public override int Run(string[] remainingArguments) { var license = _uow.Settings.Get(QueryExpressionFactory.GetQueryExpression <tbl_Setting>() .Where(x => x.ConfigKey == "RebexLicense").ToLambda()).OrderBy(x => x.Created) .Last(); Rebex.Licensing.Key = license.ConfigValue; AsymmetricKeyAlgorithm.Register(Curve25519.Create); AsymmetricKeyAlgorithm.Register(Ed25519.Create); AsymmetricKeyAlgorithm.Register(EllipticCurveAlgorithm.Create); try { if (string.IsNullOrEmpty(_privKeyPass)) { Console.Out.Write(" *** Enter password for the private key *** : "); _privKeyPass = StandardInput.GetHiddenInput(); } Console.Out.WriteLine(); Console.Out.WriteLine("Opened " + _path.FullName); KeyHelper.ImportPrivKey(_conf, _uow, _privKeyPass, SignatureHashAlgorithm.SHA256, new FileInfo(_path.FullName)); return(StandardOutput.FondFarewell()); } catch (Exception ex) { return(StandardOutput.AngryFarewell(ex)); } }
public override int Run(string[] remainingArguments) { try { var license = _uow.Settings.Get(QueryExpressionFactory.GetQueryExpression <tbl_Setting>() .Where(x => x.ConfigKey == "RebexLicense").ToLambda()).OrderBy(x => x.Created) .Last(); Rebex.Licensing.Key = license.ConfigValue; AsymmetricKeyAlgorithm.Register(Curve25519.Create); AsymmetricKeyAlgorithm.Register(Ed25519.Create); AsymmetricKeyAlgorithm.Register(EllipticCurveAlgorithm.Create); if (string.IsNullOrEmpty(_secretCurrent)) { Console.Out.Write(" *** Enter current secret to encrypt passwords *** : "); _secretCurrent = StandardInput.GetHiddenInput(); } if (string.IsNullOrEmpty(_secretNew)) { Console.Out.Write(" *** Enter new secret to encrypt passwords *** : "); _secretNew = StandardInput.GetHiddenInput(); } else { _secretNew = AlphaNumeric.CreateString(32); Console.Out.WriteLine($" *** The new secret to encrypt passwords is *** : {_secretNew}"); } var keys = _uow.PrivateKeys.Get().ToList(); var creds = _uow.Credentials.Get().ToList(); Console.Out.WriteLine(); Console.Out.WriteLine(" *** Current private key pass ciphertexts *** "); ConsoleHelper.StdOutKeyPairSecrets(keys); Console.Out.WriteLine(); Console.Out.WriteLine(" *** Current credential password ciphertexts *** "); ConsoleHelper.StdOutCredentialSecrets(creds); keys = KeyHelper.EditPrivKeySecrets(_uow, keys, _secretCurrent, _secretNew).ToList(); creds = UserHelper.EditCredentialSecrets(_uow, creds, _secretCurrent, _secretNew).ToList(); Console.Out.WriteLine(); Console.Out.WriteLine(" *** New private key pass ciphertexts *** "); ConsoleHelper.StdOutKeyPairSecrets(keys); Console.Out.WriteLine(); Console.Out.WriteLine(" *** New credential password ciphertexts *** "); ConsoleHelper.StdOutCredentialSecrets(creds); return(StandardOutput.FondFarewell()); } catch (Exception ex) { return(StandardOutput.AngryFarewell(ex)); } }
public byte[] Get() { try { var path = Path.Combine(Directory.GetCurrentDirectory(), "Certificates\\DevCertRootCA.pfx"); Certificate ca = Certificate.LoadPfx(path, "", KeySetOptions.MachineKeySet); // prepare certificate info var info = new CertificateInfo(); // specify certificate validity range info.EffectiveDate = DateTime.Now.AddDays(-1); info.ExpirationDate = info.EffectiveDate.AddYears(1); // specify certificate subject for a client certificate info.Subject = new DistinguishedName("CN=Sample Certificate"); // specify certificate usage for a client certificate info.Usage = KeyUses.DigitalSignature | KeyUses.KeyEncipherment | KeyUses.DataEncipherment; // specify certificate extended usage for a client certificate info.SetExtendedUsage(ExtendedUsageOids.ClientAuthentication, ExtendedUsageOids.EmailProtection); // sets a unique serial number info.SetSerialNumber(Guid.NewGuid().ToByteArray()); // use SHA-256 signature algorithm info.SignatureHashAlgorithm = HashingAlgorithmId.SHA256; // generate a 2048-bit RSA key for the certificate PrivateKeyInfo privateKey; using (var alg = new AsymmetricKeyAlgorithm()) { alg.GenerateKey(AsymmetricKeyAlgorithmId.RSA, 2048); privateKey = alg.GetPrivateKey(); } // create the certificate signed by the CA certificate PublicKeyInfo publicKey = privateKey.GetPublicKey(); Certificate certificate = CertificateIssuer.Issue(ca, info, publicKey); // associate the private key with the certificate certificate.Associate(privateKey); using (CertificateStore store = new CertificateStore(CertificateStoreName.My, CertificateStoreLocation.LocalMachine)) { store.Add(certificate); } using (CertificateStore store = new CertificateStore(CertificateStoreName.TrustedPeople, CertificateStoreLocation.LocalMachine)) { store.Add(certificate); } var memoryStream = new MemoryStream(); certificate.Save(memoryStream, CertificateFormat.Pfx); return(memoryStream.ToArray()); } catch (Exception ex) { _logger.LogError(ex.Message); throw ex; } }
public async Task StartAsync(CancellationToken cancellationToken) { await Task.Run(() => { try { AsymmetricKeyAlgorithm.Register(Curve25519.Create); AsymmetricKeyAlgorithm.Register(Ed25519.Create); AsymmetricKeyAlgorithm.Register(EllipticCurveAlgorithm.Create); using (var scope = _factory.CreateScope()) { var conf = scope.ServiceProvider.GetRequiredService <IConfiguration>(); var uow = scope.ServiceProvider.GetRequiredService <IUnitOfWork>(); if (!Enum.TryParse <LogLevel>(conf["Rebex:LogLevel"], true, out _level)) { throw new InvalidCastException(); } var license = uow.Settings.Get(QueryExpressionFactory.GetQueryExpression <tbl_Setting>() .Where(x => x.ConfigKey == "RebexLicense").ToLambda()).OrderBy(x => x.Created) .Last(); Rebex.Licensing.Key = license.ConfigValue; KeyHelper.CheckPrivKey(conf, uow, SshHostKeyAlgorithm.DSS, 1024, AlphaNumeric.CreateString(32), SignatureHashAlgorithm.SHA256); KeyHelper.CheckPrivKey(conf, uow, SshHostKeyAlgorithm.RSA, 4096, AlphaNumeric.CreateString(32), SignatureHashAlgorithm.SHA256); KeyHelper.CheckPrivKey(conf, uow, SshHostKeyAlgorithm.ECDsaNistP256, 256, AlphaNumeric.CreateString(32), SignatureHashAlgorithm.SHA256); KeyHelper.CheckPrivKey(conf, uow, SshHostKeyAlgorithm.ECDsaNistP384, 384, AlphaNumeric.CreateString(32), SignatureHashAlgorithm.SHA256); KeyHelper.CheckPrivKey(conf, uow, SshHostKeyAlgorithm.ECDsaNistP521, 521, AlphaNumeric.CreateString(32), SignatureHashAlgorithm.SHA256); KeyHelper.CheckPrivKey(conf, uow, SshHostKeyAlgorithm.ED25519, 256, AlphaNumeric.CreateString(32), SignatureHashAlgorithm.SHA256); var secret = conf["Databases:AuroraSecret"]; var dsaStr = SshHostKeyAlgorithm.DSS.ToString(); var dsaPrivKey = uow.PrivateKeys.Get(QueryExpressionFactory.GetQueryExpression <tbl_PrivateKey>() .Where(x => x.KeyAlgo == dsaStr && x.IdentityId == null).ToLambda()).OrderBy(x => x.Created) .Single(); var dsaBytes = Encoding.ASCII.GetBytes(dsaPrivKey.KeyValue); _server.Keys.Add(new SshPrivateKey(dsaBytes, AES.DecryptString(dsaPrivKey.KeyPass, secret))); var rsaStr = SshHostKeyAlgorithm.RSA.ToString(); var rsaPrivKey = uow.PrivateKeys.Get(QueryExpressionFactory.GetQueryExpression <tbl_PrivateKey>() .Where(x => x.KeyAlgo == rsaStr && x.IdentityId == null).ToLambda()).OrderBy(x => x.Created) .Single(); var rsaBytes = Encoding.ASCII.GetBytes(rsaPrivKey.KeyValue); _server.Keys.Add(new SshPrivateKey(rsaBytes, AES.DecryptString(rsaPrivKey.KeyPass, secret))); var ecdsa256Str = SshHostKeyAlgorithm.ECDsaNistP256.ToString(); var ecdsa256PrivKey = uow.PrivateKeys.Get(QueryExpressionFactory.GetQueryExpression <tbl_PrivateKey>() .Where(x => x.KeyAlgo == ecdsa256Str && x.IdentityId == null).ToLambda()).OrderBy(x => x.Created) .Single(); var ecdsa256Bytes = Encoding.ASCII.GetBytes(ecdsa256PrivKey.KeyValue); _server.Keys.Add(new SshPrivateKey(ecdsa256Bytes, AES.DecryptString(ecdsa256PrivKey.KeyPass, secret))); var ecdsa384Str = SshHostKeyAlgorithm.ECDsaNistP384.ToString(); var ecdsa384PrivKey = uow.PrivateKeys.Get(QueryExpressionFactory.GetQueryExpression <tbl_PrivateKey>() .Where(x => x.KeyAlgo == ecdsa384Str && x.IdentityId == null).ToLambda()).OrderBy(x => x.Created) .Single(); var ecdsa384Bytes = Encoding.ASCII.GetBytes(ecdsa384PrivKey.KeyValue); _server.Keys.Add(new SshPrivateKey(ecdsa384Bytes, AES.DecryptString(ecdsa384PrivKey.KeyPass, secret))); var ecdsa521Str = SshHostKeyAlgorithm.ECDsaNistP521.ToString(); var ecdsa521PrivKey = uow.PrivateKeys.Get(QueryExpressionFactory.GetQueryExpression <tbl_PrivateKey>() .Where(x => x.KeyAlgo == ecdsa521Str && x.IdentityId == null).ToLambda()).OrderBy(x => x.Created) .Single(); var ecdsa521Bytes = Encoding.ASCII.GetBytes(ecdsa521PrivKey.KeyValue); _server.Keys.Add(new SshPrivateKey(ecdsa521Bytes, AES.DecryptString(ecdsa521PrivKey.KeyPass, secret))); var ed25519Str = SshHostKeyAlgorithm.ED25519.ToString(); var ed25519PrivKey = uow.PrivateKeys.Get(QueryExpressionFactory.GetQueryExpression <tbl_PrivateKey>() .Where(x => x.KeyAlgo == ed25519Str && x.IdentityId == null).ToLambda()).OrderBy(x => x.Created) .Single(); var ed25519Bytes = Encoding.ASCII.GetBytes(ed25519PrivKey.KeyValue); _server.Keys.Add(new SshPrivateKey(ed25519Bytes, AES.DecryptString(ed25519PrivKey.KeyPass, secret))); _binding = conf.GetSection("Daemons:SftpService:Bindings").GetChildren().Select(x => x.Value); } foreach (var binding in _binding) { var pair = binding.Split("|"); _server.Bind(new IPEndPoint(IPAddress.Parse(pair[0]), int.Parse(pair[1])), FileServerProtocol.Sftp); #if DEBUG _server.Bind(new IPEndPoint(IPAddress.Parse(pair[0]), int.Parse(pair[1])), FileServerProtocol.Shell); #endif } _server.LogWriter = new ConsoleLogWriter(_level); _server.Settings.AllowedAuthenticationMethods = AuthenticationMethods.PublicKey | AuthenticationMethods.Password; _server.Settings.SshParameters.EncryptionAlgorithms = SshEncryptionAlgorithm.Any; _server.Settings.SshParameters.EncryptionModes = SshEncryptionMode.Any; _server.Settings.SshParameters.KeyExchangeAlgorithms = SshKeyExchangeAlgorithm.Any; _server.Settings.SshParameters.HostKeyAlgorithms = SshHostKeyAlgorithm.Any; _server.Settings.SshParameters.MacAlgorithms = SshMacAlgorithm.Any; _server.Authentication += FsUser_Authentication; _server.Connecting += FsUser_Connecting; _server.Disconnected += FsUser_Disconnected; _server.FileDownloaded += FsUser_FileDownloaded; _server.FileUploaded += FsUser_FileUploaded; _server.PreAuthentication += FsUser_PreAuthentication; _server.Start(); } catch (Exception ex) { Log.Error(ex.ToString()); } }, cancellationToken); }