageBoxButtons.YesNoCancel, System.Windows.Forms.MessageBoxIcon.Warning ); if (messageBoxResult == System.Windows.Forms.DialogResult.Yes) { // Create new certificate for encryption certObj.CreateCertificateRequest(Properties.Settings.Default.certName); var selfSignedCert = certObj.InstallCertficate(); var newThumbprint = selfSignedCert.Thumbprint; // Reset local assets with new encryption thumbprint string[] secureAssetFiles = Directory.GetFiles(baseWorkspace, "SecureLocalAssets.json", SearchOption.AllDirectories); foreach (var secureAssetFile in secureAssetFiles) { var localAssets = AutomationAssetManager.GetLocalEncryptedAssets(Path.GetDirectoryName(secureAssetFile), thumbprint); AutomationAssetManager.SetLocalEncryptedAssets(Path.GetDirectoryName(secureAssetFile), localAssets, newThumbprint); } // Set new thumbprint in configuration file. SetCertificateInConfigFile(newThumbprint); // Remove old thumbprint RemoveCertificateWithThumbprint(thumbprint); return(newThumbprint); } } } return(thumbprint); }