public void Setup() { AdcsTemplate result = null; try { result = configDb.Get <AdcsTemplate>(x => x.Cipher == CipherAlgorithm.RSA && x.WindowsApi == WindowsApi.CryptoApi && x.KeyUsage == KeyUsage.ServerAuthentication).First(); //result = configDb.GetAdcsTemplate(HashAlgorithm.SHA256, CipherAlgorithm.RSA, WindowsApi.CryptoApi, KeyUsage.ServerAuthentication); } catch { if (result == null) { configDb.Insert <AdcsTemplate>(new AdcsTemplate() { WindowsApi = WindowsApi.CryptoApi, Cipher = CipherAlgorithm.RSA, //Hash = HashAlgorithm.SHA256, KeyUsage = KeyUsage.ServerAuthentication, Name = "ServerAuthentication-CapiRsa" }); } } ActiveDirectoryMetadata idp = configDb.GetAll <ActiveDirectoryMetadata>().FirstOrDefault(); configDb.DropCollection <PrivateCertificateAuthorityConfig>(); PrivateCertificateAuthorityConfig caConfig = new PrivateCertificateAuthorityConfig() { CommonName = caCommonName, ServerName = caServerName, HashAlgorithm = HashAlgorithm.SHA256, IdentityProviderId = idp.Id }; }
public MicrosoftCertificateAuthorityOptions GetPrivateCertificateAuthorityOptions(HashAlgorithm hash) { PrivateCertificateAuthorityConfig caConfig = this.GetPrivateCertificateAuthorityConfigByHash(hash); ActiveDirectoryMetadata idp = this.Get <ActiveDirectoryMetadata>(caConfig.IdentityProviderId); MicrosoftCertificateAuthorityAuthenticationType authType; if (idp.ActiveDirectoryMetadataType == Entities.Enumerations.ActiveDirectoryMetadataType.ActiveDirectoryBasic) { authType = MicrosoftCertificateAuthorityAuthenticationType.UsernamePassword; } else { authType = MicrosoftCertificateAuthorityAuthenticationType.WindowsKerberos; } MicrosoftCertificateAuthorityOptions options = new MicrosoftCertificateAuthorityOptions() { AuthenticationRealm = idp.Domain, AuthenticationType = authType, HashAlgorithm = hash, CommonName = caConfig.CommonName, ServerName = caConfig.ServerName, Id = caConfig.Id, Password = idp.Password, Username = idp.Username }; return(options); }
public void UpdatePrivateCertificateAuthority(PrivateCertificateAuthorityConfig ca) { PrivateCertificateAuthorityConfig existingCa = configurationRepository.Get <PrivateCertificateAuthorityConfig>(ca.Id); ca.Id = existingCa.Id; configurationRepository.Update <PrivateCertificateAuthorityConfig>(ca); }
private PrivateCertificateAuthorityConfig GetPrivateCertificateAuthorityConfigByHash(HashAlgorithm hash) { LiteCollection <PrivateCertificateAuthorityConfig> col = db.GetCollection <PrivateCertificateAuthorityConfig>(privateCertificateAuthorityCollectionName); PrivateCertificateAuthorityConfig options = col.FindOne(Query.EQ("HashAlgorithm", hash.ToString())); if (options == null) { throw new ConfigurationItemNotFoundException("could not find valid ca"); } else { return(options); } }
public void AddPrivateCertificateAuthority(string serverName, string commonName, HashAlgorithm hash, Guid activeDirectoryIdentityProviderId) { if (string.IsNullOrWhiteSpace(serverName)) { throw new ArgumentNullException(nameof(serverName)); } if (string.IsNullOrWhiteSpace(commonName)) { throw new ArgumentNullException(nameof(commonName)); } PrivateCertificateAuthorityConfig ca = new PrivateCertificateAuthorityConfig() { Id = Guid.NewGuid(), CommonName = commonName, HashAlgorithm = hash, ServerName = serverName, IdentityProviderId = activeDirectoryIdentityProviderId }; configurationRepository.Insert <PrivateCertificateAuthorityConfig>(ca); }
public JsonResult AddCertificateAuthority(PrivateCertificateAuthorityConfig ca) { caConfigLogic.AddPrivateCertificateAuthority(ca); return(http.RespondSuccess(ca)); }
public void InitializeTest() { user = new Mock <ClaimsPrincipal>(); string configPath = Path.GetTempFileName(); configDb = new LiteDbConfigurationRepository(configPath); configDb.Insert <AdcsTemplate>(new AdcsTemplate() { WindowsApi = WindowsApi.CryptoApi, Cipher = CipherAlgorithm.RSA, //Hash = HashAlgorithm.SHA256, KeyUsage = KeyUsage.ServerAuthentication, Name = "ServerAuthentication-CapiRsa" }); configDb.Insert <AdcsTemplate>(new AdcsTemplate() { WindowsApi = WindowsApi.CryptoApi, Cipher = CipherAlgorithm.RSA, //Hash = HashAlgorithm.SHA256, KeyUsage = KeyUsage.None, Name = "NoKeyUsage-CapiRsa" }); configDb.Insert <AdcsTemplate>(new AdcsTemplate() { WindowsApi = WindowsApi.Cng, Cipher = CipherAlgorithm.RSA, // Hash = HashAlgorithm.SHA256, KeyUsage = KeyUsage.ServerAuthentication, Name = "ServerAuthentication-CngRsa" }); configDb.Insert <AdcsTemplate>(new AdcsTemplate() { WindowsApi = WindowsApi.Cng, Cipher = CipherAlgorithm.RSA, //Hash = HashAlgorithm.SHA256, KeyUsage = KeyUsage.ServerAuthentication | KeyUsage.ClientAuthentication, Name = "ClientServerAuthentication-CngRsa" }); configDb.Insert <AdcsTemplate>(new AdcsTemplate() { WindowsApi = WindowsApi.Cng, Cipher = CipherAlgorithm.ECDH, //Hash = HashAlgorithm.SHA256, KeyUsage = KeyUsage.ServerAuthentication, Name = "ServerAuthentication-CngEcdh" }); configDb.Insert <AdcsTemplate>(new AdcsTemplate() { WindowsApi = WindowsApi.Cng, Cipher = CipherAlgorithm.ECDSA, //Hash = HashAlgorithm.SHA256, KeyUsage = KeyUsage.ServerAuthentication, Name = "ServerAuthentication-CngEcdsa" }); Logic.SecretKeyProvider secretKeyProvider = new Logic.SecretKeyProvider(); AppConfig appConfig = new AppConfig() { EncryptionKey = secretKeyProvider.NewSecretBase64(32) }; configDb.SetAppConfig(appConfig); ActiveDirectoryMetadata identitySource = new ActiveDirectoryMetadata() { Domain = "cm.local", Enabled = true, ActiveDirectoryMetadataType = ActiveDirectoryMetadataType.ActiveDirectoryBasic, Id = Guid.NewGuid(), Name = "cm.local", Password = password, Username = username, SearchBase = "DC=cm,DC=local" }; PrivateCertificateAuthorityConfig caConfig = new PrivateCertificateAuthorityConfig() { CommonName = caCommonName, ServerName = caServerName, HashAlgorithm = HashAlgorithm.SHA256, Id = Guid.NewGuid(), IdentityProviderId = identitySource.Id }; configDb.Insert <PrivateCertificateAuthorityConfig>(caConfig); configDb.Insert <ActiveDirectoryMetadata>(identitySource); templateLogic = new AdcsTemplateLogic(configDb, activeDirectory); KeyUsage keyUsage = KeyUsage.ClientAuthentication | KeyUsage.ServerAuthentication; //AdcsTemplate config = configDb.Get<AdcsTemplate>(x => x.Cipher == CipherAlgorithm.RSA && x.WindowsApi == WindowsApi.Cng && x.KeyUsage == keyUsage).First(); //var config = configDb.GetAdcsTemplate(HashAlgorithm.SHA256, CipherAlgorithm.RSA, WindowsApi.Cng, KeyUsage.ClientAuthentication | KeyUsage.ServerAuthentication); string certDbPath = Path.GetTempFileName(); certDb = new LiteDbCertificateRepository(certDbPath); }
public void AddPrivateCertificateAuthority(PrivateCertificateAuthorityConfig ca) { ca.Id = Guid.NewGuid(); configurationRepository.Insert <PrivateCertificateAuthorityConfig>(ca); }