public void ManageOdsAuthenticationCertStore() { try { string sentinalAuthWorkspaceKey = GetKeyVaultSecret($"{SentinelApiConfig.WorkspaceId.ToLower()}-wskey"); using (var certificateManagement = new CertificateManagement()) { var authX509Certificate2 = certificateManagement.FindCertificateByThumbprint("MY", SentinelApiConfig.CertificateThumbprint, StoreLocation.LocalMachine); if (authX509Certificate2 == null) { string agentId = Guid.NewGuid().ToString("D"); authX509Certificate2 = certificateManagement.CreateOmsSelfSignedCertificate(agentId, SentinelApiConfig.WorkspaceId); //TODO: Add in support for KeyVault if (certificateManagement.SaveCertificateToStore(authX509Certificate2, "MY", StoreLocation.LocalMachine)) { certificateManagement.RegisterWithOms(authX509Certificate2, SentinelApiConfig.WorkspaceId, sentinalAuthWorkspaceKey, SentinelApiConfig.OmsEndpointUri); SentinelApiConfig.CertificateThumbprint = authX509Certificate2.Thumbprint.ToLower(); SaveCurrentConfiguration(); authX509Certificate2 = null; } } } } catch (Exception e) { Console.WriteLine(e); } }
static SentinelWorkspaceLogHub() { string configurationFile = ConfigurationManager.AppSettings["SentinelApiConfig"]; GlobalLog.WriteToStringBuilderLog($"Loading config [{configurationFile}].", 14001); string textOfJsonConfig = File.ReadAllText(Path.Combine(SentinelWorkspacePoc.GetExecutionPath(), $"{configurationFile}")); SentinelApiConfig = JsonConvert.DeserializeObject <SentinelApiConfig>(textOfJsonConfig); // Turn on the KeyVault for use KeyVault = new KeyVault(SentinelApiConfig); // Create the processor syslogToSentinelProcessor = new SyslogToSentinelProcessor(SentinelApiConfig); // Create the storage container connection syslogToAzureBlob = new SyslogToAzureBlob(SentinelApiConfig, GetKeyVaultSecret(SentinelApiConfig.SyslogToAzureBlobStorageSecret)); eventLogProcessor = new EventLogProcessor("Security", NewEventRecord, readEventLogFileFromBeginning); using (var certificateManagement = new CertificateManagement()) { AuthX509Certificate2 = certificateManagement.FindCertificateByThumbprint("MY", SentinelApiConfig.CertificateThumbprint, StoreLocation.LocalMachine); } // Get the certificate from KeyVault string sentinalAuthCertEncoded = GetKeyVaultSecret($"{SentinelApiConfig.WorkspaceId.ToLower()}-wsid"); byte[] certFromKeyVault = Encoding.Unicode.GetBytes(sentinalAuthCertEncoded); // AuthX509Certificate2 = new X509Certificate2(certFromKeyVault, "SecurePassword", X509KeyStorageFlags.Exportable); // Get the current WorkspaceKey from KeyVault sentinalAuthWorkspaceKey = GetKeyVaultSecret($"{SentinelApiConfig.WorkspaceId.ToLower()}-wskey"); }
public static void delete() { CertificateManagement cm = new CertificateManagement(); X509Certificate2 cert = cm.GetTrustedSystemPrivateCert(certPath, certPassword); HttpHandler httph = new HttpHandler(cert); string iepdType = "IAN"; int msgID = 123456789; string result = httph.GetHttpWebResponse("DELETE", "Delete", iepdType, msgID, null, null).ToString(); Console.WriteLine(result); }
public void ManageOdsAuthenticationKeyVault() { string sentinalAuthCertEncoded = GetKeyVaultSecret($"{SentinelApiConfig.WorkspaceId.ToLower()}-wsid"); string sentinalAuthWorkspaceKey = GetKeyVaultSecret($"{SentinelApiConfig.WorkspaceId.ToLower()}-wskey"); try { X509Certificate2 authX509Certificate2 = null; if (sentinalAuthCertEncoded == null) { using (var certificateManagement = new CertificateManagement()) { // Create a certificate to register with Oms string agentId = Guid.NewGuid().ToString("D"); authX509Certificate2 = certificateManagement.CreateOmsSelfSignedCertificate(agentId, SentinelApiConfig.WorkspaceId); // Register the certificate with Omc if (certificateManagement.SaveCertificateToStore(authX509Certificate2, "MY", StoreLocation.LocalMachine)) { certificateManagement.RegisterWithOms(authX509Certificate2, SentinelApiConfig.WorkspaceId, sentinalAuthWorkspaceKey, SentinelApiConfig.OmsEndpointUri); SentinelApiConfig.CertificateThumbprint = authX509Certificate2.Thumbprint.ToLower(); SaveCurrentConfiguration(); } // From byte array to string byte[] certByteArray = authX509Certificate2.GetRawCertData(); string certByteToStore = Encoding.Unicode.GetString(certByteArray, 0, certByteArray.Length); var result = KeyVault.StoreCertSecret($"{SentinelApiConfig.WorkspaceId.ToLower()}-wsid", certByteToStore).ConfigureAwait(true); var AuthX509Certificate2 = new X509Certificate2(certByteArray, string.Empty, X509KeyStorageFlags.Exportable); } } else { // From string to byte array byte[] certFromKeyVault = Encoding.Unicode.GetBytes(sentinalAuthCertEncoded); authX509Certificate2 = new X509Certificate2(certFromKeyVault, string.Empty, X509KeyStorageFlags.MachineKeySet); } } catch (Exception e) { Console.WriteLine(e); } }
public static void search() { CertificateManagement cm = new CertificateManagement(); X509Certificate2 cert = cm.GetTrustedSystemPrivateCert(certPath, certPassword); //build the attributes AttributeHolder attr = new AttributeHolder(); attr.Id = "123"; attr.IssueInstant = DateTime.Now.ToUniversalTime(); attr.ElectronicEntityId = "https://mise.agencyone.gov/"; attr.FullName = "John Doe"; attr.CitizenCodes = new List <string>() { "USA" }; attr.LEI = true; attr.PPI = true; attr.COI = true; ServiceHandler sh = new ServiceHandler(); //send the saml login - the cookie represents the session CookieContainer session = sh.SendSamlRequest(cert, attr); ServiceEndPointManager sepm = new ServiceEndPointManager(); //set up a base search URL Uri url = new Uri(sepm.BuildServiceEndPoint("Search", "IAN", "")); //Assemble the query arguments - e.g. lat/lng, etc Dictionary <string, string> qd = new Dictionary <string, string>(); qd.Add("ulat", "10"); qd.Add("ulng", "-10"); qd.Add("llat", "-10"); qd.Add("llng", "10"); TimeSpan tStart = new TimeSpan(365, 0, 0, 0); //search the past years data TimeSpan tEnd = new TimeSpan(0, 0, 30); //cover search up to 30 seconds ago (data refresh rate determination) string start = DateTime.Now.Subtract(tStart).ToUniversalTime().ToString("o"); string end = DateTime.Now.Subtract(tEnd).ToUniversalTime().ToString("o"); qd.Add("start", start); qd.Add("end", end); url = HttpExtensions.AddQuery(url, qd); XDocument result = sh.SendQueryRequest(cert, session, url.ToString(), "application/xml"); Console.WriteLine(result.ToString()); }
public static void publish() { CertificateManagement cm = new CertificateManagement(); X509Certificate2 cert = cm.GetTrustedSystemPrivateCert(certPath, certPassword); HttpHandler httph = new HttpHandler(cert); XDocument iepdDocument = new XDocument(); iepdDocument.Add(new XElement("test", "test")); //Load a valid IEPD instance here string iepdType = "IAN"; int msgID = 123456789; string result = httph.GetHttpWebResponse("PUT", "Publish", iepdType, msgID, iepdDocument, null).ToString(); Console.WriteLine(result); }
public static void retrieve() { CertificateManagement cm = new CertificateManagement(); X509Certificate2 cert = cm.GetTrustedSystemPrivateCert(certPath, certPassword); //build the attributes AttributeHolder attr = new AttributeHolder(); attr.Id = "123"; attr.IssueInstant = DateTime.Now.ToUniversalTime(); attr.ElectronicEntityId = "https://mise.agencyone.gov/"; attr.FullName = "John Doe"; attr.CitizenCodes = new List <string>() { "USA" }; attr.LEI = true; attr.PPI = true; attr.COI = true; ServiceHandler sh = new ServiceHandler(); //send the saml login - the cookie represents the session CookieContainer session = sh.SendSamlRequest(cert, attr); ServiceEndPointManager sepm = new ServiceEndPointManager(); //set up a base retrieve URL Uri url = new Uri(sepm.BuildServiceEndPoint("Retrieve", "IAN", "")); Dictionary <string, string> qd = new Dictionary <string, string>(); qd.Add("entityid", "https://mise.agencyone.gov/"); qd.Add("recordid", "123456789"); url = HttpExtensions.AddQuery(url, qd); XDocument xd = sh.SendQueryRequest(cert, session, url.ToString(), "application/xml"); Console.WriteLine(xd.ToString()); }