private bool TryGetExchangeGroupKeyForRemoteTenant(Guid externalDirectoryOrgId, out ExchangeGroupKey exchangeGroupKey, out Exception exception) { exchangeGroupKey = null; exception = null; string resourceForestFqdnByExternalDirectoryOrganizationId; try { resourceForestFqdnByExternalDirectoryOrganizationId = ADAccountPartitionLocator.GetResourceForestFqdnByExternalDirectoryOrganizationId(externalDirectoryOrgId); } catch (CannotResolveExternalDirectoryOrganizationIdException ex) { exception = ex; return(false); } if (this.remoteForestExchangeGroupKeys.TryGetValue(resourceForestFqdnByExternalDirectoryOrganizationId, out exchangeGroupKey)) { return(true); } string parentContainerDN = string.Format("{0},{1}", "CN=Microsoft,CN=Program Data", NativeHelpers.DistinguishedNameFromCanonicalName(resourceForestFqdnByExternalDirectoryOrganizationId)); exchangeGroupKey = new ExchangeGroupKey(null, "Microsoft Exchange DKM") { ParentContainerDN = parentContainerDN }; this.remoteForestExchangeGroupKeys.TryAdd(resourceForestFqdnByExternalDirectoryOrganizationId, exchangeGroupKey); return(true); }
public static string EncryptSecretWithDKM(string secretInClearText, Task.TaskErrorLoggingDelegate writeError) { if (string.IsNullOrEmpty(secretInClearText)) { throw new ArgumentNullException("secretInClearText"); } if (writeError == null) { throw new ArgumentNullException("writeError"); } ExchangeGroupKey exchangeGroupKey = new ExchangeGroupKey(null, "Microsoft Exchange DKM"); string result; try { result = exchangeGroupKey.ClearStringToEncryptedString(secretInClearText); } catch (Exception ex) { if (ex is CryptographicException || ex is InvalidDataException || exchangeGroupKey.IsDkmException(ex)) { writeError(ex, ErrorCategory.InvalidData, null); } throw; } return(result); }
public static bool TryGetDkmKey(Guid externalDirectoryOrgId, out ExchangeGroupKey exchangeGroupKey, out Exception exception) { ServerManager.InitializeIfNeeded(); exception = null; if (externalDirectoryOrgId == Guid.Empty) { exchangeGroupKey = ServerManager.instance.localForestExchangeGroupKey; return(true); } return(ServerManager.instance.TryGetExchangeGroupKeyForRemoteTenant(externalDirectoryOrgId, out exchangeGroupKey, out exception)); }
private TrustedPublishingDomainPrivateKeyProvider CreateKeyProviderAndDkmProtectKey(string tpdName, KeyInformation keyInfo, SecureString tpdFilePassword, out string dkmEncryptedPrivateKey, out object failureTarget) { failureTarget = null; byte[] bytes = this.DecryptPrivateKey(keyInfo, tpdFilePassword); ExchangeGroupKey exchangeGroupKey = new ExchangeGroupKey(null, "Microsoft Exchange DKM"); Exception ex; if (!exchangeGroupKey.TryByteArrayToEncryptedString(bytes, out dkmEncryptedPrivateKey, out ex)) { failureTarget = tpdName; throw new FailedToDkmProtectPrivateKeyException(ex); } Dictionary <string, PrivateKeyInformation> dictionary = new Dictionary <string, PrivateKeyInformation>(1, StringComparer.OrdinalIgnoreCase); PrivateKeyInformation privateKeyInformation = new PrivateKeyInformation(keyInfo.strID, keyInfo.strIDType, keyInfo.strKeyContainerName, keyInfo.nKeyNumber, keyInfo.strCSPName, keyInfo.nCSPType, dkmEncryptedPrivateKey, true); dictionary.Add(privateKeyInformation.Identity, privateKeyInformation); return(new TrustedPublishingDomainPrivateKeyProvider(null, dictionary)); }
public bool DecryptString(string encryptedPassword, out SecureString decryptedString) { bool result = false; try { ExchangeGroupKey exchangeGroupKey = new ExchangeGroupKey(this.edsPath, "Microsoft Exchange Diagnostics DKM"); decryptedString = exchangeGroupKey.EncryptedStringToSecureString(encryptedPassword); result = true; } catch (Exception ex) { decryptedString = null; Logger.LogErrorMessage("DKM query failed to decrypt due to: {0}", new object[] { ex }); } return(result); }
public bool EncryptString(string password, out string encryptedPassword) { bool result = false; try { ExchangeGroupKey exchangeGroupKey = new ExchangeGroupKey(this.edsPath, "Microsoft Exchange Diagnostics DKM"); encryptedPassword = exchangeGroupKey.ClearStringToEncryptedString(password); result = true; } catch (Exception ex) { Logger.LogErrorMessage("DKM query failed to encrypt due to: {0}", new object[] { ex }); encryptedPassword = null; } return(result); }