Skip to content
GitLab

[C#][netcore] various improvements in HttpSigningConfiguration.cs

Merged William Cheng requested to merge csharp-http-signature into master
Compare
and
7 files
+ 391
- 315
modules/…/…/…/…‎/csharp-netcore‎
HttpSigningConfi‎guration.mustache‎ +49 -45
samples/client/pets‎tore/csharp-netcore‎
OpenAPIClient-http‎client/src/…/Client‎
HttpSigningCo‎nfiguration.cs‎ +57 -45
OpenAPIClient-ne‎t47/src/…/Client‎
HttpSigningCo‎nfiguration.cs‎ +57 -45
OpenAPIClient-ne‎t5.0/src/…/Client‎
HttpSigningCo‎nfiguration.cs‎ +57 -45
OpenAPIClient‎/src/…/Client‎
HttpSigningCo‎nfiguration.cs‎ +57 -45
OpenAPIClientCo‎re/src/…/Client‎
HttpSigningCo‎nfiguration.cs‎ +57 -45
…/…‎/…/…‎
HttpSigningCo‎nfiguration.cs‎ +57 -45
modules/openapi-generator/src/main/resources/csharp-netcore/HttpSigningConfiguration.mustache
+ 49
- 45
{{>partial_header}}
using Newtonsoft.Json;
using Newtonsoft.Json.Serialization;
using System;
@@ -82,7 +84,7 @@ namespace {{packageName}}.Client
/// <param name="method">HTTP method</param>
/// <param name="path">Path</param>
/// <param name="requestOptions">Request options</param>
/// <returns></returns>
/// <returns>Http signed headers</returns>
internal Dictionary<string, string> GetHttpSignedHeader(string basePath,string method, string path, RequestOptions requestOptions)
{
const string HEADER_REQUEST_TARGET = "(request-target)";
@@ -133,7 +135,7 @@ namespace {{packageName}}.Client
}
else
{
httpValues.Add(HttpUtility.UrlEncode(parameter.Key), parameter.Value[0]);
httpValues.Add(HttpUtility.UrlEncode(parameter.Key), parameter.Value[0]);
}
#else
if (parameter.Value.Count > 1)
@@ -178,7 +180,6 @@ namespace {{packageName}}.Client
throw new Exception(string.Format("{0} not supported", HashAlgorithm));
}
foreach (var header in HttpSigningHeader)
{
if (header.Equals(HEADER_REQUEST_TARGET))
@@ -236,7 +237,6 @@ namespace {{packageName}}.Client
foreach (var keyVal in HttpSignatureHeader)
{
headerValuesList.Add(string.Format("{0}: {1}", keyVal.Key, keyVal.Value));
}
//Concatenate headers value separated by new line
var headerValuesString = string.Join("\n", headerValuesList);
@@ -252,7 +252,11 @@ namespace {{packageName}}.Client
{
headerSignatureStr = GetECDSASignature(signatureStringHash);
}
var cryptographicScheme = "hs2019";
else
{
throw new Exception(string.Format("Private key type {0} not supported", keyType));
}
const string cryptographicScheme = "hs2019";
var authorizationHeaderValue = string.Format("Signature keyId=\"{0}\",algorithm=\"{1}\"",
KeyId, cryptographicScheme);
@@ -268,9 +272,7 @@ namespace {{packageName}}.Client
authorizationHeaderValue += string.Format(",headers=\"{0}\",signature=\"{1}\"",
headersKeysString, headerSignatureStr);
HttpSignedRequestHeader.Add(HEADER_AUTHORIZATION, authorizationHeaderValue);
return HttpSignedRequestHeader;
}
@@ -302,14 +304,17 @@ namespace {{packageName}}.Client
var signedbytes = rsa.SignHash(stringToSign, HashAlgorithm, RSASignaturePadding.Pkcs1);
return Convert.ToBase64String(signedbytes);
}
return string.Empty;
else
{
return string.Empty;
}
}
/// <summary>
/// Gets the ECDSA signature
/// </summary>
/// <param name="dataToSign"></param>
/// <returns></returns>
/// <returns>ECDSA signature</returns>
private string GetECDSASignature(byte[] dataToSign)
{
if (!File.Exists(KeyFilePath))
@@ -317,8 +322,8 @@ namespace {{packageName}}.Client
throw new Exception("key file path does not exist.");
}
var ecKeyHeader = "-----BEGIN EC PRIVATE KEY-----";
var ecKeyFooter = "-----END EC PRIVATE KEY-----";
const string ecKeyHeader = "-----BEGIN EC PRIVATE KEY-----";
const string ecKeyFooter = "-----END EC PRIVATE KEY-----";
var keyStr = File.ReadAllText(KeyFilePath);
var ecKeyBase64String = keyStr.Replace(ecKeyHeader, "").Replace(ecKeyFooter, "").Trim();
var keyBytes = System.Convert.FromBase64String(ecKeyBase64String);
@@ -355,10 +360,9 @@ namespace {{packageName}}.Client
#else
throw new Exception("ECDSA signing is supported only on NETCOREAPP3_0 and above");
#endif
}
private byte[] ConvertToECDSAANS1Format(byte[] signedBytes)
private byte[] ConvertToECDSAANS1Format(byte[] signedBytes)
{
var derBytes = new List<byte>();
byte derLength = 68; //default length for ECDSA code signing bit 0x44
@@ -481,7 +485,7 @@ namespace {{packageName}}.Client
byte[] salt = new byte[saltstr.Length / 2];
for (int i = 0; i < salt.Length; i++)
salt[i] = Convert.ToByte(saltstr.Substring(i * 2, 2), 16);
if (!(str.ReadLine() == ""))
if (str.ReadLine() != "")
{
return null;
}
@@ -512,7 +516,7 @@ namespace {{packageName}}.Client
private RSACryptoServiceProvider DecodeRSAPrivateKey(byte[] privkey)
{
byte[] MODULUS, E, D, P, Q, DP, DQ, IQ;
byte[] bytesModulus, bytesE, bytesD, bytesP, bytesQ, bytesDP, bytesDQ, bytesIQ;
// --------- Set up stream to decode the asn.1 encoded RSA private key ------
MemoryStream mem = new MemoryStream(privkey);
@@ -549,40 +553,40 @@ namespace {{packageName}}.Client
//------ all private key components are Integer sequences ----
elems = GetIntegerSize(binr);
MODULUS = binr.ReadBytes(elems);
bytesModulus = binr.ReadBytes(elems);
elems = GetIntegerSize(binr);
E = binr.ReadBytes(elems);
bytesE = binr.ReadBytes(elems);
elems = GetIntegerSize(binr);
D = binr.ReadBytes(elems);
bytesD = binr.ReadBytes(elems);
elems = GetIntegerSize(binr);
P = binr.ReadBytes(elems);
bytesP = binr.ReadBytes(elems);
elems = GetIntegerSize(binr);
Q = binr.ReadBytes(elems);
bytesQ = binr.ReadBytes(elems);
elems = GetIntegerSize(binr);
DP = binr.ReadBytes(elems);
bytesDP = binr.ReadBytes(elems);
elems = GetIntegerSize(binr);
DQ = binr.ReadBytes(elems);
bytesDQ = binr.ReadBytes(elems);
elems = GetIntegerSize(binr);
IQ = binr.ReadBytes(elems);
bytesIQ = binr.ReadBytes(elems);
// ------- create RSACryptoServiceProvider instance and initialize with public key -----
RSACryptoServiceProvider RSA = new RSACryptoServiceProvider();
RSAParameters RSAparams = new RSAParameters();
RSAparams.Modulus = MODULUS;
RSAparams.Exponent = E;
RSAparams.D = D;
RSAparams.P = P;
RSAparams.Q = Q;
RSAparams.DP = DP;
RSAparams.DQ = DQ;
RSAparams.InverseQ = IQ;
RSAparams.Modulus = bytesModulus;
RSAparams.Exponent = bytesE;
RSAparams.D = bytesD;
RSAparams.P = bytesP;
RSAparams.Q = bytesQ;
RSAparams.DP = bytesDP;
RSAparams.DQ = bytesDQ;
RSAparams.InverseQ = bytesIQ;
RSA.ImportParameters(RSAparams);
return RSA;
}
@@ -637,7 +641,7 @@ namespace {{packageName}}.Client
private byte[] GetEncryptedKey(byte[] salt, SecureString secpswd, int count, int miter)
{
IntPtr unmanagedPswd = IntPtr.Zero;
int HASHLENGTH = 16; //MD5 bytes
const int HASHLENGTH = 16; //MD5 bytes
byte[] keymaterial = new byte[HASHLENGTH * miter]; //to store concatenated Mi hashed results
byte[] psbytes = new byte[secpswd.Length];
@@ -670,7 +674,9 @@ namespace {{packageName}}.Client
}
for (int i = 0; i < count; i++)
{
result = md5.ComputeHash(result);
}
Array.Copy(result, 0, keymaterial, j * HASHLENGTH, result.Length); //concatenate to keymaterial
}
byte[] deskey = new byte[24];
@@ -708,7 +714,7 @@ namespace {{packageName}}.Client
/// Detect the key type from the pem file.
/// </summary>
/// <param name="keyFilePath">key file path in pem format</param>
/// <returns></returns>
/// <returns>Private Key Type</returns>
private PrivateKeyType GetKeyType(string keyFilePath)
{
if (!File.Exists(keyFilePath))
@@ -716,39 +722,37 @@ namespace {{packageName}}.Client
throw new Exception("Key file path does not exist.");
}
var ecPrivateKeyHeader = "BEGIN EC PRIVATE KEY";
var ecPrivateKeyFooter = "END EC PRIVATE KEY";
var rsaPrivateKeyHeader = "BEGIN RSA PRIVATE KEY";
var rsaPrivateFooter = "END RSA PRIVATE KEY";
const string ecPrivateKeyHeader = "BEGIN EC PRIVATE KEY";
const string ecPrivateKeyFooter = "END EC PRIVATE KEY";
const string rsaPrivateKeyHeader = "BEGIN RSA PRIVATE KEY";
const string rsaPrivateFooter = "END RSA PRIVATE KEY";
//var pkcs8Header = "BEGIN PRIVATE KEY";
//var pkcs8Footer = "END PRIVATE KEY";
var keyType = PrivateKeyType.None;
PrivateKeyType keyType;
var key = File.ReadAllLines(keyFilePath);
if (key[0].ToString().Contains(rsaPrivateKeyHeader) &&
if (key[0].Contains(rsaPrivateKeyHeader) &&
key[key.Length - 1].ToString().Contains(rsaPrivateFooter))
{
keyType = PrivateKeyType.RSA;
}
else if (key[0].ToString().Contains(ecPrivateKeyHeader) &&
else if (key[0].Contains(ecPrivateKeyHeader) &&
key[key.Length - 1].ToString().Contains(ecPrivateKeyFooter))
{
keyType = PrivateKeyType.ECDSA;
}
else if (key[0].ToString().Contains(ecPrivateKeyHeader) &&
else if (key[0].Contains(ecPrivateKeyHeader) &&
key[key.Length - 1].ToString().Contains(ecPrivateKeyFooter))
{
/* this type of key can hold many type different types of private key, but here due lack of pem header
Considering this as EC key
*/
// this type of key can hold many type different types of private key, but here due lack of pem header
// Considering this as EC key
//TODO :- update the key based on oid
keyType = PrivateKeyType.ECDSA;
}
else
{
throw new Exception("Either the key is invalid or key is not supported");
}
return keyType;
}
samples/client/petstore/csharp-netcore/OpenAPIClient/src/Org.OpenAPITools/Client/HttpSigningConfiguration.cs
+ 57
- 45
/*
* OpenAPI Petstore
*
* This spec is mainly for testing Petstore server and contains fake endpoints, models. Please do not use this for any other purpose. Special characters: \" \\
*
* The version of the OpenAPI document: 1.0.0
* Generated by: https://github.com/openapitools/openapi-generator.git
*/
using Newtonsoft.Json;
using Newtonsoft.Json.Serialization;
using System;
@@ -82,7 +92,7 @@ namespace Org.OpenAPITools.Client
/// <param name="method">HTTP method</param>
/// <param name="path">Path</param>
/// <param name="requestOptions">Request options</param>
/// <returns></returns>
/// <returns>Http signed headers</returns>
internal Dictionary<string, string> GetHttpSignedHeader(string basePath,string method, string path, RequestOptions requestOptions)
{
const string HEADER_REQUEST_TARGET = "(request-target)";
@@ -133,7 +143,7 @@ namespace Org.OpenAPITools.Client
}
else
{
httpValues.Add(HttpUtility.UrlEncode(parameter.Key), parameter.Value[0]);
httpValues.Add(HttpUtility.UrlEncode(parameter.Key), parameter.Value[0]);
}
#else
if (parameter.Value.Count > 1)
@@ -178,7 +188,6 @@ namespace Org.OpenAPITools.Client
throw new Exception(string.Format("{0} not supported", HashAlgorithm));
}
foreach (var header in HttpSigningHeader)
{
if (header.Equals(HEADER_REQUEST_TARGET))
@@ -236,7 +245,6 @@ namespace Org.OpenAPITools.Client
foreach (var keyVal in HttpSignatureHeader)
{
headerValuesList.Add(string.Format("{0}: {1}", keyVal.Key, keyVal.Value));
}
//Concatenate headers value separated by new line
var headerValuesString = string.Join("\n", headerValuesList);
@@ -252,7 +260,11 @@ namespace Org.OpenAPITools.Client
{
headerSignatureStr = GetECDSASignature(signatureStringHash);
}
var cryptographicScheme = "hs2019";
else
{
throw new Exception(string.Format("Private key type {0} not supported", keyType));
}
const string cryptographicScheme = "hs2019";
var authorizationHeaderValue = string.Format("Signature keyId=\"{0}\",algorithm=\"{1}\"",
KeyId, cryptographicScheme);
@@ -268,9 +280,7 @@ namespace Org.OpenAPITools.Client
authorizationHeaderValue += string.Format(",headers=\"{0}\",signature=\"{1}\"",
headersKeysString, headerSignatureStr);
HttpSignedRequestHeader.Add(HEADER_AUTHORIZATION, authorizationHeaderValue);
return HttpSignedRequestHeader;
}
@@ -302,14 +312,17 @@ namespace Org.OpenAPITools.Client
var signedbytes = rsa.SignHash(stringToSign, HashAlgorithm, RSASignaturePadding.Pkcs1);
return Convert.ToBase64String(signedbytes);
}
return string.Empty;
else
{
return string.Empty;
}
}
/// <summary>
/// Gets the ECDSA signature
/// </summary>
/// <param name="dataToSign"></param>
/// <returns></returns>
/// <returns>ECDSA signature</returns>
private string GetECDSASignature(byte[] dataToSign)
{
if (!File.Exists(KeyFilePath))
@@ -317,8 +330,8 @@ namespace Org.OpenAPITools.Client
throw new Exception("key file path does not exist.");
}
var ecKeyHeader = "-----BEGIN EC PRIVATE KEY-----";
var ecKeyFooter = "-----END EC PRIVATE KEY-----";
const string ecKeyHeader = "-----BEGIN EC PRIVATE KEY-----";
const string ecKeyFooter = "-----END EC PRIVATE KEY-----";
var keyStr = File.ReadAllText(KeyFilePath);
var ecKeyBase64String = keyStr.Replace(ecKeyHeader, "").Replace(ecKeyFooter, "").Trim();
var keyBytes = System.Convert.FromBase64String(ecKeyBase64String);
@@ -355,10 +368,9 @@ namespace Org.OpenAPITools.Client
#else
throw new Exception("ECDSA signing is supported only on NETCOREAPP3_0 and above");
#endif
}
private byte[] ConvertToECDSAANS1Format(byte[] signedBytes)
private byte[] ConvertToECDSAANS1Format(byte[] signedBytes)
{
var derBytes = new List<byte>();
byte derLength = 68; //default length for ECDSA code signing bit 0x44
@@ -481,7 +493,7 @@ namespace Org.OpenAPITools.Client
byte[] salt = new byte[saltstr.Length / 2];
for (int i = 0; i < salt.Length; i++)
salt[i] = Convert.ToByte(saltstr.Substring(i * 2, 2), 16);
if (!(str.ReadLine() == ""))
if (str.ReadLine() != "")
{
return null;
}
@@ -512,7 +524,7 @@ namespace Org.OpenAPITools.Client
private RSACryptoServiceProvider DecodeRSAPrivateKey(byte[] privkey)
{
byte[] MODULUS, E, D, P, Q, DP, DQ, IQ;
byte[] bytesModulus, bytesE, bytesD, bytesP, bytesQ, bytesDP, bytesDQ, bytesIQ;
// --------- Set up stream to decode the asn.1 encoded RSA private key ------
MemoryStream mem = new MemoryStream(privkey);
@@ -549,40 +561,40 @@ namespace Org.OpenAPITools.Client
//------ all private key components are Integer sequences ----
elems = GetIntegerSize(binr);
MODULUS = binr.ReadBytes(elems);
bytesModulus = binr.ReadBytes(elems);
elems = GetIntegerSize(binr);
E = binr.ReadBytes(elems);
bytesE = binr.ReadBytes(elems);
elems = GetIntegerSize(binr);
D = binr.ReadBytes(elems);
bytesD = binr.ReadBytes(elems);
elems = GetIntegerSize(binr);
P = binr.ReadBytes(elems);
bytesP = binr.ReadBytes(elems);
elems = GetIntegerSize(binr);
Q = binr.ReadBytes(elems);
bytesQ = binr.ReadBytes(elems);
elems = GetIntegerSize(binr);
DP = binr.ReadBytes(elems);
bytesDP = binr.ReadBytes(elems);
elems = GetIntegerSize(binr);
DQ = binr.ReadBytes(elems);
bytesDQ = binr.ReadBytes(elems);
elems = GetIntegerSize(binr);
IQ = binr.ReadBytes(elems);
bytesIQ = binr.ReadBytes(elems);
// ------- create RSACryptoServiceProvider instance and initialize with public key -----
RSACryptoServiceProvider RSA = new RSACryptoServiceProvider();
RSAParameters RSAparams = new RSAParameters();
RSAparams.Modulus = MODULUS;
RSAparams.Exponent = E;
RSAparams.D = D;
RSAparams.P = P;
RSAparams.Q = Q;
RSAparams.DP = DP;
RSAparams.DQ = DQ;
RSAparams.InverseQ = IQ;
RSAparams.Modulus = bytesModulus;
RSAparams.Exponent = bytesE;
RSAparams.D = bytesD;
RSAparams.P = bytesP;
RSAparams.Q = bytesQ;
RSAparams.DP = bytesDP;
RSAparams.DQ = bytesDQ;
RSAparams.InverseQ = bytesIQ;
RSA.ImportParameters(RSAparams);
return RSA;
}
@@ -637,7 +649,7 @@ namespace Org.OpenAPITools.Client
private byte[] GetEncryptedKey(byte[] salt, SecureString secpswd, int count, int miter)
{
IntPtr unmanagedPswd = IntPtr.Zero;
int HASHLENGTH = 16; //MD5 bytes
const int HASHLENGTH = 16; //MD5 bytes
byte[] keymaterial = new byte[HASHLENGTH * miter]; //to store concatenated Mi hashed results
byte[] psbytes = new byte[secpswd.Length];
@@ -670,7 +682,9 @@ namespace Org.OpenAPITools.Client
}
for (int i = 0; i < count; i++)
{
result = md5.ComputeHash(result);
}
Array.Copy(result, 0, keymaterial, j * HASHLENGTH, result.Length); //concatenate to keymaterial
}
byte[] deskey = new byte[24];
@@ -708,7 +722,7 @@ namespace Org.OpenAPITools.Client
/// Detect the key type from the pem file.
/// </summary>
/// <param name="keyFilePath">key file path in pem format</param>
/// <returns></returns>
/// <returns>Private Key Type</returns>
private PrivateKeyType GetKeyType(string keyFilePath)
{
if (!File.Exists(keyFilePath))
@@ -716,39 +730,37 @@ namespace Org.OpenAPITools.Client
throw new Exception("Key file path does not exist.");
}
var ecPrivateKeyHeader = "BEGIN EC PRIVATE KEY";
var ecPrivateKeyFooter = "END EC PRIVATE KEY";
var rsaPrivateKeyHeader = "BEGIN RSA PRIVATE KEY";
var rsaPrivateFooter = "END RSA PRIVATE KEY";
const string ecPrivateKeyHeader = "BEGIN EC PRIVATE KEY";
const string ecPrivateKeyFooter = "END EC PRIVATE KEY";
const string rsaPrivateKeyHeader = "BEGIN RSA PRIVATE KEY";
const string rsaPrivateFooter = "END RSA PRIVATE KEY";
//var pkcs8Header = "BEGIN PRIVATE KEY";
//var pkcs8Footer = "END PRIVATE KEY";
var keyType = PrivateKeyType.None;
PrivateKeyType keyType;
var key = File.ReadAllLines(keyFilePath);
if (key[0].ToString().Contains(rsaPrivateKeyHeader) &&
if (key[0].Contains(rsaPrivateKeyHeader) &&
key[key.Length - 1].ToString().Contains(rsaPrivateFooter))
{
keyType = PrivateKeyType.RSA;
}
else if (key[0].ToString().Contains(ecPrivateKeyHeader) &&
else if (key[0].Contains(ecPrivateKeyHeader) &&
key[key.Length - 1].ToString().Contains(ecPrivateKeyFooter))
{
keyType = PrivateKeyType.ECDSA;
}
else if (key[0].ToString().Contains(ecPrivateKeyHeader) &&
else if (key[0].Contains(ecPrivateKeyHeader) &&
key[key.Length - 1].ToString().Contains(ecPrivateKeyFooter))
{
/* this type of key can hold many type different types of private key, but here due lack of pem header
Considering this as EC key
*/
// this type of key can hold many type different types of private key, but here due lack of pem header
// Considering this as EC key
//TODO :- update the key based on oid
keyType = PrivateKeyType.ECDSA;
}
else
{
throw new Exception("Either the key is invalid or key is not supported");
}
return keyType;
}
samples/client/petstore/csharp-netcore/OpenAPIClient-ConditionalSerialization/src/Org.OpenAPITools/Client/HttpSigningConfiguration.cs
+ 57
- 45
/*
* OpenAPI Petstore
*
* This spec is mainly for testing Petstore server and contains fake endpoints, models. Please do not use this for any other purpose. Special characters: \" \\
*
* The version of the OpenAPI document: 1.0.0
* Generated by: https://github.com/openapitools/openapi-generator.git
*/
using Newtonsoft.Json;
using Newtonsoft.Json.Serialization;
using System;
@@ -82,7 +92,7 @@ namespace Org.OpenAPITools.Client
/// <param name="method">HTTP method</param>
/// <param name="path">Path</param>
/// <param name="requestOptions">Request options</param>
/// <returns></returns>
/// <returns>Http signed headers</returns>
internal Dictionary<string, string> GetHttpSignedHeader(string basePath,string method, string path, RequestOptions requestOptions)
{
const string HEADER_REQUEST_TARGET = "(request-target)";
@@ -133,7 +143,7 @@ namespace Org.OpenAPITools.Client
}
else
{
httpValues.Add(HttpUtility.UrlEncode(parameter.Key), parameter.Value[0]);
httpValues.Add(HttpUtility.UrlEncode(parameter.Key), parameter.Value[0]);
}
#else
if (parameter.Value.Count > 1)
@@ -178,7 +188,6 @@ namespace Org.OpenAPITools.Client
throw new Exception(string.Format("{0} not supported", HashAlgorithm));
}
foreach (var header in HttpSigningHeader)
{
if (header.Equals(HEADER_REQUEST_TARGET))
@@ -236,7 +245,6 @@ namespace Org.OpenAPITools.Client
foreach (var keyVal in HttpSignatureHeader)
{
headerValuesList.Add(string.Format("{0}: {1}", keyVal.Key, keyVal.Value));
}
//Concatenate headers value separated by new line
var headerValuesString = string.Join("\n", headerValuesList);
@@ -252,7 +260,11 @@ namespace Org.OpenAPITools.Client
{
headerSignatureStr = GetECDSASignature(signatureStringHash);
}
var cryptographicScheme = "hs2019";
else
{
throw new Exception(string.Format("Private key type {0} not supported", keyType));
}
const string cryptographicScheme = "hs2019";
var authorizationHeaderValue = string.Format("Signature keyId=\"{0}\",algorithm=\"{1}\"",
KeyId, cryptographicScheme);
@@ -268,9 +280,7 @@ namespace Org.OpenAPITools.Client
authorizationHeaderValue += string.Format(",headers=\"{0}\",signature=\"{1}\"",
headersKeysString, headerSignatureStr);
HttpSignedRequestHeader.Add(HEADER_AUTHORIZATION, authorizationHeaderValue);
return HttpSignedRequestHeader;
}
@@ -302,14 +312,17 @@ namespace Org.OpenAPITools.Client
var signedbytes = rsa.SignHash(stringToSign, HashAlgorithm, RSASignaturePadding.Pkcs1);
return Convert.ToBase64String(signedbytes);
}
return string.Empty;
else
{
return string.Empty;
}
}
/// <summary>
/// Gets the ECDSA signature
/// </summary>
/// <param name="dataToSign"></param>
/// <returns></returns>
/// <returns>ECDSA signature</returns>
private string GetECDSASignature(byte[] dataToSign)
{
if (!File.Exists(KeyFilePath))
@@ -317,8 +330,8 @@ namespace Org.OpenAPITools.Client
throw new Exception("key file path does not exist.");
}
var ecKeyHeader = "-----BEGIN EC PRIVATE KEY-----";
var ecKeyFooter = "-----END EC PRIVATE KEY-----";
const string ecKeyHeader = "-----BEGIN EC PRIVATE KEY-----";
const string ecKeyFooter = "-----END EC PRIVATE KEY-----";
var keyStr = File.ReadAllText(KeyFilePath);
var ecKeyBase64String = keyStr.Replace(ecKeyHeader, "").Replace(ecKeyFooter, "").Trim();
var keyBytes = System.Convert.FromBase64String(ecKeyBase64String);
@@ -355,10 +368,9 @@ namespace Org.OpenAPITools.Client
#else
throw new Exception("ECDSA signing is supported only on NETCOREAPP3_0 and above");
#endif
}
private byte[] ConvertToECDSAANS1Format(byte[] signedBytes)
private byte[] ConvertToECDSAANS1Format(byte[] signedBytes)
{
var derBytes = new List<byte>();
byte derLength = 68; //default length for ECDSA code signing bit 0x44
@@ -481,7 +493,7 @@ namespace Org.OpenAPITools.Client
byte[] salt = new byte[saltstr.Length / 2];
for (int i = 0; i < salt.Length; i++)
salt[i] = Convert.ToByte(saltstr.Substring(i * 2, 2), 16);
if (!(str.ReadLine() == ""))
if (str.ReadLine() != "")
{
return null;
}
@@ -512,7 +524,7 @@ namespace Org.OpenAPITools.Client
private RSACryptoServiceProvider DecodeRSAPrivateKey(byte[] privkey)
{
byte[] MODULUS, E, D, P, Q, DP, DQ, IQ;
byte[] bytesModulus, bytesE, bytesD, bytesP, bytesQ, bytesDP, bytesDQ, bytesIQ;
// --------- Set up stream to decode the asn.1 encoded RSA private key ------
MemoryStream mem = new MemoryStream(privkey);
@@ -549,40 +561,40 @@ namespace Org.OpenAPITools.Client
//------ all private key components are Integer sequences ----
elems = GetIntegerSize(binr);
MODULUS = binr.ReadBytes(elems);
bytesModulus = binr.ReadBytes(elems);
elems = GetIntegerSize(binr);
E = binr.ReadBytes(elems);
bytesE = binr.ReadBytes(elems);
elems = GetIntegerSize(binr);
D = binr.ReadBytes(elems);
bytesD = binr.ReadBytes(elems);
elems = GetIntegerSize(binr);
P = binr.ReadBytes(elems);
bytesP = binr.ReadBytes(elems);
elems = GetIntegerSize(binr);
Q = binr.ReadBytes(elems);
bytesQ = binr.ReadBytes(elems);
elems = GetIntegerSize(binr);
DP = binr.ReadBytes(elems);
bytesDP = binr.ReadBytes(elems);
elems = GetIntegerSize(binr);
DQ = binr.ReadBytes(elems);
bytesDQ = binr.ReadBytes(elems);
elems = GetIntegerSize(binr);
IQ = binr.ReadBytes(elems);
bytesIQ = binr.ReadBytes(elems);
// ------- create RSACryptoServiceProvider instance and initialize with public key -----
RSACryptoServiceProvider RSA = new RSACryptoServiceProvider();
RSAParameters RSAparams = new RSAParameters();
RSAparams.Modulus = MODULUS;
RSAparams.Exponent = E;
RSAparams.D = D;
RSAparams.P = P;
RSAparams.Q = Q;
RSAparams.DP = DP;
RSAparams.DQ = DQ;
RSAparams.InverseQ = IQ;
RSAparams.Modulus = bytesModulus;
RSAparams.Exponent = bytesE;
RSAparams.D = bytesD;
RSAparams.P = bytesP;
RSAparams.Q = bytesQ;
RSAparams.DP = bytesDP;
RSAparams.DQ = bytesDQ;
RSAparams.InverseQ = bytesIQ;
RSA.ImportParameters(RSAparams);
return RSA;
}
@@ -637,7 +649,7 @@ namespace Org.OpenAPITools.Client
private byte[] GetEncryptedKey(byte[] salt, SecureString secpswd, int count, int miter)
{
IntPtr unmanagedPswd = IntPtr.Zero;
int HASHLENGTH = 16; //MD5 bytes
const int HASHLENGTH = 16; //MD5 bytes
byte[] keymaterial = new byte[HASHLENGTH * miter]; //to store concatenated Mi hashed results
byte[] psbytes = new byte[secpswd.Length];
@@ -670,7 +682,9 @@ namespace Org.OpenAPITools.Client
}
for (int i = 0; i < count; i++)
{
result = md5.ComputeHash(result);
}
Array.Copy(result, 0, keymaterial, j * HASHLENGTH, result.Length); //concatenate to keymaterial
}
byte[] deskey = new byte[24];
@@ -708,7 +722,7 @@ namespace Org.OpenAPITools.Client
/// Detect the key type from the pem file.
/// </summary>
/// <param name="keyFilePath">key file path in pem format</param>
/// <returns></returns>
/// <returns>Private Key Type</returns>
private PrivateKeyType GetKeyType(string keyFilePath)
{
if (!File.Exists(keyFilePath))
@@ -716,39 +730,37 @@ namespace Org.OpenAPITools.Client
throw new Exception("Key file path does not exist.");
}
var ecPrivateKeyHeader = "BEGIN EC PRIVATE KEY";
var ecPrivateKeyFooter = "END EC PRIVATE KEY";
var rsaPrivateKeyHeader = "BEGIN RSA PRIVATE KEY";
var rsaPrivateFooter = "END RSA PRIVATE KEY";
const string ecPrivateKeyHeader = "BEGIN EC PRIVATE KEY";
const string ecPrivateKeyFooter = "END EC PRIVATE KEY";
const string rsaPrivateKeyHeader = "BEGIN RSA PRIVATE KEY";
const string rsaPrivateFooter = "END RSA PRIVATE KEY";
//var pkcs8Header = "BEGIN PRIVATE KEY";
//var pkcs8Footer = "END PRIVATE KEY";
var keyType = PrivateKeyType.None;
PrivateKeyType keyType;
var key = File.ReadAllLines(keyFilePath);
if (key[0].ToString().Contains(rsaPrivateKeyHeader) &&
if (key[0].Contains(rsaPrivateKeyHeader) &&
key[key.Length - 1].ToString().Contains(rsaPrivateFooter))
{
keyType = PrivateKeyType.RSA;
}
else if (key[0].ToString().Contains(ecPrivateKeyHeader) &&
else if (key[0].Contains(ecPrivateKeyHeader) &&
key[key.Length - 1].ToString().Contains(ecPrivateKeyFooter))
{
keyType = PrivateKeyType.ECDSA;
}
else if (key[0].ToString().Contains(ecPrivateKeyHeader) &&
else if (key[0].Contains(ecPrivateKeyHeader) &&
key[key.Length - 1].ToString().Contains(ecPrivateKeyFooter))
{
/* this type of key can hold many type different types of private key, but here due lack of pem header
Considering this as EC key
*/
// this type of key can hold many type different types of private key, but here due lack of pem header
// Considering this as EC key
//TODO :- update the key based on oid
keyType = PrivateKeyType.ECDSA;
}
else
{
throw new Exception("Either the key is invalid or key is not supported");
}
return keyType;
}
samples/client/petstore/csharp-netcore/OpenAPIClient-httpclient/src/Org.OpenAPITools/Client/HttpSigningConfiguration.cs
+ 57
- 45
/*
* OpenAPI Petstore
*
* This spec is mainly for testing Petstore server and contains fake endpoints, models. Please do not use this for any other purpose. Special characters: \" \\
*
* The version of the OpenAPI document: 1.0.0
* Generated by: https://github.com/openapitools/openapi-generator.git
*/
using Newtonsoft.Json;
using Newtonsoft.Json.Serialization;
using System;
@@ -82,7 +92,7 @@ namespace Org.OpenAPITools.Client
/// <param name="method">HTTP method</param>
/// <param name="path">Path</param>
/// <param name="requestOptions">Request options</param>
/// <returns></returns>
/// <returns>Http signed headers</returns>
internal Dictionary<string, string> GetHttpSignedHeader(string basePath,string method, string path, RequestOptions requestOptions)
{
const string HEADER_REQUEST_TARGET = "(request-target)";
@@ -133,7 +143,7 @@ namespace Org.OpenAPITools.Client
}
else
{
httpValues.Add(HttpUtility.UrlEncode(parameter.Key), parameter.Value[0]);
httpValues.Add(HttpUtility.UrlEncode(parameter.Key), parameter.Value[0]);
}
#else
if (parameter.Value.Count > 1)
@@ -178,7 +188,6 @@ namespace Org.OpenAPITools.Client
throw new Exception(string.Format("{0} not supported", HashAlgorithm));
}
foreach (var header in HttpSigningHeader)
{
if (header.Equals(HEADER_REQUEST_TARGET))
@@ -236,7 +245,6 @@ namespace Org.OpenAPITools.Client
foreach (var keyVal in HttpSignatureHeader)
{
headerValuesList.Add(string.Format("{0}: {1}", keyVal.Key, keyVal.Value));
}
//Concatenate headers value separated by new line
var headerValuesString = string.Join("\n", headerValuesList);
@@ -252,7 +260,11 @@ namespace Org.OpenAPITools.Client
{
headerSignatureStr = GetECDSASignature(signatureStringHash);
}
var cryptographicScheme = "hs2019";
else
{
throw new Exception(string.Format("Private key type {0} not supported", keyType));
}
const string cryptographicScheme = "hs2019";
var authorizationHeaderValue = string.Format("Signature keyId=\"{0}\",algorithm=\"{1}\"",
KeyId, cryptographicScheme);
@@ -268,9 +280,7 @@ namespace Org.OpenAPITools.Client
authorizationHeaderValue += string.Format(",headers=\"{0}\",signature=\"{1}\"",
headersKeysString, headerSignatureStr);
HttpSignedRequestHeader.Add(HEADER_AUTHORIZATION, authorizationHeaderValue);
return HttpSignedRequestHeader;
}
@@ -302,14 +312,17 @@ namespace Org.OpenAPITools.Client
var signedbytes = rsa.SignHash(stringToSign, HashAlgorithm, RSASignaturePadding.Pkcs1);
return Convert.ToBase64String(signedbytes);
}
return string.Empty;
else
{
return string.Empty;
}
}
/// <summary>
/// Gets the ECDSA signature
/// </summary>
/// <param name="dataToSign"></param>
/// <returns></returns>
/// <returns>ECDSA signature</returns>
private string GetECDSASignature(byte[] dataToSign)
{
if (!File.Exists(KeyFilePath))
@@ -317,8 +330,8 @@ namespace Org.OpenAPITools.Client
throw new Exception("key file path does not exist.");
}
var ecKeyHeader = "-----BEGIN EC PRIVATE KEY-----";
var ecKeyFooter = "-----END EC PRIVATE KEY-----";
const string ecKeyHeader = "-----BEGIN EC PRIVATE KEY-----";
const string ecKeyFooter = "-----END EC PRIVATE KEY-----";
var keyStr = File.ReadAllText(KeyFilePath);
var ecKeyBase64String = keyStr.Replace(ecKeyHeader, "").Replace(ecKeyFooter, "").Trim();
var keyBytes = System.Convert.FromBase64String(ecKeyBase64String);
@@ -355,10 +368,9 @@ namespace Org.OpenAPITools.Client
#else
throw new Exception("ECDSA signing is supported only on NETCOREAPP3_0 and above");
#endif
}
private byte[] ConvertToECDSAANS1Format(byte[] signedBytes)
private byte[] ConvertToECDSAANS1Format(byte[] signedBytes)
{
var derBytes = new List<byte>();
byte derLength = 68; //default length for ECDSA code signing bit 0x44
@@ -481,7 +493,7 @@ namespace Org.OpenAPITools.Client
byte[] salt = new byte[saltstr.Length / 2];
for (int i = 0; i < salt.Length; i++)
salt[i] = Convert.ToByte(saltstr.Substring(i * 2, 2), 16);
if (!(str.ReadLine() == ""))
if (str.ReadLine() != "")
{
return null;
}
@@ -512,7 +524,7 @@ namespace Org.OpenAPITools.Client
private RSACryptoServiceProvider DecodeRSAPrivateKey(byte[] privkey)
{
byte[] MODULUS, E, D, P, Q, DP, DQ, IQ;
byte[] bytesModulus, bytesE, bytesD, bytesP, bytesQ, bytesDP, bytesDQ, bytesIQ;
// --------- Set up stream to decode the asn.1 encoded RSA private key ------
MemoryStream mem = new MemoryStream(privkey);
@@ -549,40 +561,40 @@ namespace Org.OpenAPITools.Client
//------ all private key components are Integer sequences ----
elems = GetIntegerSize(binr);
MODULUS = binr.ReadBytes(elems);
bytesModulus = binr.ReadBytes(elems);
elems = GetIntegerSize(binr);
E = binr.ReadBytes(elems);
bytesE = binr.ReadBytes(elems);
elems = GetIntegerSize(binr);
D = binr.ReadBytes(elems);
bytesD = binr.ReadBytes(elems);
elems = GetIntegerSize(binr);
P = binr.ReadBytes(elems);
bytesP = binr.ReadBytes(elems);
elems = GetIntegerSize(binr);
Q = binr.ReadBytes(elems);
bytesQ = binr.ReadBytes(elems);
elems = GetIntegerSize(binr);
DP = binr.ReadBytes(elems);
bytesDP = binr.ReadBytes(elems);
elems = GetIntegerSize(binr);
DQ = binr.ReadBytes(elems);
bytesDQ = binr.ReadBytes(elems);
elems = GetIntegerSize(binr);
IQ = binr.ReadBytes(elems);
bytesIQ = binr.ReadBytes(elems);
// ------- create RSACryptoServiceProvider instance and initialize with public key -----
RSACryptoServiceProvider RSA = new RSACryptoServiceProvider();
RSAParameters RSAparams = new RSAParameters();
RSAparams.Modulus = MODULUS;
RSAparams.Exponent = E;
RSAparams.D = D;
RSAparams.P = P;
RSAparams.Q = Q;
RSAparams.DP = DP;
RSAparams.DQ = DQ;
RSAparams.InverseQ = IQ;
RSAparams.Modulus = bytesModulus;
RSAparams.Exponent = bytesE;
RSAparams.D = bytesD;
RSAparams.P = bytesP;
RSAparams.Q = bytesQ;
RSAparams.DP = bytesDP;
RSAparams.DQ = bytesDQ;
RSAparams.InverseQ = bytesIQ;
RSA.ImportParameters(RSAparams);
return RSA;
}
@@ -637,7 +649,7 @@ namespace Org.OpenAPITools.Client
private byte[] GetEncryptedKey(byte[] salt, SecureString secpswd, int count, int miter)
{
IntPtr unmanagedPswd = IntPtr.Zero;
int HASHLENGTH = 16; //MD5 bytes
const int HASHLENGTH = 16; //MD5 bytes
byte[] keymaterial = new byte[HASHLENGTH * miter]; //to store concatenated Mi hashed results
byte[] psbytes = new byte[secpswd.Length];
@@ -670,7 +682,9 @@ namespace Org.OpenAPITools.Client
}
for (int i = 0; i < count; i++)
{
result = md5.ComputeHash(result);
}
Array.Copy(result, 0, keymaterial, j * HASHLENGTH, result.Length); //concatenate to keymaterial
}
byte[] deskey = new byte[24];
@@ -708,7 +722,7 @@ namespace Org.OpenAPITools.Client
/// Detect the key type from the pem file.
/// </summary>
/// <param name="keyFilePath">key file path in pem format</param>
/// <returns></returns>
/// <returns>Private Key Type</returns>
private PrivateKeyType GetKeyType(string keyFilePath)
{
if (!File.Exists(keyFilePath))
@@ -716,39 +730,37 @@ namespace Org.OpenAPITools.Client
throw new Exception("Key file path does not exist.");
}
var ecPrivateKeyHeader = "BEGIN EC PRIVATE KEY";
var ecPrivateKeyFooter = "END EC PRIVATE KEY";
var rsaPrivateKeyHeader = "BEGIN RSA PRIVATE KEY";
var rsaPrivateFooter = "END RSA PRIVATE KEY";
const string ecPrivateKeyHeader = "BEGIN EC PRIVATE KEY";
const string ecPrivateKeyFooter = "END EC PRIVATE KEY";
const string rsaPrivateKeyHeader = "BEGIN RSA PRIVATE KEY";
const string rsaPrivateFooter = "END RSA PRIVATE KEY";
//var pkcs8Header = "BEGIN PRIVATE KEY";
//var pkcs8Footer = "END PRIVATE KEY";
var keyType = PrivateKeyType.None;
PrivateKeyType keyType;
var key = File.ReadAllLines(keyFilePath);
if (key[0].ToString().Contains(rsaPrivateKeyHeader) &&
if (key[0].Contains(rsaPrivateKeyHeader) &&
key[key.Length - 1].ToString().Contains(rsaPrivateFooter))
{
keyType = PrivateKeyType.RSA;
}
else if (key[0].ToString().Contains(ecPrivateKeyHeader) &&
else if (key[0].Contains(ecPrivateKeyHeader) &&
key[key.Length - 1].ToString().Contains(ecPrivateKeyFooter))
{
keyType = PrivateKeyType.ECDSA;
}
else if (key[0].ToString().Contains(ecPrivateKeyHeader) &&
else if (key[0].Contains(ecPrivateKeyHeader) &&
key[key.Length - 1].ToString().Contains(ecPrivateKeyFooter))
{
/* this type of key can hold many type different types of private key, but here due lack of pem header
Considering this as EC key
*/
// this type of key can hold many type different types of private key, but here due lack of pem header
// Considering this as EC key
//TODO :- update the key based on oid
keyType = PrivateKeyType.ECDSA;
}
else
{
throw new Exception("Either the key is invalid or key is not supported");
}
return keyType;
}
samples/client/petstore/csharp-netcore/OpenAPIClient-net47/src/Org.OpenAPITools/Client/HttpSigningConfiguration.cs
+ 57
- 45
/*
* OpenAPI Petstore
*
* This spec is mainly for testing Petstore server and contains fake endpoints, models. Please do not use this for any other purpose. Special characters: \" \\
*
* The version of the OpenAPI document: 1.0.0
* Generated by: https://github.com/openapitools/openapi-generator.git
*/
using Newtonsoft.Json;
using Newtonsoft.Json.Serialization;
using System;
@@ -82,7 +92,7 @@ namespace Org.OpenAPITools.Client
/// <param name="method">HTTP method</param>
/// <param name="path">Path</param>
/// <param name="requestOptions">Request options</param>
/// <returns></returns>
/// <returns>Http signed headers</returns>
internal Dictionary<string, string> GetHttpSignedHeader(string basePath,string method, string path, RequestOptions requestOptions)
{
const string HEADER_REQUEST_TARGET = "(request-target)";
@@ -133,7 +143,7 @@ namespace Org.OpenAPITools.Client
}
else
{
httpValues.Add(HttpUtility.UrlEncode(parameter.Key), parameter.Value[0]);
httpValues.Add(HttpUtility.UrlEncode(parameter.Key), parameter.Value[0]);
}
#else
if (parameter.Value.Count > 1)
@@ -178,7 +188,6 @@ namespace Org.OpenAPITools.Client
throw new Exception(string.Format("{0} not supported", HashAlgorithm));
}
foreach (var header in HttpSigningHeader)
{
if (header.Equals(HEADER_REQUEST_TARGET))
@@ -236,7 +245,6 @@ namespace Org.OpenAPITools.Client
foreach (var keyVal in HttpSignatureHeader)
{
headerValuesList.Add(string.Format("{0}: {1}", keyVal.Key, keyVal.Value));
}
//Concatenate headers value separated by new line
var headerValuesString = string.Join("\n", headerValuesList);
@@ -252,7 +260,11 @@ namespace Org.OpenAPITools.Client
{
headerSignatureStr = GetECDSASignature(signatureStringHash);
}
var cryptographicScheme = "hs2019";
else
{
throw new Exception(string.Format("Private key type {0} not supported", keyType));
}
const string cryptographicScheme = "hs2019";
var authorizationHeaderValue = string.Format("Signature keyId=\"{0}\",algorithm=\"{1}\"",
KeyId, cryptographicScheme);
@@ -268,9 +280,7 @@ namespace Org.OpenAPITools.Client
authorizationHeaderValue += string.Format(",headers=\"{0}\",signature=\"{1}\"",
headersKeysString, headerSignatureStr);
HttpSignedRequestHeader.Add(HEADER_AUTHORIZATION, authorizationHeaderValue);
return HttpSignedRequestHeader;
}
@@ -302,14 +312,17 @@ namespace Org.OpenAPITools.Client
var signedbytes = rsa.SignHash(stringToSign, HashAlgorithm, RSASignaturePadding.Pkcs1);
return Convert.ToBase64String(signedbytes);
}
return string.Empty;
else
{
return string.Empty;
}
}
/// <summary>
/// Gets the ECDSA signature
/// </summary>
/// <param name="dataToSign"></param>
/// <returns></returns>
/// <returns>ECDSA signature</returns>
private string GetECDSASignature(byte[] dataToSign)
{
if (!File.Exists(KeyFilePath))
@@ -317,8 +330,8 @@ namespace Org.OpenAPITools.Client
throw new Exception("key file path does not exist.");
}
var ecKeyHeader = "-----BEGIN EC PRIVATE KEY-----";
var ecKeyFooter = "-----END EC PRIVATE KEY-----";
const string ecKeyHeader = "-----BEGIN EC PRIVATE KEY-----";
const string ecKeyFooter = "-----END EC PRIVATE KEY-----";
var keyStr = File.ReadAllText(KeyFilePath);
var ecKeyBase64String = keyStr.Replace(ecKeyHeader, "").Replace(ecKeyFooter, "").Trim();
var keyBytes = System.Convert.FromBase64String(ecKeyBase64String);
@@ -355,10 +368,9 @@ namespace Org.OpenAPITools.Client
#else
throw new Exception("ECDSA signing is supported only on NETCOREAPP3_0 and above");
#endif
}
private byte[] ConvertToECDSAANS1Format(byte[] signedBytes)
private byte[] ConvertToECDSAANS1Format(byte[] signedBytes)
{
var derBytes = new List<byte>();
byte derLength = 68; //default length for ECDSA code signing bit 0x44
@@ -481,7 +493,7 @@ namespace Org.OpenAPITools.Client
byte[] salt = new byte[saltstr.Length / 2];
for (int i = 0; i < salt.Length; i++)
salt[i] = Convert.ToByte(saltstr.Substring(i * 2, 2), 16);
if (!(str.ReadLine() == ""))
if (str.ReadLine() != "")
{
return null;
}
@@ -512,7 +524,7 @@ namespace Org.OpenAPITools.Client
private RSACryptoServiceProvider DecodeRSAPrivateKey(byte[] privkey)
{
byte[] MODULUS, E, D, P, Q, DP, DQ, IQ;
byte[] bytesModulus, bytesE, bytesD, bytesP, bytesQ, bytesDP, bytesDQ, bytesIQ;
// --------- Set up stream to decode the asn.1 encoded RSA private key ------
MemoryStream mem = new MemoryStream(privkey);
@@ -549,40 +561,40 @@ namespace Org.OpenAPITools.Client
//------ all private key components are Integer sequences ----
elems = GetIntegerSize(binr);
MODULUS = binr.ReadBytes(elems);
bytesModulus = binr.ReadBytes(elems);
elems = GetIntegerSize(binr);
E = binr.ReadBytes(elems);
bytesE = binr.ReadBytes(elems);
elems = GetIntegerSize(binr);
D = binr.ReadBytes(elems);
bytesD = binr.ReadBytes(elems);
elems = GetIntegerSize(binr);
P = binr.ReadBytes(elems);
bytesP = binr.ReadBytes(elems);
elems = GetIntegerSize(binr);
Q = binr.ReadBytes(elems);
bytesQ = binr.ReadBytes(elems);
elems = GetIntegerSize(binr);
DP = binr.ReadBytes(elems);
bytesDP = binr.ReadBytes(elems);
elems = GetIntegerSize(binr);
DQ = binr.ReadBytes(elems);
bytesDQ = binr.ReadBytes(elems);
elems = GetIntegerSize(binr);
IQ = binr.ReadBytes(elems);
bytesIQ = binr.ReadBytes(elems);
// ------- create RSACryptoServiceProvider instance and initialize with public key -----
RSACryptoServiceProvider RSA = new RSACryptoServiceProvider();
RSAParameters RSAparams = new RSAParameters();
RSAparams.Modulus = MODULUS;
RSAparams.Exponent = E;
RSAparams.D = D;
RSAparams.P = P;
RSAparams.Q = Q;
RSAparams.DP = DP;
RSAparams.DQ = DQ;
RSAparams.InverseQ = IQ;
RSAparams.Modulus = bytesModulus;
RSAparams.Exponent = bytesE;
RSAparams.D = bytesD;
RSAparams.P = bytesP;
RSAparams.Q = bytesQ;
RSAparams.DP = bytesDP;
RSAparams.DQ = bytesDQ;
RSAparams.InverseQ = bytesIQ;
RSA.ImportParameters(RSAparams);
return RSA;
}
@@ -637,7 +649,7 @@ namespace Org.OpenAPITools.Client
private byte[] GetEncryptedKey(byte[] salt, SecureString secpswd, int count, int miter)
{
IntPtr unmanagedPswd = IntPtr.Zero;
int HASHLENGTH = 16; //MD5 bytes
const int HASHLENGTH = 16; //MD5 bytes
byte[] keymaterial = new byte[HASHLENGTH * miter]; //to store concatenated Mi hashed results
byte[] psbytes = new byte[secpswd.Length];
@@ -670,7 +682,9 @@ namespace Org.OpenAPITools.Client
}
for (int i = 0; i < count; i++)
{
result = md5.ComputeHash(result);
}
Array.Copy(result, 0, keymaterial, j * HASHLENGTH, result.Length); //concatenate to keymaterial
}
byte[] deskey = new byte[24];
@@ -708,7 +722,7 @@ namespace Org.OpenAPITools.Client
/// Detect the key type from the pem file.
/// </summary>
/// <param name="keyFilePath">key file path in pem format</param>
/// <returns></returns>
/// <returns>Private Key Type</returns>
private PrivateKeyType GetKeyType(string keyFilePath)
{
if (!File.Exists(keyFilePath))
@@ -716,39 +730,37 @@ namespace Org.OpenAPITools.Client
throw new Exception("Key file path does not exist.");
}
var ecPrivateKeyHeader = "BEGIN EC PRIVATE KEY";
var ecPrivateKeyFooter = "END EC PRIVATE KEY";
var rsaPrivateKeyHeader = "BEGIN RSA PRIVATE KEY";
var rsaPrivateFooter = "END RSA PRIVATE KEY";
const string ecPrivateKeyHeader = "BEGIN EC PRIVATE KEY";
const string ecPrivateKeyFooter = "END EC PRIVATE KEY";
const string rsaPrivateKeyHeader = "BEGIN RSA PRIVATE KEY";
const string rsaPrivateFooter = "END RSA PRIVATE KEY";
//var pkcs8Header = "BEGIN PRIVATE KEY";
//var pkcs8Footer = "END PRIVATE KEY";
var keyType = PrivateKeyType.None;
PrivateKeyType keyType;
var key = File.ReadAllLines(keyFilePath);
if (key[0].ToString().Contains(rsaPrivateKeyHeader) &&
if (key[0].Contains(rsaPrivateKeyHeader) &&
key[key.Length - 1].ToString().Contains(rsaPrivateFooter))
{
keyType = PrivateKeyType.RSA;
}
else if (key[0].ToString().Contains(ecPrivateKeyHeader) &&
else if (key[0].Contains(ecPrivateKeyHeader) &&
key[key.Length - 1].ToString().Contains(ecPrivateKeyFooter))
{
keyType = PrivateKeyType.ECDSA;
}
else if (key[0].ToString().Contains(ecPrivateKeyHeader) &&
else if (key[0].Contains(ecPrivateKeyHeader) &&
key[key.Length - 1].ToString().Contains(ecPrivateKeyFooter))
{
/* this type of key can hold many type different types of private key, but here due lack of pem header
Considering this as EC key
*/
// this type of key can hold many type different types of private key, but here due lack of pem header
// Considering this as EC key
//TODO :- update the key based on oid
keyType = PrivateKeyType.ECDSA;
}
else
{
throw new Exception("Either the key is invalid or key is not supported");
}
return keyType;
}