internal bool ValidateAndEncryptStorageCred(string name, string key, string endpoint, out string encryptedKey, out string thumbprint)
{
StorSimpleCryptoManager storSimpleCryptoManager = new StorSimpleCryptoManager(StorSimpleClient);
thumbprint = storSimpleCryptoManager.GetSecretsEncryptionThumbprint();
encryptedKey = null;
if (!string.IsNullOrEmpty(key))
{
//validate storage account credentials
if (!ValidStorageAccountCred(name, key, endpoint))
{
throw new ArgumentException(Resources.StorageCredentialVerificationFailureMessage);
}
WriteVerbose(Resources.StorageCredentialVerificationSuccessMessage);
WriteVerbose(Resources.EncryptionInProgressMessage);
storSimpleCryptoManager.EncryptSecretWithRakPub(key, out encryptedKey);
}
return(true);
}
public void UpdateVirtualDeviceDetails(DeviceDetails details, TimeZoneInfo timeZone, string sek, string adminPasswd, string snapshotPasswd, string cik, StorSimpleCryptoManager cryptoManager)
{
if (timeZone != null)
{
details.TimeServer.TimeZone = timeZone.StandardName;
}
// encrypt supplied secret with the device public key
var encryptedSecretKey = this.EncryptWithDevicePublicKey(details.DeviceProperties.DeviceId, sek);
details.VirtualApplianceProperties.EncodedServiceEncryptionKey = encryptedSecretKey;
// Also set the CIK before making the request - service needs it.
var encryptedCik = this.EncryptWithDevicePublicKey(details.DeviceProperties.DeviceId, cik);
details.VirtualApplianceProperties.EncodedChannelIntegrityKey = encryptedCik;
// Set the admin password
string encryptedAdminPasswd = null;
cryptoManager.EncryptSecretWithRakPub(adminPasswd, out encryptedAdminPasswd);
details.RemoteMinishellSecretInfo.MinishellSecret = encryptedAdminPasswd;
// Set the snapshot manager password
string encryptedSnapshotManagerPasswd = null;
cryptoManager.EncryptSecretWithRakPub(snapshotPasswd, out encryptedSnapshotManagerPasswd);
details.Snapshot.SnapshotSecret = encryptedSnapshotManagerPasswd;
// Set the cert thumbprint for the key used.
details.SecretEncryptionCertThumbprint = cryptoManager.GetSecretsEncryptionThumbprint();
// mark everything that we dont intend to modify as null - indicating
// to the service that there has been no change
details.AlertNotification = null;
details.Chap = null;
details.DnsServer = null;
details.NetInterfaceList = null;
details.RemoteMgmtSettingsInfo = null;
details.WebProxy = null;
}
public override void ExecuteCmdlet()
{
try
{
string deviceid = StorSimpleClient.GetDeviceId(DeviceName);
if (deviceid == null)
{
WriteVerbose(string.Format(Resources.NoDeviceFoundWithGivenNameInResourceMessage, StorSimpleContext.ResourceName, DeviceName));
WriteObject(null);
return;
}
if (EncryptionEnabled == true && string.IsNullOrEmpty(EncryptionKey))
{
throw new ArgumentNullException("EncryptionKey");
}
string encryptedKey = null;
StorSimpleCryptoManager storSimpleCryptoManager = new StorSimpleCryptoManager(StorSimpleClient);
if (EncryptionEnabled == true)
{
WriteVerbose(Resources.EncryptionInProgressMessage);
storSimpleCryptoManager.EncryptSecretWithRakPub(EncryptionKey, out encryptedKey);
}
if (string.IsNullOrEmpty(PrimaryStorageAccountCredential.InstanceId))
{
//The SAC needs to be created inline
WriteVerbose(Resources.InlineSacCreationMessage);
var sac = PrimaryStorageAccountCredential;
//validate storage account credentials
bool storageAccountPresent;
string encryptedPassword;
string thumbprint;
string endpoint = GetEndpointFromHostname(sac.Hostname);
string location = GetStorageAccountLocation(sac.Name, out storageAccountPresent);
if (!storageAccountPresent ||
!ValidateAndEncryptStorageCred(sac.Name, sac.Password, endpoint, out encryptedPassword, out thumbprint))
{
return;
}
sac.Password = encryptedPassword;
sac.PasswordEncryptionCertThumbprint = thumbprint;
sac.Location = location;
}
var dc = new DataContainerRequest
{
IsDefault = false,
Name = VolumeContainerName,
BandwidthRate = BandWidthRateInMbps,
IsEncryptionEnabled = EncryptionEnabled ?? false,
EncryptionKey = encryptedKey,
VolumeCount = 0,
PrimaryStorageAccountCredential = PrimaryStorageAccountCredential,
SecretsEncryptionThumbprint = storSimpleCryptoManager.GetSecretsEncryptionThumbprint()
};
if (WaitForComplete.IsPresent)
{
var taskStatus = StorSimpleClient.CreateDataContainer(deviceid, dc);
HandleSyncTaskResponse(taskStatus, "create");
if (taskStatus.AsyncTaskAggregatedResult == AsyncTaskAggregatedResult.Succeeded)
{
var createdDataContainer = StorSimpleClient.GetDataContainer(deviceid, VolumeContainerName);
WriteObject(createdDataContainer.DataContainerInfo);
}
}
else
{
var taskstatus = StorSimpleClient.CreateDataContainerAsync(deviceid, dc);
HandleAsyncTaskResponse(taskstatus, "create");
}
}
catch (Exception exception)
{
this.HandleException(exception);
}
}
/// <summary>
/// Gets the secrets encryption thumb print
/// </summary>
/// <returns>secret encryption thumb print</returns>
public string GetSecretsEncryptionThumbprint()
{
return(storSimpleCryptoManager.GetSecretsEncryptionThumbprint());
}