private SshPrivateKey LoadOrCreatePrivateKey(string filename, string password, bool useRsa) { if (!File.Exists(filename)) { Log.Write(LogColor.Important, "Private key file '{0}' not found.", filename); Log.Write("Generating a new private key..."); SshPrivateKey key; if (useRsa) { // generate a 2048-bit RSA key key = SshPrivateKey.Generate(SshHostKeyAlgorithm.RSA, 2048); } else { // generate a 1024-bit DSS key key = SshPrivateKey.Generate(SshHostKeyAlgorithm.DSS, 1024); } Log.Write("Saving the {1} key to '{0}'...", Path.GetFullPath(filename), useRsa ? "RSA" : "DSS"); key.Save(filename, password, SshPrivateKeyFormat.Putty); return(key); } return(new SshPrivateKey(filename, password)); }
public static tbl_PrivateKey CreatePrivKey(IConfiguration conf, IUnitOfWork uow, tbl_User user, SshHostKeyAlgorithm keyAlgo, int privKeySize, string privKeyPass, SignatureHashAlgorithm sigAlgo, string comment) { var callPath = $"{MethodBase.GetCurrentMethod().DeclaringType.Name}.{MethodBase.GetCurrentMethod().Name}"; var privId = Guid.NewGuid(); var pubId = Guid.NewGuid(); var privStream = new MemoryStream(); var pubStream = new MemoryStream(); var keyPair = SshPrivateKey.Generate(keyAlgo, privKeySize); keyPair.Save(privStream, privKeyPass, SshPrivateKeyFormat.Pkcs8); keyPair.SavePublicKey(pubStream, SshPublicKeyFormat.Pkcs8); var privKey = uow.PrivateKeys.Create( new tbl_PrivateKey { Id = privId, PublicKeyId = pubId, IdentityId = user.IdentityId, KeyValue = Encoding.ASCII.GetString(privStream.ToArray()), KeyAlgo = keyPair.KeyAlgorithm.ToString(), KeyPass = AES.EncryptString(privKeyPass, conf["Databases:AuroraSecret"]), KeyFormat = SshPrivateKeyFormat.Pkcs8.ToString(), Enabled = true, Deletable = true, Created = DateTime.Now, LastUpdated = null, }); Log.Information($"'{callPath}' '{user.IdentityAlias}' private key algo {keyPair.KeyAlgorithm} sig {keyPair.Fingerprint.ToString(sigAlgo, false)}" + $"{Environment.NewLine}{privKey.KeyValue}"); var pubKey = uow.PublicKeys.Create( new tbl_PublicKey { Id = pubId, PrivateKeyId = privId, IdentityId = user.IdentityId, KeyValue = Encoding.ASCII.GetString(pubStream.ToArray()), KeyAlgo = keyPair.KeyAlgorithm.ToString(), KeyFormat = SshPublicKeyFormat.Pkcs8.ToString(), SigValue = keyPair.Fingerprint.ToString(sigAlgo, false), SigAlgo = sigAlgo.ToString(), Comment = comment, Enabled = true, Deletable = true, Created = DateTime.Now, LastUpdated = null, }); Log.Information($"'{callPath}' '{user.IdentityAlias}' public key algo {keyPair.KeyAlgorithm} sig {keyPair.Fingerprint.ToString(sigAlgo, false)}" + $"{Environment.NewLine}{pubKey.KeyValue}"); uow.Commit(); return(privKey); }
public static byte[] ExportPrivKey(IConfiguration conf, tbl_PrivateKey key, SshPrivateKeyFormat privKeyFormat, string privKeyPass) { var privBytes = Encoding.ASCII.GetBytes(key.KeyValue); var privStream = new MemoryStream(); var privKey = new SshPrivateKey(privBytes, AES.DecryptString(key.KeyPass, conf["Databases:AuroraSecret"])); privKey.Save(privStream, privKeyPass, privKeyFormat); return(privStream.ToArray()); }
public void ProcessAll() { var parameter = parameterHelper.GetSetting <OnboardingSettings>(); ThrowIfConfigEmpty(parameter.PgpPrivateKey, nameof(parameter.PgpPrivateKey)); ThrowIfConfigEmpty(parameter.SshPrivateKey, nameof(parameter.SshPrivateKey)); ThrowIfConfigEmpty(parameter.SshPrivateKeyPassword, nameof(parameter.SshPrivateKeyPassword)); using (var sftp = new Sftp()) { var sftpKeyStream = new MemoryStream(Encoding.UTF8.GetBytes(parameter.SshPrivateKey)); var sftpKey = new SshPrivateKey(sftpKeyStream, parameter.SshPrivateKeyPassword); Log.Information("Connecting to SFTP..."); sftp.Connect(parameter.SftpServerName); sftp.Login(parameter.SftpUserName, sftpKey); Log.Information("Login completed"); foreach (var item in sftp.GetItems("*")) { Log.Information("Found item {name}", item.Path); if (item.Name.ToLower().EndsWith(".zip.gpg") && item.IsFile) { Log.Information("Process file {fileNameWithPath}...", item.Path); var pgpKeyStream = new MemoryStream(Encoding.UTF8.GetBytes(parameter.PgpPrivateKey)); var sftpStream = new MemoryStream(); var decryptedStream = new MemoryStream(); sftp.GetFile(item.Path, sftpStream); sftpStream.Position = 0; Pgp.Decrypt(sftpStream, decryptedStream, pgpKeyStream, parameter.PgpPrivateKeyPassword); ProcessZip(decryptedStream); sftp.DeleteFile(item.Path); } } } }
public static ICollection <tbl_PrivateKey> EditPrivKeySecrets(IUnitOfWork uow, ICollection <tbl_PrivateKey> keys, string secretCurrent, string secretNew) { var privKeys = new List <tbl_PrivateKey>(); foreach (var key in keys) { var plainText = AES.DecryptString(key.KeyPass, secretCurrent); var cipherText = AES.EncryptString(plainText, secretCurrent); if (key.KeyPass != cipherText) { throw new UnauthorizedAccessException(); } var privBytes = Encoding.ASCII.GetBytes(key.KeyValue); var privStream = new MemoryStream(); var privKey = new SshPrivateKey(privBytes, plainText); SshPrivateKeyFormat keyFormat; if (!Enum.TryParse <SshPrivateKeyFormat>(key.KeyFormat, true, out keyFormat)) { throw new InvalidCastException(); } privKey.Save(privStream, plainText, keyFormat); key.KeyPass = AES.EncryptString(plainText, secretNew); key.LastUpdated = DateTime.Now; uow.PrivateKeys.Update(key); privKeys.Add(key); } uow.Commit(); return(privKeys); }
public static tbl_PrivateKey ImportPrivKey(IConfiguration conf, IUnitOfWork uow, tbl_User user, string privKeyPass, SignatureHashAlgorithm sigAlgo, string comment, FileInfo inputFile) { var callPath = $"{MethodBase.GetCurrentMethod().DeclaringType.Name}.{MethodBase.GetCurrentMethod().Name}"; tbl_PrivateKey pubKey = null; var keyPair = new SshPrivateKey(inputFile.FullName, privKeyPass); var privId = Guid.NewGuid(); var pubId = Guid.NewGuid(); var privStream = new MemoryStream(); var pubStream = new MemoryStream(); keyPair.Save(privStream, privKeyPass, SshPrivateKeyFormat.Pkcs8); keyPair.SavePublicKey(pubStream, SshPublicKeyFormat.Pkcs8); var privKeyValue = Encoding.ASCII.GetString(privStream.ToArray()); var pubKeyValue = Encoding.ASCII.GetString(pubStream.ToArray()); var privKeyFound = uow.PrivateKeys.Get(QueryExpressionFactory.GetQueryExpression <tbl_PrivateKey>() .Where(x => x.Id == user.IdentityId && x.KeyValue == privKeyValue).ToLambda()) .SingleOrDefault(); var pubKeyFound = uow.PublicKeys.Get(QueryExpressionFactory.GetQueryExpression <tbl_PublicKey>() .Where(x => x.Id == user.IdentityId && x.KeyValue == pubKeyValue).ToLambda()) .SingleOrDefault(); if (privKeyFound == null && pubKeyFound == null) { uow.PrivateKeys.Create( new tbl_PrivateKey { Id = privId, PublicKeyId = pubId, IdentityId = user.IdentityId, KeyValue = privKeyValue, KeyAlgo = keyPair.KeyAlgorithm.ToString(), KeyPass = AES.EncryptString(privKeyPass, conf["Databases:AuroraSecret"]), KeyFormat = SshPrivateKeyFormat.Pkcs8.ToString(), Enabled = true, Deletable = true, Created = DateTime.Now, LastUpdated = null, }); Log.Information($"'{callPath}' '{user.IdentityAlias}' private key algo {keyPair.KeyAlgorithm} sig {keyPair.Fingerprint.ToString(sigAlgo, false)}" + $"{Environment.NewLine}{privKeyValue}"); uow.PublicKeys.Create( new tbl_PublicKey { Id = pubId, PrivateKeyId = privId, IdentityId = user.IdentityId, KeyValue = pubKeyValue, KeyAlgo = keyPair.KeyAlgorithm.ToString(), KeyFormat = SshPublicKeyFormat.Pkcs8.ToString(), SigValue = keyPair.Fingerprint.ToString(sigAlgo, false), SigAlgo = sigAlgo.ToString(), Comment = comment, Enabled = true, Deletable = true, Created = DateTime.Now, LastUpdated = null, }); Log.Information($"'{callPath}' '{user.IdentityAlias}' public key algo {keyPair.KeyAlgorithm} sig {keyPair.Fingerprint.ToString(sigAlgo, false)}" + $"{Environment.NewLine}{pubKeyValue}"); } else if (privKeyFound != null && pubKeyFound == null) { uow.PublicKeys.Create( new tbl_PublicKey { Id = pubId, PrivateKeyId = privKeyFound.Id, IdentityId = user.IdentityId, KeyValue = pubKeyValue, KeyAlgo = keyPair.KeyAlgorithm.ToString(), KeyFormat = SshPublicKeyFormat.Pkcs8.ToString(), SigValue = keyPair.Fingerprint.ToString(sigAlgo, false), SigAlgo = sigAlgo.ToString(), Comment = comment, Enabled = true, Deletable = true, Created = DateTime.Now, LastUpdated = null, }); Log.Information($"'{callPath}' '{user.IdentityAlias}' public key algo {keyPair.KeyAlgorithm} sig {keyPair.Fingerprint.ToString(sigAlgo, false)}" + $"{Environment.NewLine}{pubKeyValue}"); } else if (privKeyFound == null && pubKeyFound != null) { uow.PrivateKeys.Create( new tbl_PrivateKey { Id = privId, PublicKeyId = pubKeyFound.Id, IdentityId = user.IdentityId, KeyValue = privKeyValue, KeyAlgo = keyPair.Fingerprint.ToString(sigAlgo, false).ToString(), KeyPass = AES.EncryptString(privKeyPass, conf["Databases:AuroraSecret"]), Enabled = true, Deletable = true, Created = DateTime.Now, LastUpdated = null, }); Log.Information($"'{callPath}' '{user.IdentityAlias}' private key algo {keyPair.KeyAlgorithm} sig {keyPair.Fingerprint.ToString(sigAlgo, false)}" + $"{Environment.NewLine}{privKeyValue}"); } uow.Commit(); return(pubKey); }