Esempio n. 1
0
        private static void ReEncryptFile()
        {
            string      oldAliasName = string.Empty;
            string      newAliasName = string.Empty;
            string      infile       = string.Empty;
            X509Alias   OldAlias     = null;
            X509Alias   NewAlias     = null;
            X509Context OldContext   = null;
            X509Context NewContext   = null;

            try
            {
                oldAliasName = SelectedMode.GetString(Parameter.OldAlias.ID);
                newAliasName = SelectedMode.GetString(Parameter.NewAliasReEnc.ID);
                OldContext   = SelectedMode.GetContext(Parameter.OldContext.ID);
                NewContext   = SelectedMode.GetContext(Parameter.NewContext.ID);
                infile       = SelectedMode.GetString(Parameter.InReEncFile.ID);

                OldAlias = new X509Alias(oldAliasName, OldContext);
                NewAlias = new X509Alias(newAliasName, NewContext);
                X509Utils.ReEncryptFile(OldAlias, NewAlias, infile);

                ConsoleMessage($"The file {infile.InQuotes()} was successfully re-encrypted using the X509Crypto alias {newAliasName.InQuotes()} located in the {NewContext.Name.InQuotes()} {nameof(X509Context)}");
            }
            catch (Exception ex)
            {
                throw new X509CryptoException(@"Unable to re-encrypt the specified file", ex);
            }
        }
Esempio n. 2
0
        static void EncryptText()
        {
            bool        secretAdded = false;
            string      ciphertext  = string.Empty;
            string      outfile     = string.Empty;
            string      aliasName   = string.Empty;
            string      secretName  = string.Empty;
            string      plaintext   = string.Empty;
            X509Context Context     = null;

            try
            {
                aliasName = SelectedMode.GetString(Parameter.AliasEnc.ID);
                Context   = SelectedMode.GetContext(Parameter.Context.ID);
                plaintext = SelectedMode.GetString(Parameter.InEncText.ID);
                using (X509Alias Alias = new X509Alias(aliasName, Context))
                {
                    if (Parameter.SecretEnc.IsDefined)
                    {
                        secretName  = SelectedMode.GetString(Parameter.SecretEnc.ID);
                        ciphertext  = Alias.EncryptText(plaintext);
                        secretAdded = Util.AddSecret(secretName, ciphertext, Alias);
                    }
                }

                if (!secretAdded)
                {
                    WriteOutput(ciphertext, Parameter.OutEncText.ID, Samples.Ciphertext);
                }
            }
            catch (Exception ex)
            {
                throw new X509CryptoException($"An exception occurred when attempting to export the {nameof(X509Alias)}", ex);
            }
        }
 public X509AliasDescription(X509Alias Alias)
 {
     AliasName  = Alias.Name;
     Thumbprint = Alias.Thumbprint;
     Subject    = Alias.Certificate.Subject;
     Expires    = Alias.Certificate.NotAfter;
 }
Esempio n. 4
0
        private static void ImportAlias()
        {
            try
            {
                string      aliasName         = Parameter.AliasToImport.IsDefined ? SelectedMode.GetString(Parameter.AliasToImport.ID) : string.Empty;
                string      inFile            = SelectedMode.GetString(Parameter.InImportAlias.ID);
                bool        overwriteExisting = SelectedMode.GetBool(Parameter.OverWriteExistingAlias.ID);
                X509Context Context           = SelectedMode.GetContext(Parameter.Context.ID);

                X509Alias AliasToImport = X509Alias.Import(inFile, Context, aliasName);
                if (!overwriteExisting && X509Alias.AliasExists(AliasToImport))
                {
                    throw new X509AliasAlreadyExistsException(AliasToImport);
                }
                AliasToImport.Commit();
                ConsoleMessage($"{nameof(X509Alias)} {AliasToImport.Name.InQuotes()} has been successfully imported into the {Context.Name} {nameof(X509Context)} from the file {inFile.InQuotes()}");

                if (!X509CryptoAgent.CertificateExists(AliasToImport))
                {
                    ConsoleWarning($"An encryption certificate with thumbprint {AliasToImport.Thumbprint.InQuotes()} could not be found in the {Context.Name} {nameof(X509Context)}. Ensure this certificate is installed on the system before using this alias.");
                }
            }
            catch (Exception ex)
            {
                if (ex is X509AliasAlreadyExistsException)
                {
                    throw;
                }
                else
                {
                    throw new X509CryptoException(@"Unable to import the specified alias", ex);
                }
            }
        }
Esempio n. 5
0
        private static void ExportAlias()
        {
            string aliasName = string.Empty;
            string outfile   = string.Empty;

            try
            {
                aliasName = SelectedMode.GetString(Parameter.AliasToExport.ID);
                outfile   = SelectedMode.GetString(Parameter.OutExportAlias.ID);
                bool        overwriteExisting = SelectedMode.GetBool(Parameter.OverWriteExistingFile.ID);
                X509Context Context           = SelectedMode.GetContext(Parameter.Context.ID);

                X509Alias Alias = new X509Alias(aliasName, Context);
                Alias.Export(ref outfile, includeCert: true, overwriteExisting);
                ConsoleMessage($"{nameof(X509Alias)} aliasName was successfully exported to file {outfile.InQuotes()}");
            }
            catch (FileNotFoundException)
            {
                throw;
            }
            catch (X509CryptoException)
            {
                throw;
            }
            catch (Exception ex)
            {
                throw new X509CryptoException($"An exception occurred when attempting to export the {nameof(X509Alias)}", ex);
            }
        }
Esempio n. 6
0
        private static void UpdateAlias()
        {
            try
            {
                string      aliasName     = SelectedMode.GetString(Parameter.AliasToUpdate.ID);
                string      newThumbprint = SelectedMode.GetString(Parameter.Thumbprint.ID);
                X509Context OldContext    = SelectedMode.GetContext(Parameter.OldContext.ID);
                X509Context NewContext    = SelectedMode.GetContext(Parameter.NewContext.ID, OldContext);

                if (!X509CryptoAgent.CertificateExists(newThumbprint, NewContext))
                {
                    throw new X509CryptoCertificateNotFoundException(newThumbprint, NewContext);
                }

                X509Alias Alias = new X509Alias(aliasName, OldContext);
                Alias.ReEncrypt(newThumbprint, NewContext);
                Alias.Commit();
                ConsoleMessage($"{nameof(X509Alias)} {aliasName} successfully updated. Now using encryption certificate with thumbprint {newThumbprint} from the {NewContext.Name} {nameof(X509Context)}");
            }
            catch (Exception ex)
            {
                if (ex is X509CryptoCertificateNotFoundException)
                {
                    throw;
                }
                else
                {
                    throw new X509CryptoException(@"Unable to update the specified alias", ex);
                }
            }
        }
Esempio n. 7
0
        private void DoWork()
        {
            Console.WriteLine($"Path: {Path}");
            var Context = X509Context.Select(Location, true);
            var Alias   = Context.GetAliases(true).FirstOrDefault(p => p.Name.Matches(Name));

            if (null != Alias)
            {
                if (!Overwrite || !Util.WarnConfirm($"An existing {nameof(X509Alias)} with the name {Name.InQuotes()} exists in the {Context.Name} {nameof(X509Context)}. OK to overwrite?", Constants.Affirm))
                {
                    throw new X509CryptoException($"Could not import the certificate. An {nameof(X509Alias)} with the name {Name.InQuotes()} exists in the {Context.Name} {nameof(X509Context)}");
                }
            }

            var           PfxPassword = Util.GetPassword($"Enter the password to unlock {System.IO.Path.GetFileName(Path).InQuotes()}", 0);
            var           thumbprint  = X509Utils.InstallCert(Path, PfxPassword, Context);
            StringBuilder Expression  = new StringBuilder($"Added encryption certificate to the {Context.Name} {nameof(X509Context)}. \r\nCertificate Thumbprint: {thumbprint}");

            if (null != Alias && Alias.HasCert(Context))
            {
                Alias.ReEncrypt(thumbprint, Context);
                Expression.AppendLine($"\r\nAll secrets contained in the existing {nameof(X509Alias)} {Alias.Name.InQuotes()} have been re-encrypted using the new certificate.");
            }
            else
            {
                Alias = new X509Alias(Name, thumbprint, Context, false);
                Alias.Commit();
                Expression.Append($"\r\n             {nameof(X509Alias)}: {Name}");
            }

            Util.ConsoleMessage(Expression.ToString());
            Result = Alias;
        }
Esempio n. 8
0
        private void DoWork()
        {
            context = X509Context.Select(Location, true);
            X509Alias Alias = new X509Alias(Name, context);

            Result = Alias;
            Console.WriteLine($"Alias {Name.InQuotes()} has been loaded from the {context.Name.InQuotes()} {nameof(X509Context)}");
        }
Esempio n. 9
0
        static void Main(string[] args)
        {
            var OldAlias = new X509Alias(@"exporttest", X509Context.UserFull);
            var NewAlias = new X509Alias(@"updateSample", X509Context.UserFull);

            OldAlias.EncryptFile(@"P:\_temp\test.docx", @"P:\_temp\test.docx.ctx");
            NewAlias.ReEncryptFile(@"P:\_temp\test.docx.ctx", OldAlias);
        }
        private void DoWork()
        {
            string name = Alias.Name;

            Alias.Dispose();
            Alias = null;
            Console.WriteLine($"{nameof(X509Alias)} {name.InQuotes()} has been dismounted.");
            Result = true;
        }
Esempio n. 11
0
        private static void EncryptFile()
        {
            int         wipeTimesToWrite  = 0;
            string      inFile            = string.Empty;
            string      outfile           = string.Empty;
            string      aliasName         = string.Empty;
            bool        overwriteExisting = false;
            X509Context Context           = null;

            try
            {
                inFile = SelectedMode.GetString(Parameter.InEncFile.ID);
                if (Parameter.OutEncFile.IsDefined)
                {
                    outfile = SelectedMode.GetString(Parameter.OutEncFile.ID);
                }
                else
                {
                    outfile = $"{inFile}{FileExtensions.Ciphertext}";
                }

                overwriteExisting = SelectedMode.GetBool(Parameter.OverWriteExistingFile.ID);
                Util.CheckForExistingFile(outfile, overwriteExisting, Parameter.OverWriteExistingFile.Name, Constants.Affirm);

                if (Parameter.Wipe.IsDefined)
                {
                    if (!Util.WarnConfirm($"You have included the {Parameter.Wipe.Name.InQuotes()} argument. This will permanently delete the file {inFile.InQuotes()} from disk.", Constants.Affirm))
                    {
                        return;
                    }
                    else
                    {
                        wipeTimesToWrite = SelectedMode.GetInt(Parameter.Wipe.ID);
                    }
                }

                aliasName = SelectedMode.GetString(Parameter.AliasEnc.ID);
                Context   = SelectedMode.GetContext(Parameter.Context.ID);
                using (X509Alias Alias = new X509Alias(aliasName, Context))
                {
                    Alias.EncryptFile(inFile, outfile, wipeTimesToWrite);
                }
                StringBuilder Expression = new StringBuilder($"The file {inFile.InQuotes()} was successfully encrypted. The ciphertext file name is {outfile.InQuotes()}");
                if (Parameter.Wipe.IsDefined)
                {
                    Expression.Append($"\r\nThe plaintext file has also been erased from disk");
                }
                ConsoleMessage(Expression.ToString());
            }
            catch (Exception ex)
            {
                throw new X509CryptoException(@"Unable to encrypt the specified file", ex);
            }
        }
Esempio n. 12
0
        private void DoWork()
        {
            context = X509Context.Select(Location, true);
            if (string.IsNullOrEmpty(Thumbprint))
            {
                Thumbprint = MakeCert();
            }

            X509Alias Alias = new X509Alias(Name, Thumbprint, context, true);

            Alias.Commit();
            Result = Alias;
            Console.WriteLine($"New alias {Name.InQuotes()} committed to {context.Name.InQuotes()} {nameof(X509Context)}\r\nThumbprint: {Alias.Thumbprint}");
        }
Esempio n. 13
0
 private static void AddAlias()
 {
     try
     {
         string      thumbprint = SelectedMode.GetString(Parameter.Thumbprint.ID);
         string      aliasName  = SelectedMode.GetString(Parameter.AliasToAdd.ID);
         X509Context Context    = SelectedMode.GetContext(Parameter.Context.ID);
         X509Alias   NewAlias   = new X509Alias(aliasName, thumbprint, Context, AllowExistingAlias.No);
         NewAlias.Commit();
         ConsoleMessage($"New {nameof(X509Alias)} {aliasName.InQuotes()} was created in the {Context.Name} {nameof(X509Context)} using certificate with thumbprint {thumbprint.InQuotes()}");
     }
     catch (Exception ex)
     {
         throw new X509CryptoException(@"An exception occurred. The new alias could not be created.", ex);
     }
 }
Esempio n. 14
0
        private void DoWork()
        {
            if (aliasSet)
            {
                if (contextSet || thumbprintSet)
                {
                    throw new ParameterBindingException($"Either the {nameof(Alias).InQuotes()} parameter or the {nameof(Location).InQuotes()} and {nameof(Thumbprint).InQuotes()} parameters must be set.");
                }
            }
            else
            {
                if (!(contextSet && thumbprintSet))
                {
                    throw new ParameterBindingException($"Either the {nameof(Alias).InQuotes()} parameter or the {nameof(Location).InQuotes()} and {nameof(Thumbprint).InQuotes()} parameters must be set.");
                }
            }

            if (!aliasSet)
            {
                Alias = new X509Alias(string.Empty, Thumbprint, Context, false);
            }

            if (!System.IO.Path.GetExtension(Path).Matches(FileExtensions.Pfx))
            {
                path = $"{path}{FileExtensions.Pfx}";
            }

            if (File.Exists(Path))
            {
                if (Overwrite || Util.WarnConfirm($"The specified file {Path.InQuotes()} already exists. Do you wish to overwrite it?", Constants.Affirm))
                {
                    X509Utils.DeleteFile(Path, confirmDelete: true);
                }
                else
                {
                    throw new X509CryptoException($"The specified file {Path.InQuotes()} already exists.");
                }
            }

            var Password = Util.GetPassword(@"Enter a strong password (needed to unlock the .pfx file)", Constants.MinimumPasswordLength, true);

            X509CryptoAgent.ExportPFX(Alias.Thumbprint, Alias.Context, Path, Password.Plaintext());
            Util.ConsoleMessage($"Encryption certificate with thumbprint {Alias.Thumbprint} from the {Alias.Context.Name} {nameof(X509Context)} has been exported to the file {Path.InQuotes()}");
            Result = new FileInfo(Path);
        }
Esempio n. 15
0
        private static void RemoveAlias()
        {
            try
            {
                string      aliasName = SelectedMode.GetString(Parameter.AliasToRemove.ID);
                X509Context Context   = SelectedMode.GetContext(Parameter.Context.ID);

                if (Util.WarnConfirm($"This will ERASE the {nameof(X509Alias)} {aliasName.InQuotes()} from the {Context.Name} {nameof(X509Context)} on this computer.", Constants.Affirm))
                {
                    X509Alias AliasToRemove = new X509Alias(aliasName, Context);
                    AliasToRemove.Remove();
                    ConsoleMessage($"{nameof(X509Alias)} {aliasName.InQuotes()} was removed from the {Context.Name} {nameof(X509Context)}.");
                }
            }
            catch (Exception ex)
            {
                throw new X509CryptoException(@"Unable to remove the specified alias", ex);
            }
        }
Esempio n. 16
0
        private void DoWork()
        {
            var Context       = X509Context.Select(Location, true);
            var AliasToImport = X509Alias.Import(Path, Context, Name);

            if (!Overwrite && X509Alias.AliasExists(AliasToImport))
            {
                throw new X509AliasAlreadyExistsException(AliasToImport);
            }
            AliasToImport.Commit();

            Util.ConsoleMessage($"{nameof(X509Alias)} {AliasToImport.Name.InQuotes()} has been successfully imported into the {Context.Name} {nameof(X509Context)} from the file {Path.InQuotes()}");

            if (!X509CryptoAgent.CertificateExists(AliasToImport))
            {
                Util.ConsoleWarning($"An encryption certificate with thumbprint {AliasToImport.Thumbprint.InQuotes()} could not be found in the {Context.Name} {nameof(X509Context)}. Ensure this certificate is installed on the system before using this alias.");
            }

            Result = AliasToImport;
        }
Esempio n. 17
0
        private static void ReEncryptText()
        {
            bool        secretAdded     = false;
            string      oldCiphertext   = string.Empty;
            string      newCiphertext   = string.Empty;
            string      oldAliasName    = string.Empty;
            string      targetAliasName = string.Empty;
            string      secretName      = string.Empty;
            string      outfile         = string.Empty;
            X509Context OldContext      = null;
            X509Context TargetContext   = null;
            X509Alias   OldAlias        = null;
            X509Alias   TargetAlias     = null;

            try
            {
                oldAliasName    = SelectedMode.GetString(Parameter.OldAlias.ID);
                targetAliasName = SelectedMode.GetString(Parameter.NewAlias.ID);
                OldContext      = SelectedMode.GetContext(Parameter.OldContext.ID);
                TargetContext   = SelectedMode.GetContext(Parameter.TargetContext.ID);
                OldAlias        = new X509Alias(oldAliasName, OldContext);
                TargetAlias     = new X509Alias(targetAliasName, TargetContext);
                newCiphertext   = TargetAlias.ReEncryptSecret(secretName, OldAlias);

                if (Parameter.SecretReEnc.IsDefined)
                {
                    secretName  = SelectedMode.GetString(Parameter.SecretReEnc.ID);
                    secretAdded = Util.AddSecret(secretName, newCiphertext, TargetAlias);
                }

                if (!secretAdded)
                {
                    WriteOutput(newCiphertext, Parameter.OutEncText.ID, Samples.Ciphertext);
                }
            }
            catch (Exception ex)
            {
                ConsoleError(new X509CryptoException(@"Unable to re-encrypt the specified expression", ex), SelectedMode.Usage(SelectedCommand.Name, InCli));
            }
        }
Esempio n. 18
0
        static void DecryptText()
        {
            string      plaintext  = string.Empty;
            string      ciphertext = string.Empty;
            string      outfile    = string.Empty;
            string      aliasName  = string.Empty;
            string      secretName = string.Empty;
            X509Context Context    = null;

            try
            {
                if (!(Parameter.SecretDec.IsDefined ^ Parameter.InDecText.IsDefined))
                {
                    throw new X509CryptoException($"Either {Parameter.SecretDec.Name.InQuotes()} or {Parameter.InDecText.Name.InQuotes()} must be defined, but not both.");
                }

                aliasName = SelectedMode.GetString(Parameter.AliasDec.ID);
                Context   = SelectedMode.GetContext(Parameter.Context.ID);
                using (X509Alias Alias = new X509Alias(aliasName, Context))
                {
                    if (Parameter.SecretDec.IsDefined)
                    {
                        secretName = SelectedMode.GetString(Parameter.SecretDec.ID);
                        plaintext  = Alias.RecoverSecret(secretName);
                    }
                    else
                    {
                        ciphertext = SelectedMode.GetString(Parameter.InDecText.ID);
                        plaintext  = Alias.DecryptText(ciphertext);
                    }
                }

                WriteOutput(plaintext, Parameter.OutDecText.ID, Samples.Plaintext);
            }
            catch (Exception ex)
            {
                throw new X509CryptoException(@"Unable to decrypt the specified expression or secret", ex);
            }
        }
Esempio n. 19
0
        private static bool CreateAlias(string aliasName, string thumbprint, X509Context Context)
        {
            X509Alias Alias = null;

            try
            {
                Alias = new X509Alias(aliasName, thumbprint, Context, true);
                Alias.Commit();
                return(true);
            }
            catch (X509AliasAlreadyExistsException)
            {
                if (Util.WarnConfirm($"{nameof(X509Alias)} {aliasName.InQuotes()} already exists. Do you wish to overwrite it?", Constants.Affirm))
                {
                    Alias = new X509Alias(aliasName, thumbprint, Context, false);
                    Alias.Commit();
                    return(true);
                }
                else
                {
                    return(false);
                }
            }
        }
Esempio n. 20
0
        private static void DumpAlias()
        {
            string      output    = string.Empty;
            string      aliasName = string.Empty;
            X509Context Context   = null;
            bool        reveal    = false;

            try
            {
                aliasName = SelectedMode.GetString(Parameter.AliasToDump.ID);
                Context   = SelectedMode.GetContext(Parameter.Context.ID);
                reveal    = SelectedMode.GetBool(Parameter.Reveal.ID);

                using (X509Alias Alias = new X509Alias(aliasName, Context))
                {
                    output = SelectedMode.OutputType == Output.File ? Alias.DumpSecrets(SecretDumpFormat.CommaSeparated, reveal) : Alias.DumpSecrets(SecretDumpFormat.Text, reveal);
                }
                WriteOutput(output, Parameter.OutDumpAlias.ID);
            }
            catch (Exception ex)
            {
                throw new X509CryptoException($"Unable to dump the specified {nameof(X509Alias)}", ex);
            }
        }
Esempio n. 21
0
        private static void ExportCert()
        {
            string       outfile    = string.Empty;
            string       thumbprint = string.Empty;
            string       aliasName  = string.Empty;
            SecureString Password   = null;
            X509Context  Context    = null;
            X509Alias    Alias      = null;

            try
            {
                if (!(SelectedMode.IsParameterDefined(Parameter.AliasExportCert.ID) ^ SelectedMode.IsParameterDefined(Parameter.ThumbprintToExport.ID)))
                {
                    throw new ArgumentException($"Either {Parameter.AliasExportCert.Name} or {Parameter.ThumbprintToExport.Name} must be defined, but not both");
                }

                outfile = SelectedMode.GetString(Parameter.OutExportCert.ID);
                try
                {
                    Path.GetFullPath(outfile);
                }
                catch
                {
                    throw new IOException($"Not a valid NTFS path: {outfile}");
                }
                if (!Path.GetExtension(outfile).Matches(FileExtensions.Pfx))
                {
                    outfile = $"{outfile}{FileExtensions.Pfx}";
                }
                if (File.Exists(outfile))
                {
                    if (Util.WarnConfirm($"The specified file {outfile} already exists. Do you wish to overwrite it?", Constants.Affirm))
                    {
                        X509Utils.DeleteFile(outfile, confirmDelete: true);
                    }
                    else
                    {
                        return;
                    }
                }

                Context = SelectedMode.GetContext(Parameter.Context.ID);

                if (SelectedMode.IsParameterDefined(Parameter.AliasExportCert.ID))
                {
                    aliasName  = SelectedMode.GetString(Parameter.AliasExportCert.ID);
                    Alias      = new X509Alias(aliasName, Context);
                    thumbprint = Alias.Thumbprint;
                }
                else
                {
                    thumbprint = SelectedMode.GetString(Parameter.ThumbprintToExport.ID);
                }

                Password = Util.GetPassword(@"Enter a strong password: "******"Encryption certificate with thumbprint {thumbprint} from the {Context.Name} {nameof(X509Context)} has been exported to the file {outfile.InQuotes()}");
            }
            catch (Exception ex)
            {
                throw new X509CryptoException(@"Unable to export the specified certificate and key pair", ex);
            }
        }