public async Task Execute() { if (!WindowsIdentityStuff.CurrentUserIsAdministrator()) { _Logger.LogWarning("{ManifestBatchJobName} started WITHOUT elevated privileges - errors may occur when signing content.", nameof(ManifestBatchJob)); } try { _ContentDb.BeginTransaction(); var e = await _BuilderAndFormatter.Execute(); if (e == null) { return; } _ContentDb.Add(e); _ContentDb.SaveAndCommit(); } finally { await _ContentDb.DisposeAsync(); } }
public async Task <EksEngineResult> Execute() { if (_Fired) { throw new InvalidOperationException("One use only."); } _Fired = true; var stopwatch = new Stopwatch(); stopwatch.Start(); _Logger.LogInformation("Started - JobName:{_JobName}", _JobName); if (Environment.UserInteractive && !WindowsIdentityStuff.CurrentUserIsAdministrator()) { _Logger.LogWarning("{JobName} started WITHOUT elevated privileges - errors may occur when signing content.", _JobName); } _EksEngineResult.Started = _DateTimeProvider.Snapshot; //Align with the logged job name. await ClearJobTables(); var snapshotResult = await _Snapshotter.Execute(_EksEngineResult.Started); _EksEngineResult.InputCount = snapshotResult.TekInputCount; _EksEngineResult.SnapshotSeconds = snapshotResult.SnapshotSeconds; _EksEngineResult.TransmissionRiskNoneCount = await GetTransmissionRiskNoneCount(); if (snapshotResult.TekInputCount != 0) { await Stuff(); await BuildOutput(); await CommitResults(); } _EksEngineResult.TotalSeconds = stopwatch.Elapsed.TotalSeconds; _EksEngineResult.EksInfo = _EksResults.ToArray(); _Logger.LogInformation("Reconciliation - Teks in EKSs matches usable input and stuffing - Delta:{ReconcileOutputCount}", _EksEngineResult.ReconcileOutputCount); _Logger.LogInformation("Reconciliation - Teks in EKSs matches output count - Delta:{ReconcileEksSumCount}", _EksEngineResult.ReconcileEksSumCount); _Logger.LogInformation("{JobName} complete.", _JobName); return(_EksEngineResult); }
public async Task <EksEngineResult> Execute() { if (_Fired) { throw new InvalidOperationException("One use only."); } _Fired = true; _Logger.LogInformation("Started - JobName:{_JobName}", _JobName); if (!WindowsIdentityStuff.CurrentUserIsAdministrator()) //TODO remove warning when UAC is not in play { _Logger.LogWarning("{JobName} started WITHOUT elevated privileges - errors may occur when signing content.", _JobName); } _EksEngineResult.Started = _DateTimeProvider.Snapshot; //Not strictly true but we need the jobname for the dispose. await ClearJobTables(); var snapshotResult = await _Snapshotter.Execute(_EksEngineResult.Started); _EksEngineResult.InputCount = snapshotResult.TekInputCount; _EksEngineResult.SnapshotSeconds = snapshotResult.SnapshotSeconds; _EksEngineResult.TransmissionRiskNoneCount = await GetTransmissionRiskNoneCount(); if (snapshotResult.TekInputCount != 0) { await Stuff(); await BuildOutput(); await CommitResults(); } _EksEngineResult.TotalSeconds = (_DateTimeProvider.Now() - _EksEngineResult.Started).TotalSeconds; _EksEngineResult.EksInfo = _EksResults.ToArray(); _Logger.LogInformation("Reconciliation - Teks in EKSs matches usable input and stuffing - Delta:{ReconcileOutputCount}", _EksEngineResult.ReconcileOutputCount); _Logger.LogInformation("Reconciliation - Teks in EKSs matches output count - Delta:{ReconcileEksSumCount}", _EksEngineResult.ReconcileEksSumCount); _Logger.LogInformation("{JobName} complete.", _JobName); return(_EksEngineResult); }
public byte[] GetSignature(byte[] content) { if (content == null) { throw new ArgumentNullException(nameof(content)); } var certificate = _CertificateProvider.GetCertificate(); if (!certificate.HasPrivateKey) { throw new InvalidOperationException($"Certificate does not have a private key - Subject:{certificate.Subject} Thumbprint:{certificate.Thumbprint}."); } var certificateChain = _CertificateChainProvider.GetCertificates(); var contentInfo = new ContentInfo(content); var signedCms = new SignedCms(contentInfo, true); signedCms.Certificates.AddRange(certificateChain); var signer = new CmsSigner(SubjectIdentifierType.IssuerAndSerialNumber, certificate); var signingTime = new Pkcs9SigningTime(_DateTimeProvider.Now()); signer.SignedAttributes.Add(new CryptographicAttributeObject(signingTime.Oid, new AsnEncodedDataCollection(signingTime))); try { signedCms.ComputeSignature(signer); } catch (Exception e) { //NB. Cannot catch the internal exception type (cross-platform design of .NET Core) if (e.GetType().Name == "WindowsCryptographicException" && e.Message == "Keyset does not exist" && !WindowsIdentityStuff.CurrentUserIsAdministrator()) { throw new InvalidOperationException("Failed to sign with certificate when current user does not have UAC elevated permissions.", e); } throw; } return(signedCms.Encode()); }