public AwsKmsSignature(string keyId, Func <List <string>, string> selector) { this.keyId = keyId; using (var kmsClient = new AmazonKeyManagementServiceClient()) { GetPublicKeyRequest getPublicKeyRequest = new GetPublicKeyRequest() { KeyId = keyId }; GetPublicKeyResponse getPublicKeyResponse = kmsClient.GetPublicKeyAsync(getPublicKeyRequest).Result; List <string> signingAlgorithms = getPublicKeyResponse.SigningAlgorithms; signingAlgorithm = selector.Invoke(signingAlgorithms); switch (signingAlgorithm) { case "ECDSA_SHA_256": case "ECDSA_SHA_384": case "ECDSA_SHA_512": case "RSASSA_PKCS1_V1_5_SHA_256": case "RSASSA_PKCS1_V1_5_SHA_384": case "RSASSA_PKCS1_V1_5_SHA_512": break; case "RSASSA_PSS_SHA_256": case "RSASSA_PSS_SHA_384": case "RSASSA_PSS_SHA_512": throw new ArgumentException(String.Format("Signing algorithm {0} not supported directly by iText", signingAlgorithm)); default: throw new ArgumentException(String.Format("Unknown signing algorithm: {0}", signingAlgorithm)); } } }
public async Task <ActionResult <MainResponse> > GetPublicKey(GetPublicKeyRequest request) { User user = HttpContext.GetUser(); if (user == null) { return(Unauthorized()); } User user1; GetPublicKeyResponse getPublicKeyResponse = new GetPublicKeyResponse() { PublicKeys = new List <GetPublicKeyResponseItem>() }; for (int i = 0; i < request.UserIds.Count; i++) { user1 = await _context.Users.FirstOrDefaultAsync(p => p.Id == request.UserIds[i]); if (user1 != null) { getPublicKeyResponse.PublicKeys.Add(new GetPublicKeyResponseItem() { PublicKey = user1.RSAKeyPair.PublicKey, UserId = user1.Id, KeyId = user1.RSAKeyPair.Id }); } } return(MainResponse.GetSuccess(getPublicKeyResponse)); }
/// <summary> /// Unmarshaller the response from the service to the response class. /// </summary> /// <param name="context"></param> /// <returns></returns> public override AmazonWebServiceResponse Unmarshall(JsonUnmarshallerContext context) { GetPublicKeyResponse response = new GetPublicKeyResponse(); context.Read(); int targetDepth = context.CurrentDepth; while (context.ReadAtDepth(targetDepth)) { if (context.TestExpression("CustomerMasterKeySpec", targetDepth)) { var unmarshaller = StringUnmarshaller.Instance; response.CustomerMasterKeySpec = unmarshaller.Unmarshall(context); continue; } if (context.TestExpression("EncryptionAlgorithms", targetDepth)) { var unmarshaller = new ListUnmarshaller <string, StringUnmarshaller>(StringUnmarshaller.Instance); response.EncryptionAlgorithms = unmarshaller.Unmarshall(context); continue; } if (context.TestExpression("KeyId", targetDepth)) { var unmarshaller = StringUnmarshaller.Instance; response.KeyId = unmarshaller.Unmarshall(context); continue; } if (context.TestExpression("KeySpec", targetDepth)) { var unmarshaller = StringUnmarshaller.Instance; response.KeySpec = unmarshaller.Unmarshall(context); continue; } if (context.TestExpression("KeyUsage", targetDepth)) { var unmarshaller = StringUnmarshaller.Instance; response.KeyUsage = unmarshaller.Unmarshall(context); continue; } if (context.TestExpression("PublicKey", targetDepth)) { var unmarshaller = MemoryStreamUnmarshaller.Instance; response.PublicKey = unmarshaller.Unmarshall(context); continue; } if (context.TestExpression("SigningAlgorithms", targetDepth)) { var unmarshaller = new ListUnmarshaller <string, StringUnmarshaller>(StringUnmarshaller.Instance); response.SigningAlgorithms = unmarshaller.Unmarshall(context); continue; } } return(response); }
/// <summary> /// Unmarshaller the response from the service to the response class. /// </summary> /// <param name="context"></param> /// <returns></returns> public override AmazonWebServiceResponse Unmarshall(XmlUnmarshallerContext context) { GetPublicKeyResponse response = new GetPublicKeyResponse(); UnmarshallResult(context, response); if (context.ResponseData.IsHeaderPresent("ETag")) { response.ETag = context.ResponseData.GetHeaderValue("ETag"); } return(response); }
public static GetPublicKeyResponse Unmarshall(UnmarshallerContext _ctx) { GetPublicKeyResponse getPublicKeyResponse = new GetPublicKeyResponse(); getPublicKeyResponse.HttpResponse = _ctx.HttpResponse; getPublicKeyResponse.PublicKey = _ctx.StringValue("GetPublicKey.PublicKey"); getPublicKeyResponse.KeyId = _ctx.StringValue("GetPublicKey.KeyId"); getPublicKeyResponse.RequestId = _ctx.StringValue("GetPublicKey.RequestId"); getPublicKeyResponse.KeyVersionId = _ctx.StringValue("GetPublicKey.KeyVersionId"); return(getPublicKeyResponse); }
public static GetPublicKeyResponse Unmarshall(UnmarshallerContext context) { GetPublicKeyResponse getPublicKeyResponse = new GetPublicKeyResponse(); getPublicKeyResponse.HttpResponse = context.HttpResponse; getPublicKeyResponse.RequestId = context.StringValue("GetPublicKey.RequestId"); GetPublicKeyResponse.GetPublicKey_PublicKey publicKey = new GetPublicKeyResponse.GetPublicKey_PublicKey(); publicKey.PublicKeyId = context.StringValue("GetPublicKey.PublicKey.PublicKeyId"); publicKey.PublicKeySpec = context.StringValue("GetPublicKey.PublicKey.PublicKeySpec"); publicKey.Status = context.StringValue("GetPublicKey.PublicKey.Status"); publicKey.CreateDate = context.StringValue("GetPublicKey.PublicKey.CreateDate"); getPublicKeyResponse.PublicKey = publicKey; return(getPublicKeyResponse); }
public static X509Certificate2 generateSelfSignedCertificate(string keyId, string subjectDN, Func <List <string>, string> selector) { string signingAlgorithm = null; using (var kmsClient = new AmazonKeyManagementServiceClient()) { GetPublicKeyRequest getPublicKeyRequest = new GetPublicKeyRequest() { KeyId = keyId }; GetPublicKeyResponse getPublicKeyResponse = kmsClient.GetPublicKeyAsync(getPublicKeyRequest).Result; List <string> signingAlgorithms = getPublicKeyResponse.SigningAlgorithms; signingAlgorithm = selector.Invoke(signingAlgorithms); byte[] spkiBytes = getPublicKeyResponse.PublicKey.ToArray(); CertificateRequest certificateRequest = null; X509SignatureGenerator simpleGenerator = null; string keySpecString = getPublicKeyResponse.CustomerMasterKeySpec.ToString(); if (keySpecString.StartsWith("ECC")) { ECDsa ecdsa = ECDsa.Create(); int bytesRead = 0; ecdsa.ImportSubjectPublicKeyInfo(new ReadOnlySpan <byte>(spkiBytes), out bytesRead); certificateRequest = new CertificateRequest(subjectDN, ecdsa, getHashAlgorithmName(signingAlgorithm)); simpleGenerator = X509SignatureGenerator.CreateForECDsa(ecdsa); } else if (keySpecString.StartsWith("RSA")) { RSA rsa = RSA.Create(); int bytesRead = 0; rsa.ImportSubjectPublicKeyInfo(new ReadOnlySpan <byte>(spkiBytes), out bytesRead); RSASignaturePadding rsaSignaturePadding = getSignaturePadding(signingAlgorithm); certificateRequest = new CertificateRequest(subjectDN, rsa, getHashAlgorithmName(signingAlgorithm), rsaSignaturePadding); simpleGenerator = X509SignatureGenerator.CreateForRSA(rsa, rsaSignaturePadding); } else { throw new ArgumentException("Cannot determine encryption algorithm for " + keySpecString, nameof(keyId)); } X509SignatureGenerator generator = new SignatureGenerator(keyId, signingAlgorithm, simpleGenerator); X509Certificate2 certificate = certificateRequest.Create(new X500DistinguishedName(subjectDN), generator, System.DateTimeOffset.Now, System.DateTimeOffset.Now.AddYears(2), new byte[] { 17 }); return(certificate); } }
public AwsKmsSignatureContainer(X509Certificate x509Certificate, string keyId, Func <List <string>, string> selector) { this.x509Certificate = x509Certificate; this.keyId = keyId; using (var kmsClient = new AmazonKeyManagementServiceClient()) { GetPublicKeyRequest getPublicKeyRequest = new GetPublicKeyRequest() { KeyId = keyId }; GetPublicKeyResponse getPublicKeyResponse = kmsClient.GetPublicKeyAsync(getPublicKeyRequest).Result; List <string> signingAlgorithms = getPublicKeyResponse.SigningAlgorithms; this.signingAlgorithm = selector.Invoke(signingAlgorithms); if (signingAlgorithm == null) { throw new ArgumentException("KMS key has no signing algorithms", nameof(keyId)); } signatureFactory = new AwsKmsSignatureFactory(keyId, signingAlgorithm); } }
private static void UnmarshallResult(XmlUnmarshallerContext context, GetPublicKeyResponse response) { int originalDepth = context.CurrentDepth; int targetDepth = originalDepth + 1; while (context.Read()) { if (context.IsStartElement || context.IsAttribute) { if (context.TestExpression("PublicKey", targetDepth)) { var unmarshaller = PublicKeyUnmarshaller.Instance; response.PublicKey = unmarshaller.Unmarshall(context); continue; } } else if (context.IsEndElement && context.CurrentDepth < originalDepth) { return; } } return; }