diff --git a/QRBee/QRBee/ViewModels/RegisterViewModel.cs b/QRBee/QRBee/ViewModels/RegisterViewModel.cs index cc8f8bc..34ad1eb 100644 --- a/QRBee/QRBee/ViewModels/RegisterViewModel.cs +++ b/QRBee/QRBee/ViewModels/RegisterViewModel.cs @@ -149,7 +149,9 @@ namespace QRBee.ViewModels try { - if (!settings.IsRegistered) + // FOR TESTING PURPOSES + //!settings.IsRegistered + if (true) { var response = await service.RegisterAsync(request); @@ -164,12 +166,12 @@ namespace QRBee.ViewModels var page = Application.Current.MainPage.Navigation.NavigationStack.LastOrDefault(); await page.DisplayAlert("Success", "You have been registered successfully", "Ok"); } - else - { - await service.UpdateAsync(settings.ClientId, request); - var page = Application.Current.MainPage.Navigation.NavigationStack.LastOrDefault(); - await page.DisplayAlert("Success", "Your data has been updated successfully", "Ok"); - } + //else + //{ + // await service.UpdateAsync(settings.ClientId, request); + // var page = Application.Current.MainPage.Navigation.NavigationStack.LastOrDefault(); + // await page.DisplayAlert("Success", "Your data has been updated successfully", "Ok"); + //} await Shell.Current.GoToAsync($"//{nameof(MainPage)}"); } diff --git a/QRBeeApi/Services/QRBeeAPIService.cs b/QRBeeApi/Services/QRBeeAPIService.cs index 4247379..8355289 100644 --- a/QRBeeApi/Services/QRBeeAPIService.cs +++ b/QRBeeApi/Services/QRBeeAPIService.cs @@ -50,7 +50,11 @@ namespace QRBee.Api.Services var info = Convert(request); var clientId = await _storage.PutUserInfo(info); - var clientCertificate = _securityService.CreateCertificate(clientId,Encoding.UTF8.GetBytes(request.CertificateRequest.RsaPublicKey.ConvertToJson())); + + using var rsa = LoadRsaPublicKey(request.CertificateRequest.RsaPublicKey); + var bytes = rsa.ExportRSAPublicKey(); + + var clientCertificate = _securityService.CreateCertificate(clientId,bytes); var convertedClientCertificate = Convert(clientCertificate, clientId); await _storage.InsertCertificate(convertedClientCertificate); diff --git a/QRBeeApi/Services/ServerPrivateKeyHandler.cs b/QRBeeApi/Services/ServerPrivateKeyHandler.cs index ce84429..ddf59b4 100644 --- a/QRBeeApi/Services/ServerPrivateKeyHandler.cs +++ b/QRBeeApi/Services/ServerPrivateKeyHandler.cs @@ -10,6 +10,7 @@ namespace QRBee.Api.Services /// public class ServerPrivateKeyHandler : IPrivateKeyHandler { + private readonly ILogger _logger; private X509Certificate2? _certificate; private readonly object _syncObject = new object(); @@ -21,6 +22,12 @@ namespace QRBee.Api.Services private string PrivateKeyFileName => $"{Environment.GetFolderPath(System.Environment.SpecialFolder.LocalApplicationData)}/{FileName}"; + + public ServerPrivateKeyHandler(ILogger logger) + { + _logger = logger; + } + /// public bool Exists() => File.Exists(PrivateKeyFileName); @@ -31,12 +38,14 @@ namespace QRBee.Api.Services // locking used to make sure that only one thread generating a private key lock (_syncObject) { + _logger.LogDebug("Generating private key"); var pk = CreateSelfSignedServerCertificate(subjectName); var pkcs12data = pk.Export(X509ContentType.Pfx, VeryBadNeverUseCertificatePassword); File.WriteAllBytes(PrivateKeyFileName, pkcs12data); _certificate?.Dispose(); _certificate = new X509Certificate2(pkcs12data, VeryBadNeverUseCertificatePassword); + _logger.LogInformation($"Private key generated: {PrivateKeyFileName}"); } return CreateCertificateRequest(subjectName); @@ -47,7 +56,7 @@ namespace QRBee.Api.Services { //TODO in fact server should create certificate request in standard format if we ever want to get externally sighed certificate. var pk = LoadPrivateKey(); - var rsa = pk.GetRSAPublicKey(); + var rsa = pk.GetRSAPrivateKey(); if (rsa == null) { @@ -116,18 +125,19 @@ namespace QRBee.Api.Services /// private X509Certificate2 CreateSelfSignedServerCertificate(string subjectName) { + _logger.LogDebug("Creating self-signed certificate"); // https://stackoverflow.com/questions/42786986/how-to-create-a-valid-self-signed-x509certificate2-programmatically-not-loadin var distinguishedName = new X500DistinguishedName($"CN={subjectName}"); using RSA rsa = RSA.Create(RSABits); - var request = CreateClientCertificateRequest(distinguishedName, rsa); + var request = CreateServerCertificateRequest(distinguishedName, rsa); var certificate = request.CreateSelfSigned( new DateTimeOffset(DateTime.UtcNow.AddDays(-1)), new DateTimeOffset(DateTime.UtcNow.AddDays(CertificateValidityDays)) ); - + _logger.LogInformation("Self-signed certificate created"); return certificate; } @@ -137,25 +147,30 @@ namespace QRBee.Api.Services /// /// /// - private static CertificateRequest CreateClientCertificateRequest(X500DistinguishedName distinguishedName, RSA rsa) + private static CertificateRequest CreateServerCertificateRequest(X500DistinguishedName distinguishedName, RSA rsa) { var request = new CertificateRequest( distinguishedName, rsa, HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1 - ); + ); request.CertificateExtensions.Add( new X509KeyUsageExtension( - X509KeyUsageFlags.DataEncipherment + X509KeyUsageFlags.DataEncipherment | X509KeyUsageFlags.KeyEncipherment - | X509KeyUsageFlags.DigitalSignature, - false)); + | X509KeyUsageFlags.DigitalSignature + | X509KeyUsageFlags.CrlSign + | X509KeyUsageFlags.KeyCertSign, + false)); + + request.CertificateExtensions.Add(new X509BasicConstraintsExtension(true,false,0,true)); return request; } + /// public X509Certificate2 LoadPrivateKey() {