Extracted encrypt/decrypt in spearat class

6b60061a · Klaus Fischer · 781c83a5 · 6b60061a · 6b60061a · 6b60061a
Commit 6b60061a authored 2 years ago by Klaus Fischer
--- a/FitConnect/EncryptionBaseClass.cs
+++ b/FitConnect/EncryptionBaseClass.cs
+using System.Security.Cryptography;
+using System.Security.Cryptography.X509Certificates;
+using Microsoft.Extensions.Logging;
+
+namespace FitConnect;
+
+public class EncryptionBaseClass {
+    private readonly ILogger _logger;
+    private RSA _rsa;
+
+    protected EncryptionBaseClass(ILogger logger) {
+        _logger = logger;
+        _rsa = RSA.Create(2048);
+    }
+
+
+    /// <summary>
+    /// 
+    /// </summary>
+    /// <param name="cert"></param>
+    /// <returns></returns>
+    private bool CheckCertificate(X509Certificate2 cert) => true;
+
+    /// <summary>
+    /// 
+    /// </summary>
+    /// <param name="certPath"></param>
+    /// <exception cref="ArgumentException"></exception>
+    /// <exception cref="Exception"></exception>
+    public void ImportCertificate(string certPath) {
+        _logger.LogInformation("Importing certificate {CertPath}", certPath);
+        var cert =
+            new X509Certificate2(certPath, "", X509KeyStorageFlags.MachineKeySet);
+
+        if (!CheckCertificate(cert)) {
+            throw new ArgumentException("Certificate is not valid");
+        }
+
+        var parameters = cert.PublicKey.GetRSAPublicKey()?.ExportParameters(true);
+        if (parameters == null) {
+            throw new Exception("Could not get public key from certificate");
+        }
+
+        _rsa.ImportParameters(parameters.Value);
+    }
+
+    public byte[] DecryptDataAsync(byte[] data, byte[] privateKey) {
+        /*
+         *             var keyParams = new PbeParameters(
+                    PbeEncryptionAlgorithm.Aes256Cbc, HashAlgorithmName.SHA256, numberOfIterations);
+                
+                var privateKey =
+                    _rsa.ExportEncryptedPkcs8PrivateKey(Encoding.UTF8.GetBytes(password), keyParams);
+                
+                logger?.LogInformation(
+                    "Private key: {}", privateKey);
+    {
+         */
+        return _rsa.Decrypt(data, RSAEncryptionPadding.OaepSHA256);
+    }
+
+    public byte[] ExportPublicKey() {
+        return _rsa.ExportRSAPublicKey();
+    }
+
+    public byte[] ExportPrivateKey() {
+        return _rsa.ExportRSAPrivateKey();
+    }
+
+    public byte[] EncryptData(byte[] data, byte[]? publicKey) {
+        _logger?.LogInformation(
+            "Encrypting data with public key: {}",
+            Convert.ToBase64String(_rsa.ExportRSAPublicKey()));
+
+        if (publicKey != null) {
+            _rsa.ImportRSAPublicKey(publicKey, out var read);
+        }
+
+        return _rsa.Encrypt(data, RSAEncryptionPadding.OaepSHA256);
+    }
+}
--- a/FitConnect/FitConnectEndpoints.cs
+++ b/FitConnect/FitConnectEndpoints.cs
+namespace FitConnect;
+
+public class FitConnectEndpoints {
+    /// <summary>
+    /// Default constructor.
+    /// </summary>
+    /// <param name="tokenUrl">URL for receiving the OAuth token</param>
+    /// <param name="submissionApi">URL for the submission API</param>
+    /// <param name="routingApi">URL for the routing API</param>
+    public FitConnectEndpoints(string tokenUrl, string submissionApi, string routingApi) {
+        TokenUrl = tokenUrl;
+        SubmissionApi = submissionApi;
+        RoutingApi = routingApi;
+    }
+
+    /// <summary>
+    /// URL for receiving the OAuth token.
+    /// </summary>
+    public string TokenUrl { get; }
+
+    /// <summary>
+    /// URL for the submission API.
+    /// </summary>
+    public string SubmissionApi { get; }
+
+    /// <summary>
+    /// URL for the routing API.
+    /// </summary>
+    public string RoutingApi { get; }
+
+
+    public enum EndpointType {
+        Development,
+        Testing,
+        Production
+    }
+
+    /// <summary>
+    /// Creates the endpoints for the given environment.
+    /// </summary>
+    /// <param name="endpointType">Environment to get endpoints for</param>
+    /// <returns></returns>
+    /// <exception cref="ArgumentException">Not all environments are ready to use</exception>
+    public static FitConnectEndpoints Create(EndpointType endpointType) {
+        return endpointType switch {
+            EndpointType.Development => DevEndpoints,
+            EndpointType.Testing => throw new ArgumentException("Not approved for online testing"),
+            EndpointType.Production => throw new ArgumentException("NOT PRODUCTION READY"),
+            _ => throw new ArgumentOutOfRangeException(nameof(endpointType), endpointType, null)
+        };
+    }
+
+    private static readonly FitConnectEndpoints DevEndpoints = new(
+        "https://auth-testing.fit-connect.fitko.dev/token",
+        "https://submission-api-testing.fit-connect.fitko.dev",
+        "https://routing-api-testing.fit-connect.fitko.dev"
+    );
+
+    private static readonly FitConnectEndpoints TestEndpoints = new(
+        "https://auth-testing.fit-connect.fitko.dev/token",
+        "https://submission-api-testing.fit-connect.fitko.dev",
+        "https://routing-api-testing.fit-connect.fitko.dev"
+    );
+
+    private static readonly FitConnectEndpoints ProductionEndpoints = new(
+        "https://auth-testing.fit-connect.fitko.dev/token",
+        "https://submission-api-testing.fit-connect.fitko.dev",
+        "https://routing-api-testing.fit-connect.fitko.dev"
+    );
+}
--- a/FitConnect/FunctionalBaseClass.cs
+++ b/FitConnect/FunctionalBaseClass.cs
 using System.Net.Http.Headers;
 using System.Net.Http.Json;
-using System.Security.Cryptography;
 using System.Text;
 using FitConnect.Models;
 using Microsoft.Extensions.Logging;

 namespace FitConnect;

-public class FitConnectEndpoints {
-    /// <summary>
-    /// Default constructor.
-    /// </summary>
-    /// <param name="tokenUrl">URL for receiving the OAuth token</param>
-    /// <param name="submissionApi">URL for the submission API</param>
-    /// <param name="routingApi">URL for the routing API</param>
-    public FitConnectEndpoints(string tokenUrl, string submissionApi, string routingApi) {
-        TokenUrl = tokenUrl;
-        SubmissionApi = submissionApi;
-        RoutingApi = routingApi;
-    }
-
-    /// <summary>
-    /// URL for receiving the OAuth token.
-    /// </summary>
-    public string TokenUrl { get; }
-
-    /// <summary>
-    /// URL for the submission API.
-    /// </summary>
-    public string SubmissionApi { get; }
-
-    /// <summary>
-    /// URL for the routing API.
-    /// </summary>
-    public string RoutingApi { get; }
-
-
-    public enum EndpointType {
-        Development,
-        Testing,
-        Production
-    }
-
-    /// <summary>
-    /// Creates the endpoints for the given environment.
-    /// </summary>
-    /// <param name="endpointType">Environment to get endpoints for</param>
-    /// <returns></returns>
-    /// <exception cref="ArgumentException">Not all environments are ready to use</exception>
-    public static FitConnectEndpoints Create(EndpointType endpointType) {
-        return endpointType switch {
-            EndpointType.Development => DevEndpoints,
-            EndpointType.Testing => throw new ArgumentException("Not approved for online testing"),
-            EndpointType.Production => throw new ArgumentException("NOT PRODUCTION READY"),
-            _ => throw new ArgumentOutOfRangeException(nameof(endpointType), endpointType, null)
-        };
-    }
-
-    private static readonly FitConnectEndpoints DevEndpoints = new(
-        "https://auth-testing.fit-connect.fitko.dev/token",
-        "https://submission-api-testing.fit-connect.fitko.dev",
-        "https://routing-api-testing.fit-connect.fitko.dev"
-    );
-
-    private static readonly FitConnectEndpoints TestEndpoints = new(
-        "https://auth-testing.fit-connect.fitko.dev/token",
-        "https://submission-api-testing.fit-connect.fitko.dev",
-        "https://routing-api-testing.fit-connect.fitko.dev"
-    );
-
-    private static readonly FitConnectEndpoints ProductionEndpoints = new(
-        "https://auth-testing.fit-connect.fitko.dev/token",
-        "https://submission-api-testing.fit-connect.fitko.dev",
-        "https://routing-api-testing.fit-connect.fitko.dev"
-    );
-}
-
-public abstract class FunctionalBaseClass {
+public abstract class FunctionalBaseClass : EncryptionBaseClass {
    protected readonly ILogger? logger;
-    private RSA _rsa;
    public FitConnectEndpoints Endpoints { get; }

-    protected FunctionalBaseClass(ILogger? logger, FitConnectEndpoints? endpoints) {
+    protected FunctionalBaseClass(ILogger? logger, FitConnectEndpoints? endpoints) : base(logger) {
        Endpoints = endpoints ??
                    FitConnectEndpoints.Create(FitConnectEndpoints.EndpointType.Development);

@@ -130,33 +59,6 @@ public abstract class FunctionalBaseClass {
        throw new NotImplementedException();
    }

-    public byte[] EncryptDataAsync(byte[] data,
-        byte[]? publicKey,
-        string? password,
-        int numberOfIterations) {
-        _rsa = RSA.Create(2048);
-        // _rsa.ImportRSAPublicKey(publicKey, out var read);
-
-        logger?.LogInformation(
-            "Encrypting data with public key: {}",
-            Convert.ToBase64String(_rsa.ExportRSAPublicKey()));
-
-        // var keyParams = new PbeParameters(
-        //     PbeEncryptionAlgorithm.Aes256Cbc, HashAlgorithmName.SHA256, numberOfIterations);
-        //
-        // var privateKey =
-        //     rsa.ExportEncryptedPkcs8PrivateKey(Encoding.UTF8.GetBytes(password), keyParams);
-        //
-        // logger?.LogInformation(
-        //     "Private key: {}", privateKey);
-
-        return _rsa.Encrypt(data, RSAEncryptionPadding.OaepSHA256);
-    }
-
-    public byte[] DecryptDataAsync(byte[] data, byte[] privateKey) {
-        return _rsa.Decrypt(data, RSAEncryptionPadding.OaepSHA256);
-    }
-

    private async Task<T?> RestCall<T>(Uri uri, HttpMethod method, string body) {
        var client = new HttpClient();

--- a/SenderTest/SenderEncryptionTest.cs
+++ b/SenderTest/SenderEncryptionTest.cs
+using System;
+using System.Buffers.Text;
+using System.Security.Cryptography;
+using System.Text;
+using FitConnect;
+using FluentAssertions;
+using Microsoft.Extensions.Logging;
+using NUnit.Framework;
+
+namespace SenderTest;
+
+public class SenderEncryptionTest {
+    private Sender _sender;
+    private ILogger<SenderEncryptionTest> _logger;
+
+    [SetUp]
+    public void Setup() {
+        _logger = LoggerFactory.Create(cfg => cfg.AddConsole())
+            .CreateLogger<SenderEncryptionTest>();
+        _sender = new Sender(_logger,
+            FitConnectEndpoints.Create(FitConnectEndpoints.EndpointType.Development));
+    }
+
+    [Test]
+    public void CryptWithPublicKeyImport() {
+        var publicKey = Convert.FromBase64String(
+            "MIIBCgKCAQEAzu/ek6A5AMuROs+12pncbYNteGkd6ReU28ZY5gCM4hNFI0h1E+0+OST+Yxw7zhvbFhZbYdVt8LmzonMAtENituLxzZj7MsWom/ZzxTdp4Cx5zlx8x6Qx/ZPoSS2T2Sf0ttymaMc6ZadpWsDhg/Mnf6beF1W/QoGH/bHBa8U4rhkUa+OKf3wyo08km8oyUJaj6kkB0VdhRp5rSyvXJtUMZ5A0LcYFygnkHTSQlQhdrAK+6nTo//mfNfPtqta2wBb9ONpVwN0V7I5PSdH2WxZMZsYFicLOGbNeF08gibmL+7TeBTssYtrNVM88cG0v+aWeBun0WVrpCntDIA9HIujWowIDAQAB");
+
+        var cypher = _sender.EncryptData(Encoding.UTF8.GetBytes("test"), publicKey);
+
+        _logger.LogInformation("Cypher: {}", Convert.ToBase64String(cypher));
+    }
+
+    [Test]
+    public void ExportPrivateKey() {
+        var privateKey = _sender.ExportPrivateKey();
+        _logger.LogInformation("Private key: {}", Convert.ToBase64String(privateKey));
+    }
+}
--- a/SenderTest/UnitTest1.cs
+++ b/SenderTest/UnitTest1.cs
-using System.Security.Cryptography;
-using System.Text;
-using FitConnect;
-using FluentAssertions;
-using Microsoft.Extensions.Logging;
-using NUnit.Framework;
-
-namespace SenderTest;
-
-public class SenderEncryptionTest {
-    private Sender _sender;
-
-    [SetUp]
-    public void Setup() {
-        var logger = LoggerFactory.Create(cfg => cfg.AddConsole())
-            .CreateLogger<SenderEncryptionTest>();
-        _sender = new Sender(logger,
-            FitConnectEndpoints.Create(FitConnectEndpoints.EndpointType.Development));
-    }
-
-    [Test]
-    public void SimpleEncryptDecryptTest() {
-        var cypher = _sender.EncryptDataAsync(
-            Encoding.UTF8.GetBytes("test"),
-            new byte[] {
-                48, 130, 1, 10, 2, 130, 1, 1, 0, 176, 201, 204, 176, 164, 201, 48, 46, 200, 253,
-                162, 223, 85, 102, 238, 80, 75, 126, 38, 201, 39, 235, 90, 2, 73, 80, 136, 56, 86,
-                18, 247, 249, 131, 245, 167, 21, 159, 79, 236, 173, 234, 88, 67, 114, 19, 173, 201,
-                71, 66, 60, 183, 102, 123, 89, 192, 66, 154, 127, 206, 77, 212, 91, 75, 122, 15,
-                100, 153, 32, 153, 48, 178, 205, 13, 189, 196, 194, 100, 140, 27, 78, 39, 245, 169,
-                30, 241, 114, 168, 228, 63, 42, 31, 114, 118, 196, 136, 254, 31, 95, 105, 191, 170,
-                223, 191, 120, 143, 34, 33, 177, 245, 128, 13, 108, 11, 18, 132, 8, 225, 82, 31,
-                177, 37, 130, 55, 246, 111, 184, 169, 239, 212, 234, 208, 198, 19, 171, 209, 31, 26,
-                104, 66, 248, 112, 55, 182, 51, 13, 68, 84, 196, 175, 124, 166, 42, 50, 172, 226,
-                157, 23, 104, 114, 71, 109, 136, 6, 163, 73, 179, 20, 78, 77, 97, 2, 230, 92, 18,
-                104, 70, 43, 54, 249, 235, 189, 64, 65, 138, 36, 112, 237, 96, 240, 168, 189, 113,
-                250, 175, 198, 23, 200, 106, 106, 15, 234, 247, 204, 254, 199, 53, 191, 224, 195,
-                163, 10, 186, 1, 10, 183, 87, 73, 185, 182, 37, 142, 195, 115, 9, 239, 226, 18, 110,
-                14, 171, 177, 38, 161, 162, 198, 148, 8, 250, 224, 148, 173, 211, 72, 178, 30, 158,
-                50, 225, 53, 102, 43, 133, 253, 164, 80, 127, 2, 3, 1, 0, 1
-            }, "dummy", 2);
-
-        Encoding.UTF8.GetString((_sender.DecryptDataAsync(cypher, new byte[] { }))).Should()
-            .Be("test");
-    }
-}