public static async Task RsaCreateLeafCertificateTestAsync() { using (var mock = Setup()) { IKeyStore keys = mock.Create <KeyDatabase>(); IDigestSigner signer = mock.Create <KeyDatabase>(); ICertificateFactory factory = mock.Create <CertificateFactory>(); Key publicKey; KeyHandle issuerKey; Key issuerPublicKey; using (var rsa1 = RSA.Create()) { issuerKey = await keys.ImportKeyAsync("rsa1", rsa1.ToKey()); issuerPublicKey = rsa1.ToKey().GetPublicKey(); } using (var rsa2 = RSA.Create()) { await keys.ImportKeyAsync("rsa2", rsa2.ToKey()); publicKey = rsa2.ToKey().GetPublicKey(); } var now = DateTime.UtcNow; var leaf = await factory.CreateCertificateAsync(signer, issuerKey, X500DistinguishedNameEx.Create("CN=leaf"), publicKey, now, now + TimeSpan.FromMinutes(1), SignatureType.RS256, false, sn => { return(new List <X509Extension>()); }); } }
public ConsumerRequest(IOAuthContext context, IOAuthConsumerContext consumerContext, IToken token, ICertificateFactory clientSslCertificateFactory) { _context = context; _consumerContext = consumerContext; _token = token; _clientSslCertificateFactory = clientSslCertificateFactory; }
public static async Task RsaCertificateCreateSelfSignedTestAsync() { using (var mock = Setup()) { IKeyStore keys = mock.Create <KeyDatabase>(); IDigestSigner signer = mock.Create <KeyDatabase>(); ICertificateFactory factory = mock.Create <CertificateFactory>(); KeyHandle issuerKey; Key issuerPublicKey; using (var rsa1 = RSA.Create()) { issuerKey = await keys.ImportKeyAsync("rsa1", rsa1.ToKey(), new KeyStoreProperties { Exportable = true }); issuerPublicKey = rsa1.ToKey().GetPublicKey(); } var now = DateTime.UtcNow; var cert = await factory.CreateCertificateAsync(signer, issuerKey, X500DistinguishedNameEx.Create("CN=leaf"), issuerPublicKey, now, now + TimeSpan.FromMinutes(1), SignatureType.RS256, false, sn => { return(new List <X509Extension>()); }); var privateKey = await keys.ExportKeyAsync(issuerKey); using (cert) { var certificate = cert.ToCertificate(); Assert.True(certificate.IsSelfSigned()); Assert.Equal(certificate.GetIssuerSerialNumberAsString(), certificate.GetSerialNumberAsString()); } } }
public ConsumerRequest(IOAuthSession oauthSession, IOAuthContext context, IOAuthConsumerContext consumerContext, ICertificateFactory clientSslCertificateFactory) { _oauthSession = oauthSession; _context = context; _consumerContext = consumerContext; _clientSslCertificateFactory = clientSslCertificateFactory; }
/// <summary> /// Create factory /// </summary> /// <param name="store"></param> /// <param name="repo"></param> /// <param name="keys"></param> /// <param name="factory"></param> /// <param name="logger"></param> public CertificateIssuer(ICertificateStore store, ICertificateRepository repo, IKeyStore keys, ICertificateFactory factory, ILogger logger) { _keys = keys ?? throw new ArgumentNullException(nameof(keys)); _store = store ?? throw new ArgumentNullException(nameof(store)); _repo = repo ?? throw new ArgumentNullException(nameof(repo)); _logger = logger ?? throw new ArgumentNullException(nameof(logger)); _factory = factory ?? throw new ArgumentNullException(nameof(factory)); }
/// <summary> /// Create key vault service client /// </summary> /// <param name="config">Keyvault configuration.</param> /// <param name="provider"></param> /// <param name="certificates"></param> /// <param name="factory"></param> public KeyVaultServiceClient(ICertificateRepository certificates, ICertificateFactory factory, IKeyVaultConfig config, Auth.ITokenProvider provider) : this(certificates, factory, config, new KeyVaultClient(async(_, resource, scope) => { var token = await provider.GetTokenForAsync( resource, scope.YieldReturn()); return(token.RawToken); })) { }
/// <summary> /// Create key vault service client /// </summary> /// <param name="config">Keyvault configuration.</param> /// <param name="client"></param> /// <param name="certificates"></param> /// <param name="factory"></param> public KeyVaultServiceClient(ICertificateRepository certificates, ICertificateFactory factory, IKeyVaultConfig config, IKeyVaultClient client) { if (config == null) { throw new ArgumentNullException(nameof(config)); } _vaultBaseUrl = config.KeyVaultBaseUrl; _keyStoreIsHsm = config.KeyVaultIsHsm; _factory = factory ?? throw new ArgumentNullException(nameof(factory)); _certificates = certificates ?? throw new ArgumentNullException(nameof(certificates)); _keyVaultClient = client ?? throw new ArgumentNullException(nameof(client)); }
public SigningCredentialCertificateStorage( IConfiguration configuration, ICertificateFactory certificateFactory, ICertificateSerializer certificateSerializer = null) { _validationKeyStoragePath = configuration["SigningCredential:Storage"]; _certificateFactory = certificateFactory; _certificateSerializer = certificateSerializer ?? new SimpleCertificateSerializer(configuration); var di = new DirectoryInfo(_validationKeyStoragePath); if (!di.Exists) { di.Create(); } }
/// <summary> /// Create key vault service client /// </summary> /// <param name="config">Keyvault configuration.</param> /// <param name="serializer"></param> /// <param name="certificates"></param> /// <param name="factory"></param> /// <param name="provider"></param> public KeyVaultServiceClient(ICertificateRepository certificates, ICertificateFactory factory, IKeyVaultConfig config, IJsonSerializer serializer, ITokenProvider provider) : this(certificates, factory, config, serializer, new KeyVaultClient(async(_, resource, scope) => { if (resource != "https://vault.azure.net") { // Tunnels the resource through to the provider scope = resource + "/" + scope; } var token = await provider.GetTokenForAsync( Resource.KeyVault, scope.YieldReturn()); return(token.RawToken); })) { if (provider?.Supports(Resource.KeyVault) != true) { throw new ArgumentNullException(nameof(provider)); } }
public DefaultConsumerRequestFactory(ICertificateFactory clientSslCertificateFactory) { CertificateFactory = clientSslCertificateFactory; }
/// <summary> /// Initializes a new instance of the <see cref="ClientCertEnabledConsumerRequestFactory"/> class. /// </summary> /// <param name="certificateFactory">The certificate factory.</param> public ClientCertEnabledConsumerRequestFactory(ICertificateFactory certificateFactory) { _certificateFactory = certificateFactory; }
/// <summary> /// Initializes a new instance of the <see cref="ClientCertEnabledConsumerRequest"/> class. /// </summary> /// <param name="certificateFactory">The certificate factory.</param> /// <param name="context">The context.</param> /// <param name="consumerContext">The consumer context.</param> /// <param name="token">The token.</param> public ClientCertEnabledConsumerRequest(ICertificateFactory certificateFactory, IOAuthContext context, IOAuthConsumerContext consumerContext, IToken token) : base(context, consumerContext, token) { _certificateFactory = certificateFactory; }
public static X509Certificate2 GetClientSslCertificate() { ICertificateFactory clientSslCertificateFactory = GetClientSslCertificateFactory(); return(clientSslCertificateFactory.CreateCertificate()); }
public DefaultConsumerRequestFactory(ICertificateFactory clientSslCertificateFactory) { _clientSslCertificateFactory = clientSslCertificateFactory; }
internal static RemoteCertificateValidationCallback GetValidatorWithPredefinedCertificates(ICertificateFactory certificateFactory) => GetValidatorWithPredefinedCertificates(certificateFactory.GetCertificates());