Certificate can provided in contructor

078bcb12 · Klaus Fischer · 8f21d2a6 · 078bcb12 · 078bcb12 · 078bcb12
Commit 078bcb12 authored 2 years ago by Klaus Fischer
--- a/FitConnect/EncryptionBaseClass.cs
+++ b/FitConnect/EncryptionBaseClass.cs
@@ -10,9 +10,12 @@ public class EncryptionBaseClass {
    private RSA? _publicKey;
    private RSA? _privateKey;

-    protected EncryptionBaseClass(ILogger? logger) {
+    protected EncryptionBaseClass(ILogger? logger, X509Certificate2? certificate) {
        _logger = logger;
        _rsa = RSA.Create(4096);
+
+        if (certificate != null)
+            ImportCertificate(certificate);
    }


@@ -31,15 +34,10 @@ public class EncryptionBaseClass {
        }

        _publicKey = cert.GetRSAPublicKey();
-        // _publicKey = RSA.Create(2048);
-        // _publicKey.ImportRSAPublicKey(cert.GetPublicKey(), out int _);

        if ((_publicKey?.KeySize ?? 0) == 0)
            throw new Exception("Invalid certificate, no public key");

-        _logger.LogInformation("Public key imported {}",
-            Convert.ToBase64String(_publicKey.ExportRSAPrivateKey()));
-
        if (cert.HasPrivateKey) {
            _privateKey = cert.GetRSAPrivateKey();
        }

--- a/FitConnect/FunctionalBaseClass.cs
+++ b/FitConnect/FunctionalBaseClass.cs
 using System.Net.Http.Headers;
 using System.Net.Http.Json;
+using System.Security.Cryptography.X509Certificates;
 using System.Text;
 using FitConnect.Models;
 using Microsoft.Extensions.Logging;
@@ -15,7 +16,7 @@ public class FunctionalBaseClass : EncryptionBaseClass {
    /// </summary>
    /// <param name="logger">ILogger implementation</param>
    /// <param name="endpoints">FitConnect endpoints</param>
-    protected FunctionalBaseClass(ILogger? logger, FitConnectEndpoints? endpoints) : base(logger) {
+    protected FunctionalBaseClass(ILogger? logger, FitConnectEndpoints? endpoints, X509Certificate2? certificate) : base(logger, certificate) {
        Endpoints = endpoints ??
                    FitConnectEndpoints.Create(FitConnectEndpoints.EndpointType.Development);


--- a/FitConnect/Sender.cs
+++ b/FitConnect/Sender.cs
 using System.Buffers.Text;
 using System.ComponentModel;
 using System.Security.Cryptography;
+using System.Security.Cryptography.X509Certificates;
 using System.Text;
 using Microsoft.Extensions.Logging;

 namespace FitConnect;

 public class Sender : FunctionalBaseClass {
-    public Sender(ILogger? logger, FitConnectEndpoints endpoints) : base(logger, endpoints) {
+    public Sender(ILogger? logger, FitConnectEndpoints endpoints, X509Certificate2? certificate = null) : base(logger, endpoints, certificate) {
    }

    /// <summary>

--- a/FitConnect/Subscriber.cs
+++ b/FitConnect/Subscriber.cs
 using System.Reflection;
+using System.Security.Cryptography.X509Certificates;
 using FitConnect.Models;
 using Microsoft.Extensions.Logging;
 using Newtonsoft.Json.Linq;
@@ -7,7 +8,8 @@ using Newtonsoft.Json.Schema;
 namespace FitConnect;

 public class Subscriber : FunctionalBaseClass {
-    public Subscriber(ILogger logger, FitConnectEndpoints endpoints) : base(logger, endpoints) {
+    public Subscriber(ILogger logger, FitConnectEndpoints endpoints,
+        X509Certificate2? certificate = null) : base(logger, endpoints, certificate) {
    }



--- a/SenderTest/SenderEncryptionWithImportedCertificateTest.cs
+++ b/SenderTest/SenderEncryptionWithImportedCertificateTest.cs
+using System.Security.Cryptography.X509Certificates;
+using FitConnect;
+using Microsoft.Extensions.Logging;
+using NUnit.Framework;
+
 namespace SenderTest;

 public class SenderEncryptionWithImportedCertificateTest {
+    private Sender _sender = null!;
+    private ILogger _logger = null!;
+
+    [OneTimeSetUp]
+    public void OneTimeSetUp() {
+        // Import certificate
+        
+    }
+
+    [SetUp]
+    public void SetUp() {
+        // Create a new Sender
+        var fileName = "certificate.pfx";
+        var cert = new X509Certificate2(fileName);
+        _logger = LoggerFactory.Create(cfg => cfg.AddConsole())
+            .CreateLogger<SenderEncryptionWithSelfSignedCertificateTest>();
+
+        _sender = new Sender(_logger,
+            FitConnectEndpoints.Create(FitConnectEndpoints.EndpointType.Development), cert);
+    }
+
+    [TearDown]
+    public void TearDown() {
+        // Dispose the Sender
+    }
+
+    [OneTimeTearDown]
+    public void OneTimeTearDown() {
+        // Delete certificate
+    }
+
+    [Test]
+    public void TestEncryption() {
+        // Encrypt a message
+    }
 }
--- a/SenderTest/SenderEncryptionWithSelfSignedCertificateTest.cs
+++ b/SenderTest/SenderEncryptionWithSelfSignedCertificateTest.cs
@@ -4,6 +4,7 @@ using System.Security.Cryptography;
 using System.Security.Cryptography.X509Certificates;
 using System.Text;
 using FitConnect;
+using FluentAssertions;
 using Microsoft.Extensions.Logging;
 using NUnit.Framework;

@@ -13,6 +14,10 @@ public class SenderEncryptionWithSelfSignedCertificateTest {
    private Sender _sender = null!;
    private ILogger<SenderEncryptionWithSelfSignedCertificateTest> _logger = null!;
    private X509Certificate2 _certificate = null!;
+    private static byte[]? cypher;
+
+    private const string ToEncrypt = "This is a test message";
+

    /*
     * Encryption test must be changed for production to only allow extern signed certificates
@@ -43,12 +48,20 @@ public class SenderEncryptionWithSelfSignedCertificateTest {


    [Test]
+    [Order(10)]
    public void CryptWithOutPublicKeyImport() {
-        var cypher = _sender.EncryptData(Encoding.UTF8.GetBytes("test"));
+        cypher = _sender.EncryptData(Encoding.UTF8.GetBytes(ToEncrypt));

        _logger.LogInformation("Cypher: {}", Convert.ToBase64String(cypher));
    }

+    [Test]
+    [Order(20)]
+    public void Decrypt_ResultShouldMatchToEncrypt() {
+        var result = _sender.DecryptDataAsync(cypher!);
+        Encoding.UTF8.GetString(result).Should().Be(ToEncrypt);
+    }
+

    [Test]
    public void ExportPrivateKey() {
@@ -67,8 +80,13 @@ public class SenderEncryptionWithSelfSignedCertificateTest {
    /// <returns></returns>
    /// <exception cref="Exception"></exception>
    private X509Certificate2 CreateSelfSignedCertificate(string? exportPath = null) {
-        var req = new CertificateRequest("cn=foobar", ECDsa.Create(), HashAlgorithmName.SHA256);
-        var cert = req.CreateSelfSigned(DateTimeOffset.Now, DateTimeOffset.Now.AddYears(5));
+        var rsa = RSA.Create(4096);
+
+        var req = new CertificateRequest("c=DE, cn=fitconnect.de",
+            rsa, HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1);
+
+        var cert = req.CreateSelfSigned(DateTimeOffset.Now.AddSeconds(-5),
+            DateTimeOffset.Now.AddYears(5));

        if (cert.GetRSAPublicKey() == null)
            throw new Exception("Certificate does not contain a public key");