private BouncyCastleTlsTestResult ProcessKeyExchange(TestTlsDheKeyExchange keyExchange)
{
CurveGroup group = keyExchange.DhParameters.ToGroup();
TlsVersion version = Context.ServerVersion.ToTlsVersion();
CipherSuite cipherSuite = mSecurityParameters.CipherSuite.ToCipherSuite();
SignatureHashAlgorithm signatureHashAlgorithm = keyExchange.EcSignatureAndHashAlgorithm.ToSignatureAlgorithm();
List <X509Certificate2> certificates = mPeerCertificate.ToCertificateList();
base.CleanupHandshake();
return(new BouncyCastleTlsTestResult(version, cipherSuite, group, signatureHashAlgorithm, _tlsError, _errorMessage, null, certificates));
}
private BouncyCastleTlsTestResult ProcessKeyExchange(TestTlsEcDheKeyExchange keyExchange)
{
string curveName = keyExchange.EcPublicKeyParameters.Parameters.Curve.GetType().Name.ToLower();
CurveGroup curve = curveName.ToCurve();
TlsVersion version = Context.ServerVersion.ToTlsVersion();
CipherSuite cipherSuite = mSecurityParameters.CipherSuite.ToCipherSuite();
SignatureHashAlgorithm signatureHashAlgorithm = keyExchange.EcSignatureAndHashAlgorithm.ToSignatureAlgorithm();
List <X509Certificate2> certificates = mPeerCertificate.ToCertificateList();
base.CleanupHandshake();
return(new BouncyCastleTlsTestResult(version, cipherSuite, curve, signatureHashAlgorithm, _tlsError, _errorMessage, null, certificates));
}
public override int GetHashCode()
{
unchecked
{
var hashCode = Version.GetHashCode();
hashCode = (hashCode * 397) ^ CipherSuite.GetHashCode();
hashCode = (hashCode * 397) ^ CurveGroup.GetHashCode();
hashCode = (hashCode * 397) ^ SignatureHashAlgorithm.GetHashCode();
hashCode = (hashCode * 397) ^ Error.GetHashCode();
hashCode = (hashCode * 397) ^ (ErrorDescription != null ? ErrorDescription.GetHashCode() : 0);
hashCode = (hashCode * 397) ^ (SmtpResponses != null ? SmtpResponses.GetHashCode() : 0);
return(hashCode);
}
}
public static tbl_PublicKey ImportPubKey(IUnitOfWork uow, tbl_User user,
SignatureHashAlgorithm sigAlgo, string hostname, FileInfo inputFile)
{
var callPath = $"{MethodBase.GetCurrentMethod().DeclaringType.Name}.{MethodBase.GetCurrentMethod().Name}";
tbl_PublicKey pubKeyEntity = null;
var pubKey = new SshPublicKey(inputFile.FullName);
var pubKeyStream = new MemoryStream();
pubKey.SavePublicKey(pubKeyStream, SshPublicKeyFormat.Pkcs8);
var pubKeyValue = Encoding.ASCII.GetString(pubKeyStream.ToArray());
var pubKeyFound = uow.PublicKeys.Get(QueryExpressionFactory.GetQueryExpression <tbl_PublicKey>()
.Where(x => x.Id == user.IdentityId && x.KeyValue == pubKeyValue).ToLambda());
if (pubKeyFound == null)
{
pubKeyEntity = uow.PublicKeys.Create(
new tbl_PublicKey
{
Id = Guid.NewGuid(),
IdentityId = user.IdentityId,
KeyValue = pubKeyValue,
KeyAlgo = pubKey.KeyAlgorithm.ToString(),
KeyFormat = SshPublicKeyFormat.Pkcs8.ToString(),
SigValue = pubKey.Fingerprint.ToString(sigAlgo, false),
SigAlgo = sigAlgo.ToString(),
Comment = hostname,
Enabled = true,
Deletable = true,
Created = DateTime.Now,
LastUpdated = null,
});
Log.Information($"'{callPath}' '{user.IdentityAlias}' public key algo {pubKey.KeyAlgorithm} sig {pubKey.Fingerprint.ToString(sigAlgo, false)}" +
$"{Environment.NewLine}{pubKeyValue}");
}
else
{
Log.Warning($"'{callPath}' '{user.IdentityAlias}' skip public key algo {pubKey.KeyAlgorithm} sig {pubKey.Fingerprint.ToString(sigAlgo, false)}" +
$"{Environment.NewLine}{pubKeyValue}");
}
uow.Commit();
return(pubKeyEntity);
}
/// <summary>
/// Gets the hash code
/// </summary>
/// <returns>Hash code</returns>
public override int GetHashCode()
{
unchecked // Overflow is fine, just wrap
{
int hashCode = 41;
if (FileId != null)
{
hashCode = hashCode * 59 + FileId.GetHashCode();
}
if (CertificateData != null)
{
hashCode = hashCode * 59 + CertificateData.GetHashCode();
}
if (CertificatePassword != null)
{
hashCode = hashCode * 59 + CertificatePassword.GetHashCode();
}
hashCode = hashCode * 59 + SignatureMode.GetHashCode();
hashCode = hashCode * 59 + SignatureCertificationLevel.GetHashCode();
hashCode = hashCode * 59 + SignatureHashAlgorithm.GetHashCode();
if (SignerName != null)
{
hashCode = hashCode * 59 + SignerName.GetHashCode();
}
if (Reason != null)
{
hashCode = hashCode * 59 + Reason.GetHashCode();
}
if (Location != null)
{
hashCode = hashCode * 59 + Location.GetHashCode();
}
if (ContactInfo != null)
{
hashCode = hashCode * 59 + ContactInfo.GetHashCode();
}
if (TimeStampURL != null)
{
hashCode = hashCode * 59 + TimeStampURL.GetHashCode();
}
if (TimeStampUserName != null)
{
hashCode = hashCode * 59 + TimeStampUserName.GetHashCode();
}
if (TimeStampPassword != null)
{
hashCode = hashCode * 59 + TimeStampPassword.GetHashCode();
}
hashCode = hashCode * 59 + Linearize.GetHashCode();
hashCode = hashCode * 59 + DrawSignature.GetHashCode();
hashCode = hashCode * 59 + PageNumber.GetHashCode();
hashCode = hashCode * 59 + ShowValidationMark.GetHashCode();
if (ImageData != null)
{
hashCode = hashCode * 59 + ImageData.GetHashCode();
}
if (SignatureLayout != null)
{
hashCode = hashCode * 59 + SignatureLayout.GetHashCode();
}
if (SignatureText != null)
{
hashCode = hashCode * 59 + SignatureText.GetHashCode();
}
return(hashCode);
}
}
/// <summary>
/// Returns true if PdfDigiSignParameters instances are equal
/// </summary>
/// <param name="input">Instance of PdfDigiSignParameters to be compared</param>
/// <returns>Boolean</returns>
public bool Equals(PdfDigiSignParameters input)
{
if (input == null)
{
return(false);
}
return
((
FileId == input.FileId ||
(FileId != null &&
FileId.Equals(input.FileId))
) &&
(
CertificateData == input.CertificateData ||
(CertificateData != null &&
CertificateData.Equals(input.CertificateData))
) &&
(
CertificatePassword == input.CertificatePassword ||
(CertificatePassword != null &&
CertificatePassword.Equals(input.CertificatePassword))
) &&
(
SignatureMode == input.SignatureMode ||
SignatureMode.Equals(input.SignatureMode)
) &&
(
SignatureCertificationLevel == input.SignatureCertificationLevel ||
SignatureCertificationLevel.Equals(input.SignatureCertificationLevel)
) &&
(
SignatureHashAlgorithm == input.SignatureHashAlgorithm ||
SignatureHashAlgorithm.Equals(input.SignatureHashAlgorithm)
) &&
(
SignerName == input.SignerName ||
(SignerName != null &&
SignerName.Equals(input.SignerName))
) &&
(
Reason == input.Reason ||
(Reason != null &&
Reason.Equals(input.Reason))
) &&
(
Location == input.Location ||
(Location != null &&
Location.Equals(input.Location))
) &&
(
ContactInfo == input.ContactInfo ||
(ContactInfo != null &&
ContactInfo.Equals(input.ContactInfo))
) &&
(
TimeStampURL == input.TimeStampURL ||
(TimeStampURL != null &&
TimeStampURL.Equals(input.TimeStampURL))
) &&
(
TimeStampUserName == input.TimeStampUserName ||
(TimeStampUserName != null &&
TimeStampUserName.Equals(input.TimeStampUserName))
) &&
(
TimeStampPassword == input.TimeStampPassword ||
(TimeStampPassword != null &&
TimeStampPassword.Equals(input.TimeStampPassword))
) &&
(
Linearize == input.Linearize ||
Linearize.Equals(input.Linearize)
) &&
(
DrawSignature == input.DrawSignature ||
DrawSignature.Equals(input.DrawSignature)
) &&
(
PageNumber == input.PageNumber ||
PageNumber.Equals(input.PageNumber)
) &&
(
ShowValidationMark == input.ShowValidationMark ||
ShowValidationMark.Equals(input.ShowValidationMark)
) &&
(
ImageData == input.ImageData ||
(ImageData != null &&
ImageData.Equals(input.ImageData))
) &&
(
SignatureLayout == input.SignatureLayout ||
(SignatureLayout != null &&
SignatureLayout.Equals(input.SignatureLayout))
) &&
(
SignatureText == input.SignatureText ||
(SignatureText != null &&
SignatureText.Equals(input.SignatureText))
));
}
public static tbl_PrivateKey CreatePrivKey(IConfiguration conf, IUnitOfWork uow, tbl_User user,
SshHostKeyAlgorithm keyAlgo, int privKeySize, string privKeyPass, SignatureHashAlgorithm sigAlgo, string comment)
{
var callPath = $"{MethodBase.GetCurrentMethod().DeclaringType.Name}.{MethodBase.GetCurrentMethod().Name}";
var privId = Guid.NewGuid();
var pubId = Guid.NewGuid();
var privStream = new MemoryStream();
var pubStream = new MemoryStream();
var keyPair = SshPrivateKey.Generate(keyAlgo, privKeySize);
keyPair.Save(privStream, privKeyPass, SshPrivateKeyFormat.Pkcs8);
keyPair.SavePublicKey(pubStream, SshPublicKeyFormat.Pkcs8);
var privKey = uow.PrivateKeys.Create(
new tbl_PrivateKey
{
Id = privId,
PublicKeyId = pubId,
IdentityId = user.IdentityId,
KeyValue = Encoding.ASCII.GetString(privStream.ToArray()),
KeyAlgo = keyPair.KeyAlgorithm.ToString(),
KeyPass = AES.EncryptString(privKeyPass, conf["Databases:AuroraSecret"]),
KeyFormat = SshPrivateKeyFormat.Pkcs8.ToString(),
Enabled = true,
Deletable = true,
Created = DateTime.Now,
LastUpdated = null,
});
Log.Information($"'{callPath}' '{user.IdentityAlias}' private key algo {keyPair.KeyAlgorithm} sig {keyPair.Fingerprint.ToString(sigAlgo, false)}" +
$"{Environment.NewLine}{privKey.KeyValue}");
var pubKey = uow.PublicKeys.Create(
new tbl_PublicKey
{
Id = pubId,
PrivateKeyId = privId,
IdentityId = user.IdentityId,
KeyValue = Encoding.ASCII.GetString(pubStream.ToArray()),
KeyAlgo = keyPair.KeyAlgorithm.ToString(),
KeyFormat = SshPublicKeyFormat.Pkcs8.ToString(),
SigValue = keyPair.Fingerprint.ToString(sigAlgo, false),
SigAlgo = sigAlgo.ToString(),
Comment = comment,
Enabled = true,
Deletable = true,
Created = DateTime.Now,
LastUpdated = null,
});
Log.Information($"'{callPath}' '{user.IdentityAlias}' public key algo {keyPair.KeyAlgorithm} sig {keyPair.Fingerprint.ToString(sigAlgo, false)}" +
$"{Environment.NewLine}{pubKey.KeyValue}");
uow.Commit();
return(privKey);
}
/*
* openssh uses base64 and special formatting for public keys like with "authorized_keys"
* https://man.openbsd.org/ssh-keygen
*/
public static ICollection <tbl_PublicKey> ImportPubKeyBase64(IUnitOfWork uow, tbl_User user,
SignatureHashAlgorithm sigAlgo, FileInfo inputFile)
{
var callPath = $"{MethodBase.GetCurrentMethod().DeclaringType.Name}.{MethodBase.GetCurrentMethod().Name}";
var pubKeyLines = File.ReadAllLines(inputFile.FullName);
var pubKeys = new List <tbl_PublicKey>();
foreach (var line in pubKeyLines)
{
var base64 = line.Split(' ');
switch (base64[0])
{
case "ssh-dsa":
break;
case "ssh-rsa":
break;
//case "ecdsa-sha2-nistp256":
// break;
//case "ecdsa-sha2-nistp384":
// break;
//case "ecdsa-sha2-nistp521":
// break;
//case "ssh-ed25519":
// break;
default:
{
Log.Warning($"'{callPath}' '{user.IdentityAlias}' algorithm {base64[0]} not supported");
continue;
}
}
var pubKey = new SshPublicKey(Convert.FromBase64String(base64[1]));
var pubKeyStream = new MemoryStream();
pubKey.SavePublicKey(pubKeyStream, SshPublicKeyFormat.Pkcs8);
var pubKeyValue = Encoding.ASCII.GetString(pubKeyStream.ToArray());
if (!uow.PublicKeys.Get(QueryExpressionFactory.GetQueryExpression <tbl_PublicKey>()
.Where(x => x.Id == user.IdentityId && x.KeyValue == pubKeyValue).ToLambda()).Any())
{
var newPubKey = uow.PublicKeys.Create(
new tbl_PublicKey
{
Id = Guid.NewGuid(),
IdentityId = user.IdentityId,
KeyValue = pubKeyValue,
KeyAlgo = pubKey.KeyAlgorithm.ToString(),
KeyFormat = SshPublicKeyFormat.Pkcs8.ToString(),
SigValue = pubKey.Fingerprint.ToString(sigAlgo, false),
SigAlgo = sigAlgo.ToString(),
Comment = base64[2],
Enabled = true,
Deletable = true,
Created = DateTime.Now,
LastUpdated = null,
});
pubKeys.Add(newPubKey);
Log.Information($"'{callPath}' '{user.IdentityAlias}' public key algo {pubKey.KeyAlgorithm} sig {pubKey.Fingerprint.ToString(sigAlgo, false)}" +
$"{Environment.NewLine}{pubKeyValue}");
}
else
{
Log.Warning($"'{callPath}' '{user.IdentityAlias}' skip public key algo {pubKey.KeyAlgorithm} sig {pubKey.Fingerprint.ToString(sigAlgo, false)}" +
$"{Environment.NewLine}{pubKeyValue}");
}
}
uow.Commit();
return(pubKeys);
}
public static tbl_PrivateKey ImportPrivKey(IConfiguration conf, IUnitOfWork uow, tbl_User user,
string privKeyPass, SignatureHashAlgorithm sigAlgo, string comment, FileInfo inputFile)
{
var callPath = $"{MethodBase.GetCurrentMethod().DeclaringType.Name}.{MethodBase.GetCurrentMethod().Name}";
tbl_PrivateKey pubKey = null;
var keyPair = new SshPrivateKey(inputFile.FullName, privKeyPass);
var privId = Guid.NewGuid();
var pubId = Guid.NewGuid();
var privStream = new MemoryStream();
var pubStream = new MemoryStream();
keyPair.Save(privStream, privKeyPass, SshPrivateKeyFormat.Pkcs8);
keyPair.SavePublicKey(pubStream, SshPublicKeyFormat.Pkcs8);
var privKeyValue = Encoding.ASCII.GetString(privStream.ToArray());
var pubKeyValue = Encoding.ASCII.GetString(pubStream.ToArray());
var privKeyFound = uow.PrivateKeys.Get(QueryExpressionFactory.GetQueryExpression <tbl_PrivateKey>()
.Where(x => x.Id == user.IdentityId && x.KeyValue == privKeyValue).ToLambda())
.SingleOrDefault();
var pubKeyFound = uow.PublicKeys.Get(QueryExpressionFactory.GetQueryExpression <tbl_PublicKey>()
.Where(x => x.Id == user.IdentityId && x.KeyValue == pubKeyValue).ToLambda())
.SingleOrDefault();
if (privKeyFound == null &&
pubKeyFound == null)
{
uow.PrivateKeys.Create(
new tbl_PrivateKey
{
Id = privId,
PublicKeyId = pubId,
IdentityId = user.IdentityId,
KeyValue = privKeyValue,
KeyAlgo = keyPair.KeyAlgorithm.ToString(),
KeyPass = AES.EncryptString(privKeyPass, conf["Databases:AuroraSecret"]),
KeyFormat = SshPrivateKeyFormat.Pkcs8.ToString(),
Enabled = true,
Deletable = true,
Created = DateTime.Now,
LastUpdated = null,
});
Log.Information($"'{callPath}' '{user.IdentityAlias}' private key algo {keyPair.KeyAlgorithm} sig {keyPair.Fingerprint.ToString(sigAlgo, false)}" +
$"{Environment.NewLine}{privKeyValue}");
uow.PublicKeys.Create(
new tbl_PublicKey
{
Id = pubId,
PrivateKeyId = privId,
IdentityId = user.IdentityId,
KeyValue = pubKeyValue,
KeyAlgo = keyPair.KeyAlgorithm.ToString(),
KeyFormat = SshPublicKeyFormat.Pkcs8.ToString(),
SigValue = keyPair.Fingerprint.ToString(sigAlgo, false),
SigAlgo = sigAlgo.ToString(),
Comment = comment,
Enabled = true,
Deletable = true,
Created = DateTime.Now,
LastUpdated = null,
});
Log.Information($"'{callPath}' '{user.IdentityAlias}' public key algo {keyPair.KeyAlgorithm} sig {keyPair.Fingerprint.ToString(sigAlgo, false)}" +
$"{Environment.NewLine}{pubKeyValue}");
}
else if (privKeyFound != null &&
pubKeyFound == null)
{
uow.PublicKeys.Create(
new tbl_PublicKey
{
Id = pubId,
PrivateKeyId = privKeyFound.Id,
IdentityId = user.IdentityId,
KeyValue = pubKeyValue,
KeyAlgo = keyPair.KeyAlgorithm.ToString(),
KeyFormat = SshPublicKeyFormat.Pkcs8.ToString(),
SigValue = keyPair.Fingerprint.ToString(sigAlgo, false),
SigAlgo = sigAlgo.ToString(),
Comment = comment,
Enabled = true,
Deletable = true,
Created = DateTime.Now,
LastUpdated = null,
});
Log.Information($"'{callPath}' '{user.IdentityAlias}' public key algo {keyPair.KeyAlgorithm} sig {keyPair.Fingerprint.ToString(sigAlgo, false)}" +
$"{Environment.NewLine}{pubKeyValue}");
}
else if (privKeyFound == null &&
pubKeyFound != null)
{
uow.PrivateKeys.Create(
new tbl_PrivateKey
{
Id = privId,
PublicKeyId = pubKeyFound.Id,
IdentityId = user.IdentityId,
KeyValue = privKeyValue,
KeyAlgo = keyPair.Fingerprint.ToString(sigAlgo, false).ToString(),
KeyPass = AES.EncryptString(privKeyPass, conf["Databases:AuroraSecret"]),
Enabled = true,
Deletable = true,
Created = DateTime.Now,
LastUpdated = null,
});
Log.Information($"'{callPath}' '{user.IdentityAlias}' private key algo {keyPair.KeyAlgorithm} sig {keyPair.Fingerprint.ToString(sigAlgo, false)}" +
$"{Environment.NewLine}{privKeyValue}");
}
uow.Commit();
return(pubKey);
}
public static void CheckPrivKey(IConfiguration conf, IUnitOfWork uow,
SshHostKeyAlgorithm keyAlgo, int privKeySize, string privKeyPass, SignatureHashAlgorithm sigAlgo)
{
var keyAlgoStr = keyAlgo.ToString();
var privKey = uow.PrivateKeys.Get(QueryExpressionFactory.GetQueryExpression <tbl_PrivateKey>()
.Where(x => x.KeyAlgo == keyAlgoStr && x.IdentityId == null && x.Deletable == false).ToLambda())
.SingleOrDefault();
if (privKey == null)
{
CreatePrivKey(conf, uow, keyAlgo, privKeySize, privKeyPass, sigAlgo);
}
}