public static void PersistCIK(StorSimpleCmdletBase cmdlet, string resourceId, string cik) { if (string.IsNullOrEmpty(resourceId)) { throw new ArgumentNullException("resourceId", Resources.ResourceIdMissing); } if (string.IsNullOrEmpty(cik)) { throw new Exception(Resources.CIKInvalid); } StorSimpleKeyManager mgr = cmdlet.StorSimpleClient.GetResourceContext().StorSimpleKeyManager; KeyStoreOperationStatus status = mgr.PersistCIK(cik); if (status == KeyStoreOperationStatus.PERSIST_FILE_ALREADY_EXISTS) { cmdlet.WriteWarning("Key storage operation failed with error that file already exists. Deleting and retrying"); mgr.CleanupCIK(); status = mgr.PersistCIK(cik); } // other error codes are NOT expected - those validations have been done already if (status != KeyStoreOperationStatus.PERSIST_SUCCESS) { throw new Exception(Resources.PersistSecretFailed); } }
public static string RetrieveCIK(StorSimpleCmdletBase cmdlet, string resourceId) { string cik = null; StorSimpleKeyManager mgr = cmdlet.StorSimpleClient.GetResourceContext().StorSimpleKeyManager; KeyStoreOperationStatus status = mgr.RetrieveCIK(out cik); if (status == KeyStoreOperationStatus.RETRIEVE_FILESREAM_EMPTY || status == KeyStoreOperationStatus.RETRIEVE_FILESTREAM_INVALID) { // CIK was persisted, but has been corrupted throw new Exception(Resources.PersistedCIKCorrupted); } if (status == KeyStoreOperationStatus.RETRIEVE_FILE_DOES_NOT_EXIST) { // CIK was never persisted throw new Exception(Resources.CIKNotPersisted); } // other error codes are NOT expected - those validations have been done already if (status != KeyStoreOperationStatus.RETRIEVE_SUCCESS) { throw new Exception(Resources.CIKFetchFailed); } if (string.IsNullOrEmpty(cik)) { // CIK retrieved successfully, but is NULL :( throw new Exception(Resources.PersistedCIKIsNull); } return(cik); }
/// <summary> /// Encrypt the secret /// </summary> /// <param name="secretToBeEncrypted">secret to be encrypted</param> /// <returns>encrypted secret</returns> public string EncryptSecret(string secretToBeEncrypted) { string encryptedPassword = string.Empty; KeyStoreOperationStatus status = storSimpleCryptoManager.EncryptSecretWithRakPub(secretToBeEncrypted, out encryptedPassword); if (KeyStoreOperationStatus.SUCCESS != status) { throw new Exception(Resources.ServiceSecretEncryptionFailure); } return(encryptedPassword); }
/// <summary> /// Helper method that will return an encrypted secret using rakpub. /// Fetches CIK from the keystore and uses it to get plaintext rakpub /// </summary> /// <param name="secret"></param> /// <param name="encryptedSecret"></param> /// <returns></returns> public KeyStoreOperationStatus EncryptSecretWithRakPub(string secret, out string encryptedSecret) { StorSimpleKeyManager keyManager = StorSimpleClient.GetResourceContext().StorSimpleKeyManager; encryptedSecret = null; //reading from keystore string cik = null; KeyStoreOperationStatus status = keyManager.RetrieveCIK(out cik); if (status != KeyStoreOperationStatus.RETRIEVE_SUCCESS) { return(status); } string decryptedRAKPub = GetPlainTextRAKPub(cik); //encrypt secret using RAKPub encryptedSecret = CryptoHelper.EncryptSecretRSAPKCS(secret, decryptedRAKPub); return(KeyStoreOperationStatus.SUCCESS); }