public PkiConfigurationAdcsTemplateController(AdcsTemplateLogic templateLogic)
{
//this.configurationRepository = configurationRepository;
//this.runtimeConfigurationState = runtimeConfigurationState;
//this.adcsTemplateLogic = new AdcsTemplateLogic(configurationRepository, null);
this.adcsTemplateLogic = templateLogic;
this.http = new HttpResponseHandler(this);
this.dataTransform = new DataTransformation();
}
public void AdcsTemplateLogic_GetActiveDirectoryPublishedTemplate_ValidName_ReturnsObjectWithMatchingName()
{
string name = "ServerAuthentication-CngRsa";
AdcsTemplateLogic templateLogic = new AdcsTemplateLogic(null, activeDirectory);
AdcsCertificateTemplate template = templateLogic.GetActiveDirectoryPublishedTemplate(name, metadata);
Assert.AreEqual(name, template.Name);
}
public PrivateCertificateAuthorityController(ICertificateRepository certRepo, IConfigurationRepository configRepo, ICertificateProvider certProvider, IAuthorizationLogic authorizationLogic, IAuditLogic auditLogic, AdcsTemplateLogic templateLogic)
{
this.certificateRepository = certRepo;
this.configurationRepository = configRepo;
this.certificateProvider = certProvider;
this.authorizationLogic = authorizationLogic;
this.http = new HttpResponseHandler(this);
this.audit = auditLogic;
this.templateLogic = templateLogic;
}
public void AdcsTemplateLogic_GetActiveDirectoryPublishedTemplate_ValidNameAndCipherEdsa_ReturnsObjectWithExpectedCipherAlgorithm()
{
string name = "ServerAuthentication-CngEcdsa";
CipherAlgorithm expectedCipher = CipherAlgorithm.ECDSA;
AdcsTemplateLogic templateLogic = new AdcsTemplateLogic(null, activeDirectory);
AdcsCertificateTemplate template = templateLogic.GetActiveDirectoryPublishedTemplate(name, metadata);
Assert.AreEqual(expectedCipher, template.Cipher);
}
private void InitializeApp(IServiceCollection services, AppSettings appSettings)
{
//singleton pattern here was a huge mistake, i'm going to fix this.
LiteDbConfigurationRepository configurationRepository = new LiteDbConfigurationRepository(databaseLocator.GetConfigurationRepositoryConnectionString());
appConfig = configurationRepository.GetAppConfig();
ActiveDirectoryRepository activeDirectory = new ActiveDirectoryRepository();
EncryptionProvider cipher = new EncryptionProvider(appConfig.EncryptionKey);
services.AddSingleton <EncryptionProvider>(cipher);
services.AddSingleton <IActiveDirectoryAuthenticator>(activeDirectory);
services.AddSingleton <IActiveDirectoryRepository>(activeDirectory);
IdentityAuthenticationLogic identityAuthenticationLogic = new IdentityAuthenticationLogic(configurationRepository, activeDirectory);
services.AddSingleton <IdentityAuthenticationLogic>();
ICertificateRepository certificateRepository = new LiteDbCertificateRepository(databaseLocator.GetCertificateRepositoryConnectionString());
RuntimeCacheRepository runtimeCacheRepository = null;
LiteDbAuditRepository auditRepository = new LiteDbAuditRepository(databaseLocator.GetAuditRepositoryConnectionString());
IAuditLogic auditLogic = new AuditLogic(auditRepository, configurationRepository);
services.AddSingleton <IAuditLogic>(auditLogic);
IAuthorizationLogic authorizationLogic = new AuthorizationLogic(configurationRepository, auditLogic);
IScriptManagementLogic scriptManagement = new ScriptManagementLogic(configurationRepository, authorizationLogic);
services.AddSingleton <IScriptManagementLogic>(scriptManagement);
IPowershellEngine powershellEngine = new PowershellEngine(auditLogic, scriptManagement);
services.AddSingleton <IPowershellEngine>(powershellEngine);
RoleManagementLogic roleManagementLogic = new RoleManagementLogic(configurationRepository, authorizationLogic);
services.AddSingleton <RoleManagementLogic>(roleManagementLogic);
UserManagementLogic userManagementLogic = new UserManagementLogic(configurationRepository, authorizationLogic);
services.AddSingleton <UserManagementLogic>(userManagementLogic);
SecurityPrincipalLogic securityPrincipalLogic = new SecurityPrincipalLogic(roleManagementLogic, userManagementLogic);
services.AddSingleton <SecurityPrincipalLogic>();
AdcsTemplateLogic adcsTemplateLogic = new AdcsTemplateLogic(configurationRepository, activeDirectory);
services.AddSingleton <AdcsTemplateLogic>(adcsTemplateLogic);
services.AddSingleton <IAuthorizationLogic>(authorizationLogic);
services.AddSingleton <IConfigurationRepository>(configurationRepository);
ICertificateProvider certificateProvider = new Win32CertificateProvider();
services.AddSingleton <ICertificateProvider>(certificateProvider);
services.AddSingleton <ICertificateRepository>(certificateRepository);
ActiveDirectoryIdentityProviderLogic activeDirectoryIdentityProviderLogic = new ActiveDirectoryIdentityProviderLogic(configurationRepository);
services.AddSingleton <ActiveDirectoryIdentityProviderLogic>(activeDirectoryIdentityProviderLogic);
certificateManagementLogic = new CertificateManagementLogic(
configurationRepository,
certificateRepository,
authorizationLogic,
auditLogic,
securityPrincipalLogic,
cipher);
services.AddSingleton <CertificateManagementLogic>(certificateManagementLogic);
PrivateCertificateProcessing privateCertificateProcessing = new PrivateCertificateProcessing(certificateRepository, configurationRepository, certificateProvider, authorizationLogic, adcsTemplateLogic, auditLogic);
services.AddSingleton <IPrivateCertificateProcessing>(privateCertificateProcessing);
services.AddSingleton <NodeLogic>(new NodeLogic(configurationRepository, authorizationLogic, activeDirectoryIdentityProviderLogic, powershellEngine, auditLogic, certificateManagementLogic, privateCertificateProcessing));
services.AddSingleton <IRuntimeConfigurationState>(
new RuntimeConfigurationState(configurationRepository, runtimeCacheRepository)
{
InitialSetupComplete = initialSetupComplete
});
services.AddSingleton <IClientsideConfigurationProvider>(new ClientsideConfigurationProvider(configurationRepository));
services.AddSingleton <AnalyticsLogic>(new AnalyticsLogic(configurationRepository, certificateRepository, auditRepository));
services.AddSingleton <DataRenderingProvider>(new DataRenderingProvider());
oidcLogic = new OpenIdConnectIdentityProviderLogic(configurationRepository, authorizationLogic);
services.AddSingleton <IOpenIdConnectIdentityProviderLogic>(oidcLogic);
}
public void InitializeTest()
{
user = new Mock <ClaimsPrincipal>();
string configPath = Path.GetTempFileName();
configDb = new LiteDbConfigurationRepository(configPath);
configDb.Insert <AdcsTemplate>(new AdcsTemplate()
{
WindowsApi = WindowsApi.CryptoApi,
Cipher = CipherAlgorithm.RSA,
//Hash = HashAlgorithm.SHA256,
KeyUsage = KeyUsage.ServerAuthentication,
Name = "ServerAuthentication-CapiRsa"
});
configDb.Insert <AdcsTemplate>(new AdcsTemplate()
{
WindowsApi = WindowsApi.CryptoApi,
Cipher = CipherAlgorithm.RSA,
//Hash = HashAlgorithm.SHA256,
KeyUsage = KeyUsage.None,
Name = "NoKeyUsage-CapiRsa"
});
configDb.Insert <AdcsTemplate>(new AdcsTemplate()
{
WindowsApi = WindowsApi.Cng,
Cipher = CipherAlgorithm.RSA,
// Hash = HashAlgorithm.SHA256,
KeyUsage = KeyUsage.ServerAuthentication,
Name = "ServerAuthentication-CngRsa"
});
configDb.Insert <AdcsTemplate>(new AdcsTemplate()
{
WindowsApi = WindowsApi.Cng,
Cipher = CipherAlgorithm.RSA,
//Hash = HashAlgorithm.SHA256,
KeyUsage = KeyUsage.ServerAuthentication | KeyUsage.ClientAuthentication,
Name = "ClientServerAuthentication-CngRsa"
});
configDb.Insert <AdcsTemplate>(new AdcsTemplate()
{
WindowsApi = WindowsApi.Cng,
Cipher = CipherAlgorithm.ECDH,
//Hash = HashAlgorithm.SHA256,
KeyUsage = KeyUsage.ServerAuthentication,
Name = "ServerAuthentication-CngEcdh"
});
configDb.Insert <AdcsTemplate>(new AdcsTemplate()
{
WindowsApi = WindowsApi.Cng,
Cipher = CipherAlgorithm.ECDSA,
//Hash = HashAlgorithm.SHA256,
KeyUsage = KeyUsage.ServerAuthentication,
Name = "ServerAuthentication-CngEcdsa"
});
Logic.SecretKeyProvider secretKeyProvider = new Logic.SecretKeyProvider();
AppConfig appConfig = new AppConfig()
{
EncryptionKey = secretKeyProvider.NewSecretBase64(32)
};
configDb.SetAppConfig(appConfig);
ActiveDirectoryMetadata identitySource = new ActiveDirectoryMetadata()
{
Domain = "cm.local",
Enabled = true,
ActiveDirectoryMetadataType = ActiveDirectoryMetadataType.ActiveDirectoryBasic,
Id = Guid.NewGuid(),
Name = "cm.local",
Password = password,
Username = username,
SearchBase = "DC=cm,DC=local"
};
PrivateCertificateAuthorityConfig caConfig = new PrivateCertificateAuthorityConfig()
{
CommonName = caCommonName,
ServerName = caServerName,
HashAlgorithm = HashAlgorithm.SHA256,
Id = Guid.NewGuid(),
IdentityProviderId = identitySource.Id
};
configDb.Insert <PrivateCertificateAuthorityConfig>(caConfig);
configDb.Insert <ActiveDirectoryMetadata>(identitySource);
templateLogic = new AdcsTemplateLogic(configDb, activeDirectory);
KeyUsage keyUsage = KeyUsage.ClientAuthentication | KeyUsage.ServerAuthentication;
//AdcsTemplate config = configDb.Get<AdcsTemplate>(x => x.Cipher == CipherAlgorithm.RSA && x.WindowsApi == WindowsApi.Cng && x.KeyUsage == keyUsage).First();
//var config = configDb.GetAdcsTemplate(HashAlgorithm.SHA256, CipherAlgorithm.RSA, WindowsApi.Cng, KeyUsage.ClientAuthentication | KeyUsage.ServerAuthentication);
string certDbPath = Path.GetTempFileName();
certDb = new LiteDbCertificateRepository(certDbPath);
}
