public override int Run(string[] remainingArguments)
{
var license = _uow.Settings.Get(QueryExpressionFactory.GetQueryExpression <tbl_Setting>()
.Where(x => x.ConfigKey == "RebexLicense").ToLambda()).OrderBy(x => x.Created)
.Last();
Rebex.Licensing.Key = license.ConfigValue;
AsymmetricKeyAlgorithm.Register(Curve25519.Create);
AsymmetricKeyAlgorithm.Register(Ed25519.Create);
AsymmetricKeyAlgorithm.Register(EllipticCurveAlgorithm.Create);
try
{
if (string.IsNullOrEmpty(_privKeyPass))
{
Console.Out.Write(" *** Enter password for the private key *** : ");
_privKeyPass = StandardInput.GetHiddenInput();
}
Console.Out.WriteLine();
Console.Out.WriteLine("Opened " + _path.FullName);
KeyHelper.ImportPrivKey(_conf, _uow, _privKeyPass, SignatureHashAlgorithm.SHA256, new FileInfo(_path.FullName));
return(StandardOutput.FondFarewell());
}
catch (Exception ex)
{
return(StandardOutput.AngryFarewell(ex));
}
}
public override int Run(string[] remainingArguments)
{
try
{
var license = _uow.Settings.Get(QueryExpressionFactory.GetQueryExpression <tbl_Setting>()
.Where(x => x.ConfigKey == "RebexLicense").ToLambda()).OrderBy(x => x.Created)
.Last();
Rebex.Licensing.Key = license.ConfigValue;
AsymmetricKeyAlgorithm.Register(Curve25519.Create);
AsymmetricKeyAlgorithm.Register(Ed25519.Create);
AsymmetricKeyAlgorithm.Register(EllipticCurveAlgorithm.Create);
if (string.IsNullOrEmpty(_secretCurrent))
{
Console.Out.Write(" *** Enter current secret to encrypt passwords *** : ");
_secretCurrent = StandardInput.GetHiddenInput();
}
if (string.IsNullOrEmpty(_secretNew))
{
Console.Out.Write(" *** Enter new secret to encrypt passwords *** : ");
_secretNew = StandardInput.GetHiddenInput();
}
else
{
_secretNew = AlphaNumeric.CreateString(32);
Console.Out.WriteLine($" *** The new secret to encrypt passwords is *** : {_secretNew}");
}
var keys = _uow.PrivateKeys.Get().ToList();
var creds = _uow.Credentials.Get().ToList();
Console.Out.WriteLine();
Console.Out.WriteLine(" *** Current private key pass ciphertexts *** ");
ConsoleHelper.StdOutKeyPairSecrets(keys);
Console.Out.WriteLine();
Console.Out.WriteLine(" *** Current credential password ciphertexts *** ");
ConsoleHelper.StdOutCredentialSecrets(creds);
keys = KeyHelper.EditPrivKeySecrets(_uow, keys, _secretCurrent, _secretNew).ToList();
creds = UserHelper.EditCredentialSecrets(_uow, creds, _secretCurrent, _secretNew).ToList();
Console.Out.WriteLine();
Console.Out.WriteLine(" *** New private key pass ciphertexts *** ");
ConsoleHelper.StdOutKeyPairSecrets(keys);
Console.Out.WriteLine();
Console.Out.WriteLine(" *** New credential password ciphertexts *** ");
ConsoleHelper.StdOutCredentialSecrets(creds);
return(StandardOutput.FondFarewell());
}
catch (Exception ex)
{
return(StandardOutput.AngryFarewell(ex));
}
}
public byte[] Get()
{
try
{
var path = Path.Combine(Directory.GetCurrentDirectory(), "Certificates\\DevCertRootCA.pfx");
Certificate ca = Certificate.LoadPfx(path, "", KeySetOptions.MachineKeySet);
// prepare certificate info
var info = new CertificateInfo();
// specify certificate validity range
info.EffectiveDate = DateTime.Now.AddDays(-1);
info.ExpirationDate = info.EffectiveDate.AddYears(1);
// specify certificate subject for a client certificate
info.Subject = new DistinguishedName("CN=Sample Certificate");
// specify certificate usage for a client certificate
info.Usage = KeyUses.DigitalSignature | KeyUses.KeyEncipherment | KeyUses.DataEncipherment;
// specify certificate extended usage for a client certificate
info.SetExtendedUsage(ExtendedUsageOids.ClientAuthentication, ExtendedUsageOids.EmailProtection);
// sets a unique serial number
info.SetSerialNumber(Guid.NewGuid().ToByteArray());
// use SHA-256 signature algorithm
info.SignatureHashAlgorithm = HashingAlgorithmId.SHA256;
// generate a 2048-bit RSA key for the certificate
PrivateKeyInfo privateKey;
using (var alg = new AsymmetricKeyAlgorithm())
{
alg.GenerateKey(AsymmetricKeyAlgorithmId.RSA, 2048);
privateKey = alg.GetPrivateKey();
}
// create the certificate signed by the CA certificate
PublicKeyInfo publicKey = privateKey.GetPublicKey();
Certificate certificate = CertificateIssuer.Issue(ca, info, publicKey);
// associate the private key with the certificate
certificate.Associate(privateKey);
using (CertificateStore store = new CertificateStore(CertificateStoreName.My, CertificateStoreLocation.LocalMachine))
{
store.Add(certificate);
}
using (CertificateStore store = new CertificateStore(CertificateStoreName.TrustedPeople, CertificateStoreLocation.LocalMachine))
{
store.Add(certificate);
}
var memoryStream = new MemoryStream();
certificate.Save(memoryStream, CertificateFormat.Pfx);
return(memoryStream.ToArray());
} catch (Exception ex)
{
_logger.LogError(ex.Message);
throw ex;
}
}
public async Task StartAsync(CancellationToken cancellationToken)
{
await Task.Run(() =>
{
try
{
AsymmetricKeyAlgorithm.Register(Curve25519.Create);
AsymmetricKeyAlgorithm.Register(Ed25519.Create);
AsymmetricKeyAlgorithm.Register(EllipticCurveAlgorithm.Create);
using (var scope = _factory.CreateScope())
{
var conf = scope.ServiceProvider.GetRequiredService <IConfiguration>();
var uow = scope.ServiceProvider.GetRequiredService <IUnitOfWork>();
if (!Enum.TryParse <LogLevel>(conf["Rebex:LogLevel"], true, out _level))
{
throw new InvalidCastException();
}
var license = uow.Settings.Get(QueryExpressionFactory.GetQueryExpression <tbl_Setting>()
.Where(x => x.ConfigKey == "RebexLicense").ToLambda()).OrderBy(x => x.Created)
.Last();
Rebex.Licensing.Key = license.ConfigValue;
KeyHelper.CheckPrivKey(conf, uow, SshHostKeyAlgorithm.DSS, 1024, AlphaNumeric.CreateString(32), SignatureHashAlgorithm.SHA256);
KeyHelper.CheckPrivKey(conf, uow, SshHostKeyAlgorithm.RSA, 4096, AlphaNumeric.CreateString(32), SignatureHashAlgorithm.SHA256);
KeyHelper.CheckPrivKey(conf, uow, SshHostKeyAlgorithm.ECDsaNistP256, 256, AlphaNumeric.CreateString(32), SignatureHashAlgorithm.SHA256);
KeyHelper.CheckPrivKey(conf, uow, SshHostKeyAlgorithm.ECDsaNistP384, 384, AlphaNumeric.CreateString(32), SignatureHashAlgorithm.SHA256);
KeyHelper.CheckPrivKey(conf, uow, SshHostKeyAlgorithm.ECDsaNistP521, 521, AlphaNumeric.CreateString(32), SignatureHashAlgorithm.SHA256);
KeyHelper.CheckPrivKey(conf, uow, SshHostKeyAlgorithm.ED25519, 256, AlphaNumeric.CreateString(32), SignatureHashAlgorithm.SHA256);
var secret = conf["Databases:AuroraSecret"];
var dsaStr = SshHostKeyAlgorithm.DSS.ToString();
var dsaPrivKey = uow.PrivateKeys.Get(QueryExpressionFactory.GetQueryExpression <tbl_PrivateKey>()
.Where(x => x.KeyAlgo == dsaStr && x.IdentityId == null).ToLambda()).OrderBy(x => x.Created)
.Single();
var dsaBytes = Encoding.ASCII.GetBytes(dsaPrivKey.KeyValue);
_server.Keys.Add(new SshPrivateKey(dsaBytes, AES.DecryptString(dsaPrivKey.KeyPass, secret)));
var rsaStr = SshHostKeyAlgorithm.RSA.ToString();
var rsaPrivKey = uow.PrivateKeys.Get(QueryExpressionFactory.GetQueryExpression <tbl_PrivateKey>()
.Where(x => x.KeyAlgo == rsaStr && x.IdentityId == null).ToLambda()).OrderBy(x => x.Created)
.Single();
var rsaBytes = Encoding.ASCII.GetBytes(rsaPrivKey.KeyValue);
_server.Keys.Add(new SshPrivateKey(rsaBytes, AES.DecryptString(rsaPrivKey.KeyPass, secret)));
var ecdsa256Str = SshHostKeyAlgorithm.ECDsaNistP256.ToString();
var ecdsa256PrivKey = uow.PrivateKeys.Get(QueryExpressionFactory.GetQueryExpression <tbl_PrivateKey>()
.Where(x => x.KeyAlgo == ecdsa256Str && x.IdentityId == null).ToLambda()).OrderBy(x => x.Created)
.Single();
var ecdsa256Bytes = Encoding.ASCII.GetBytes(ecdsa256PrivKey.KeyValue);
_server.Keys.Add(new SshPrivateKey(ecdsa256Bytes, AES.DecryptString(ecdsa256PrivKey.KeyPass, secret)));
var ecdsa384Str = SshHostKeyAlgorithm.ECDsaNistP384.ToString();
var ecdsa384PrivKey = uow.PrivateKeys.Get(QueryExpressionFactory.GetQueryExpression <tbl_PrivateKey>()
.Where(x => x.KeyAlgo == ecdsa384Str && x.IdentityId == null).ToLambda()).OrderBy(x => x.Created)
.Single();
var ecdsa384Bytes = Encoding.ASCII.GetBytes(ecdsa384PrivKey.KeyValue);
_server.Keys.Add(new SshPrivateKey(ecdsa384Bytes, AES.DecryptString(ecdsa384PrivKey.KeyPass, secret)));
var ecdsa521Str = SshHostKeyAlgorithm.ECDsaNistP521.ToString();
var ecdsa521PrivKey = uow.PrivateKeys.Get(QueryExpressionFactory.GetQueryExpression <tbl_PrivateKey>()
.Where(x => x.KeyAlgo == ecdsa521Str && x.IdentityId == null).ToLambda()).OrderBy(x => x.Created)
.Single();
var ecdsa521Bytes = Encoding.ASCII.GetBytes(ecdsa521PrivKey.KeyValue);
_server.Keys.Add(new SshPrivateKey(ecdsa521Bytes, AES.DecryptString(ecdsa521PrivKey.KeyPass, secret)));
var ed25519Str = SshHostKeyAlgorithm.ED25519.ToString();
var ed25519PrivKey = uow.PrivateKeys.Get(QueryExpressionFactory.GetQueryExpression <tbl_PrivateKey>()
.Where(x => x.KeyAlgo == ed25519Str && x.IdentityId == null).ToLambda()).OrderBy(x => x.Created)
.Single();
var ed25519Bytes = Encoding.ASCII.GetBytes(ed25519PrivKey.KeyValue);
_server.Keys.Add(new SshPrivateKey(ed25519Bytes, AES.DecryptString(ed25519PrivKey.KeyPass, secret)));
_binding = conf.GetSection("Daemons:SftpService:Bindings").GetChildren().Select(x => x.Value);
}
foreach (var binding in _binding)
{
var pair = binding.Split("|");
_server.Bind(new IPEndPoint(IPAddress.Parse(pair[0]), int.Parse(pair[1])), FileServerProtocol.Sftp);
#if DEBUG
_server.Bind(new IPEndPoint(IPAddress.Parse(pair[0]), int.Parse(pair[1])), FileServerProtocol.Shell);
#endif
}
_server.LogWriter = new ConsoleLogWriter(_level);
_server.Settings.AllowedAuthenticationMethods = AuthenticationMethods.PublicKey | AuthenticationMethods.Password;
_server.Settings.SshParameters.EncryptionAlgorithms = SshEncryptionAlgorithm.Any;
_server.Settings.SshParameters.EncryptionModes = SshEncryptionMode.Any;
_server.Settings.SshParameters.KeyExchangeAlgorithms = SshKeyExchangeAlgorithm.Any;
_server.Settings.SshParameters.HostKeyAlgorithms = SshHostKeyAlgorithm.Any;
_server.Settings.SshParameters.MacAlgorithms = SshMacAlgorithm.Any;
_server.Authentication += FsUser_Authentication;
_server.Connecting += FsUser_Connecting;
_server.Disconnected += FsUser_Disconnected;
_server.FileDownloaded += FsUser_FileDownloaded;
_server.FileUploaded += FsUser_FileUploaded;
_server.PreAuthentication += FsUser_PreAuthentication;
_server.Start();
}
catch (Exception ex)
{
Log.Error(ex.ToString());
}
}, cancellationToken);
}
