Self signed certificate does not export public key

fb886082 · Klaus Fischer · 09a369ef · fb886082 · fb886082 · fb886082
Commit fb886082 authored 2 years ago by Klaus Fischer
--- a/FitConnect/EncryptionBaseClass.cs
+++ b/FitConnect/EncryptionBaseClass.cs
@@ -31,18 +31,23 @@ public class EncryptionBaseClass {
        }

        _publicKey = cert.GetRSAPublicKey();
+        // _publicKey = RSA.Create(2048);
+        // _publicKey.ImportRSAPublicKey(cert.GetPublicKey(), out int _);

-        if (_publicKey == null)
+        if ((_publicKey?.KeySize ?? 0) == 0)
            throw new Exception("Invalid certificate, no public key");

        _logger.LogInformation("Public key imported {}",
            Convert.ToBase64String(_publicKey.ExportRSAPrivateKey()));

-
        if (cert.HasPrivateKey) {
            _privateKey = cert.GetRSAPrivateKey();
-            _logger.LogInformation("Certificate imported");
        }
+
+        if (_privateKey != null)
+            _logger.LogInformation("Certificate with private key imported");
+        else
+            _logger.LogInformation("Certificate has no private key");
    }

    /// <summary>

--- a/SenderTest/SenderEncryptionTest.cs
+++ b/SenderTest/SenderEncryptionTest.cs
@@ -9,9 +9,9 @@ using NUnit.Framework;

 namespace SenderTest;

-public partial class SenderEncryptionTest {
+public class SenderEncryptionWithCertificateTest {
    private Sender _sender = null!;
-    private ILogger<SenderEncryptionTest> _logger = null!;
+    private ILogger<SenderEncryptionWithCertificateTest> _logger = null!;

    /*
     * Encryption test must be changed for production to only allow extern signed certificates
@@ -21,11 +21,11 @@ public partial class SenderEncryptionTest {
    [SetUp]
    public void Setup() {
        _logger = LoggerFactory.Create(cfg => cfg.AddConsole())
-            .CreateLogger<SenderEncryptionTest>();
+            .CreateLogger<SenderEncryptionWithCertificateTest>();
        _sender = new Sender(_logger,
            FitConnectEndpoints.Create(FitConnectEndpoints.EndpointType.Development));
        var certificate = CreateSelfSignedCertificate(null);
-        // _sender.ImportCertificate(certificate);
+        _sender.ImportCertificate(certificate);
    }


@@ -53,11 +53,10 @@ public partial class SenderEncryptionTest {
        var privateKey = _sender.ExportPrivateKey();
        _logger.LogInformation("Private key: {}", Convert.ToBase64String(privateKey));
    }
-}

-#region Static helpers

-public partial class SenderEncryptionTest {
+    #region Static helpers
+
    private X509Certificate2 CreateSelfSignedCertificate(string? exportPath = "../../../") {
        var req = new CertificateRequest("cn=foobar", ECDsa.Create(), HashAlgorithmName.SHA256);
        var cert = req.CreateSelfSigned(DateTimeOffset.Now, DateTimeOffset.Now.AddYears(5));

--- a/SenderTest/SenderEncryptionWithImportedCertificateTest.cs
+++ b/SenderTest/SenderEncryptionWithImportedCertificateTest.cs
+namespace SenderTest;
+
+public class SenderEncryptionWithImportedCertificateTest {
+}
--- a/SenderTest/SenderEncryptionWithoutCertificateTest.cs
+++ b/SenderTest/SenderEncryptionWithoutCertificateTest.cs
+using System;
+using System.Text;
+using FitConnect;
+using Microsoft.Extensions.Logging;
+using NUnit.Framework;
+
+namespace SenderTest;
+
+
+public class SenderEncryptionWithoutCertificateTest {
+    private Sender _sender = null!;
+    private ILogger<SenderEncryptionWithoutCertificateTest> _logger = null!;
+
+    /*
+     * Encryption test must be changed for production to only allow extern signed certificates
+     * and forbid self-signed certificates.
+     */
+
+    [SetUp]
+    public void Setup() {
+        _logger = LoggerFactory.Create(cfg => cfg.AddConsole())
+            .CreateLogger<SenderEncryptionWithoutCertificateTest>();
+        _sender = new Sender(_logger,
+            FitConnectEndpoints.Create(FitConnectEndpoints.EndpointType.Development));
+    }
+
+
+    [Test]
+    public void CryptWithOutPublicKeyImport() {
+        var cypher = _sender.EncryptData(Encoding.UTF8.GetBytes("test"));
+
+        _logger.LogInformation("Cypher: {}", Convert.ToBase64String(cypher));
+    }
+
+
+    [Test]
+    [Ignore("Not applicable for production")]
+    public void CryptWithPublicKeyImport() {
+        var publicKey = Convert.FromBase64String(
+            "MIIBCgKCAQEAzu/ek6A5AMuROs+12pncbYNteGkd6ReU28ZY5gCM4hNFI0h1E+0+OST+Yxw7zhvbFhZbYdVt8LmzonMAtENituLxzZj7MsWom/ZzxTdp4Cx5zlx8x6Qx/ZPoSS2T2Sf0ttymaMc6ZadpWsDhg/Mnf6beF1W/QoGH/bHBa8U4rhkUa+OKf3wyo08km8oyUJaj6kkB0VdhRp5rSyvXJtUMZ5A0LcYFygnkHTSQlQhdrAK+6nTo//mfNfPtqta2wBb9ONpVwN0V7I5PSdH2WxZMZsYFicLOGbNeF08gibmL+7TeBTssYtrNVM88cG0v+aWeBun0WVrpCntDIA9HIujWowIDAQAB");
+
+        var cypher = _sender.EncryptData(Encoding.UTF8.GetBytes("test"), publicKey);
+
+        _logger.LogInformation("Cypher: {}", Convert.ToBase64String(cypher));
+    }
+
+    [Test]
+    public void ExportPrivateKey() {
+        var privateKey = _sender.ExportPrivateKey();
+        _logger.LogInformation("Private key: {}", Convert.ToBase64String(privateKey));
+    }
+
+}