/// <summary>
/// Verify the certificate
/// </summary>
/// <param name="action"></param>
/// <returns></returns>
private ICryptoProviderResult Verify(ICryptoProviderAction action)
{
var tempfileSource = Path.GetTempFileName();
var tempfileTarget = Path.GetTempFileName();
File.WriteAllText(tempfileSource, action.Entity.EntityBody);
Environment.SetEnvironmentVariable("OPENSSL_CONF", "c:\\OpenSSL-Win32\\bin\\openssl.cfg");
Directory.SetCurrentDirectory("C:\\OpenSSL-Win32\\bin");
var process = System.Diagnostics.Process.Start(
"openssl.exe",
"smime -verify -in " + tempfileSource + " -CAfile C:\\OpenSSL-Win32\\bin\\demoCA\\cacert.pem -out " + tempfileTarget
);
if (process == null)
{
throw new Exception("Can not start the OpenSSL");
}
process.WaitForExit();
process.Dispose();
var result = File.ReadAllText(tempfileTarget);
File.Delete(tempfileSource);
File.Delete(tempfileTarget);
return(new CryptoProviderResult(
new CryptoProviderEntity(
"",
action.Entity.FileType
),
action,
result.Contains(action.Config["Salt"])
));
}
/// <summary>
///
/// </summary>
/// <param name="action"></param>
/// <returns></returns>
private ICryptoProviderResult Sign(ICryptoProviderAction action)
{
var tempfileTarget = Path.GetTempFileName();
var tempfileSource = Path.GetTempFileName();
File.WriteAllText(tempfileSource, action.Entity.EntityBody);
Directory.SetCurrentDirectory("C:\\OpenSSL-Win32\\bin");
var process = System.Diagnostics.Process.Start(
"openssl.exe",
"ca -out " + tempfileTarget + " -in " + tempfileSource + " -batch -passin pass:8139kroots912 -config openssl.cfg"
);
if (process == null)
{
throw new Exception("Can not start the OpenSSL");
}
process.WaitForExit();
var newcert = File.ReadAllText(tempfileTarget);
File.Delete(tempfileTarget);
File.Delete(tempfileSource);
var index = newcert.IndexOf("-----BEGIN CERTIFICATE-----", StringComparison.Ordinal);
return(new CryptoProviderResult(
new CryptoProviderEntity(
newcert.Substring(index, newcert.Length - index),
action.Entity.FileType
),
action,
(index != 0)
));
}
/// <summary>
///
/// </summary>
/// <param name="action"></param>
/// <returns></returns>
public ICryptoProviderResult Execute(ICryptoProviderAction action) {
if (!(CheckCryptoSourceCapability(action))) {
throw new Exception("This action or file type is not supports by this cryptography source");
}
return Roll(action);
}
/// <summary>
/// Verify the certificate
/// </summary>
/// <param name="action"></param>
/// <returns></returns>
private ICryptoProviderResult Verify(ICryptoProviderAction action) {
var tempfileSource = Path.GetTempFileName();
var tempfileTarget = Path.GetTempFileName();
File.WriteAllText(tempfileSource, action.Entity.EntityBody);
Environment.SetEnvironmentVariable("OPENSSL_CONF", "c:\\OpenSSL-Win32\\bin\\openssl.cfg");
Directory.SetCurrentDirectory("C:\\OpenSSL-Win32\\bin");
var process = System.Diagnostics.Process.Start(
"openssl.exe",
"smime -verify -in " + tempfileSource + " -CAfile C:\\OpenSSL-Win32\\bin\\demoCA\\cacert.pem -out " + tempfileTarget
);
if (process == null) {
throw new Exception("Can not start the OpenSSL");
}
process.WaitForExit();
process.Dispose();
var result = File.ReadAllText(tempfileTarget);
File.Delete(tempfileSource);
File.Delete(tempfileTarget);
return new CryptoProviderResult(
new CryptoProviderEntity(
"",
action.Entity.FileType
),
action,
result.Contains(action.Config["Salt"])
);
}
/// <summary>
///
/// </summary>
/// <param name="action"></param>
/// <returns></returns>
public ICryptoProviderResult Execute(ICryptoProviderAction action)
{
if (!(CheckCryptoSourceCapability(action)))
{
throw new Exception("This action or file type is not supports by this cryptography source");
}
return(Roll(action));
}
/// <summary>
/// Check that our cryptography supports needed actions and file types
/// </summary>
/// <param name="cryptoProviderAction">Crypto action</param>
/// <returns>true if all going well</returns>
private bool CheckCryptoSourceCapability(ICryptoProviderAction cryptoProviderAction) {
/*if (!CryptoSource.SupportActions.) {
return false;
}
if (!CryptoSource.SupportTypes.HasFlag(cryptoProviderAction.Entity.FileType)) {
return false;
}*/
return true;
}
/// <summary>
/// Check that our cryptography supports needed actions and file types
/// </summary>
/// <param name="cryptoProviderAction">Crypto action</param>
/// <returns>true if all going well</returns>
private bool CheckCryptoSourceCapability(ICryptoProviderAction cryptoProviderAction)
{
/*if (!CryptoSource.SupportActions.) {
* return false;
* }
*
* if (!CryptoSource.SupportTypes.HasFlag(cryptoProviderAction.Entity.FileType)) {
* return false;
* }*/
return(true);
}
/// <summary>
/// Check that our cryptography supports needed actions and file types
/// </summary>
/// <param name="cryptoProviderAction">Crypto action</param>
/// <returns>true if all going well</returns>
private bool CheckCryptoSourceCapability(ICryptoProviderAction cryptoProviderAction)
{
if (!CryptoSource.SupportActions.HasFlag(cryptoProviderAction.ActionType))
{
return(false);
}
if (!CryptoSource.SupportTypes.HasFlag(cryptoProviderAction.Entity.FileType))
{
return(false);
}
return(true);
}
/// <summary>
/// Execute
/// </summary>
/// <param name="action"></param>
/// <returns></returns>
public ICryptoProviderResult Execute(ICryptoProviderAction action) {
if (!CorrectConfiguration(action)) {
throw new Exception("Incorrect configuration");
}
switch (action.ActionType) {
case CryptoProviderActionType.Verify: return Verify(action);
case CryptoProviderActionType.Sign: return Sign(action);
case CryptoProviderActionType.GenerateCertificate: throw new NotImplementedException();
case CryptoProviderActionType.GenerateRequest: throw new NotImplementedException();
case CryptoProviderActionType.None: return null;
default: return null;
}
}
/// <summary>
/// Execute
/// </summary>
/// <param name="action"></param>
/// <returns></returns>
public ICryptoProviderResult Execute(ICryptoProviderAction action)
{
if (!CorrectConfiguration(action))
{
throw new Exception("Incorrect configuration");
}
switch (action.ActionType)
{
case CryptoProviderActionType.Verify: return(Verify(action));
case CryptoProviderActionType.Sign: return(Sign(action));
case CryptoProviderActionType.GenerateCertificate: throw new NotImplementedException();
case CryptoProviderActionType.GenerateRequest: throw new NotImplementedException();
case CryptoProviderActionType.None: return(null);
default: return(null);
}
}
/// <summary>
/// Verify the certificate
/// </summary>
/// <param name="action"></param>
/// <returns></returns>
private ICryptoProviderResult Verify(ICryptoProviderAction action)
{
var tempfileSource = Path.GetTempFileName();
var tempfileTarget = Path.GetTempFileName();
var tempfileSigner = Path.GetTempFileName();
File.WriteAllText(tempfileSource, action.Entity.EntityBody);
Environment.SetEnvironmentVariable("OPENSSL_CONF", "c:\\OpenSSL-Win32\\bin\\openssl.cfg");
Directory.SetCurrentDirectory("C:\\OpenSSL-Win32\\bin");
var process = System.Diagnostics.Process.Start(
"openssl.exe",
"smime -verify -in " + tempfileSource + " -CAfile C:\\OpenSSL-Win32\\bin\\demoCA\\cacert.pem -out " + tempfileTarget + " -signer " + tempfileSigner
);
if (process == null)
{
throw new Exception("Can not start the OpenSSL");
}
/*
* openssl smime -verify -in dec.msg -noverify -signer ./demoCA/cacert.pem5 -out textd
*
* openssl x509 -text -in ./demoCA/cacert.pem4
* */
process.WaitForExit();
process.Dispose();
/*process = System.Diagnostics.Process.Start(
* "openssl.exe",
* "x509 -text -in " + tempfileCert
* );*/
process = new Process();
process.StartInfo = new ProcessStartInfo();
process.StartInfo.FileName = "openssl.exe";
process.StartInfo.Arguments = "x509 -text -in " + tempfileSigner;
process.StartInfo.UseShellExecute = false;
process.StartInfo.RedirectStandardOutput = true;
process.Start();
if (process == null)
{
throw new Exception("Can not start the OpenSSL");
}
var sr = process.StandardOutput;
var cert = sr.ReadToEnd().ToString();
process.WaitForExit();
process.Dispose();
var result = File.ReadAllText(tempfileTarget);
var entity = new CryptoProviderEntity("", action.Entity.FileType);
var sz = cert.Substring(cert.IndexOf("Subject: C=RU, ST=moscow, O=Aktiv, OU=IT, CN=", System.StringComparison.Ordinal), cert.Length - cert.IndexOf("Subject: C=RU, ST=moscow, O=Aktiv, OU=IT, CN=", System.StringComparison.Ordinal));
var t = sz.Substring(sz.IndexOf("CN=", System.StringComparison.Ordinal) + 3,
sz.IndexOf('/') - sz.IndexOf("CN=", System.StringComparison.Ordinal) - 3);
entity.EntityMetadata["Login"] = t;
File.Delete(tempfileSource);
File.Delete(tempfileTarget);
File.Delete(tempfileSigner);
var first = result.IndexOf(':') - 2;
entity.EntityMetadata["Hash"] = result.Substring(first, result.Length - first);
return(new CryptoProviderResult(
entity,
action,
result.Contains(action.Config["Salt"])
));
}
/// <summary>
/// Real action rolling
/// </summary>
/// <param name="action"></param>
/// <returns></returns>
private ICryptoProviderResult Roll(ICryptoProviderAction action)
{
return(CryptoSource.Execute(action));
}
/// <summary>
///
/// </summary>
/// <param name="action"></param>
/// <returns></returns>
private bool CorrectConfiguration(ICryptoProviderAction action)
{
return(true);
}
/// <summary>
/// Real action rolling
/// </summary>
/// <param name="action"></param>
/// <returns></returns>
private ICryptoProviderResult Roll(ICryptoProviderAction action) {
return CryptoSource.Execute(action);
}
/// <summary>
///
/// </summary>
/// <param name="entity"></param>
/// <param name="action"></param>
/// <param name="isSuccess"></param>
public CryptoProviderResult(CryptoProviderEntity entity, ICryptoProviderAction action, bool isSuccess)
{
IsSuccess = isSuccess;
Action = action;
Entity = entity;
}
/// <summary>
///
/// </summary>
/// <param name="action"></param>
/// <returns></returns>
private ICryptoProviderResult Sign(ICryptoProviderAction action) {
var tempfileTarget = Path.GetTempFileName();
var tempfileSource = Path.GetTempFileName();
File.WriteAllText(tempfileSource, action.Entity.EntityBody);
Directory.SetCurrentDirectory("C:\\OpenSSL-Win32\\bin");
var process = System.Diagnostics.Process.Start(
"openssl.exe",
"ca -out " + tempfileTarget + " -in " + tempfileSource + " -batch -passin pass:8139kroots912 -config openssl.cfg"
);
if (process == null) {
throw new Exception("Can not start the OpenSSL");
}
process.WaitForExit();
var newcert = File.ReadAllText(tempfileTarget);
File.Delete(tempfileTarget);
File.Delete(tempfileSource);
var index = newcert.IndexOf("-----BEGIN CERTIFICATE-----", StringComparison.Ordinal);
return new CryptoProviderResult(
new CryptoProviderEntity(
newcert.Substring(index, newcert.Length - index),
action.Entity.FileType
),
action,
(index != 0)
);
}
/// <summary>
///
/// </summary>
/// <param name="entity"></param>
/// <param name="action"></param>
/// <param name="isSuccess"></param>
public CryptoProviderResult(CryptoProviderEntity entity, ICryptoProviderAction action, bool isSuccess) {
IsSuccess = isSuccess;
Action = action;
Entity = entity;
}
/// <summary>
///
/// </summary>
/// <param name="action"></param>
/// <returns></returns>
private bool CorrectConfiguration(ICryptoProviderAction action) {
return true;
}