shaba/QRBee
1
0
Fork 0
mirror of https://github.com/NecroticBamboo/QRBee.git synced 2025-12-21 12:11:53 +00:00
Code Issues Packages Projects Releases Wiki Activity

Sertificate generation works.

Browse Source
This commit is contained in:
Andrey Shabarshov 2022-02-23 11:08:16 +00:00
parent 8d5702b621
commit 0092de2ec5
3 changed files with 37 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
QRBee/QRBee/ViewModels/RegisterViewModel.cs
View File

@ -149,7 +149,9 @@ namespace QRBee.ViewModels
try try
{ {
if (!settings.IsRegistered) // FOR TESTING PURPOSES
//!settings.IsRegistered
if (true)
{ {
var response = await service.RegisterAsync(request); var response = await service.RegisterAsync(request);
@ -164,12 +166,12 @@ namespace QRBee.ViewModels
var page = Application.Current.MainPage.Navigation.NavigationStack.LastOrDefault(); var page = Application.Current.MainPage.Navigation.NavigationStack.LastOrDefault();
await page.DisplayAlert("Success", "You have been registered successfully", "Ok"); await page.DisplayAlert("Success", "You have been registered successfully", "Ok");
} }
else //else
{ //{
await service.UpdateAsync(settings.ClientId, request); // await service.UpdateAsync(settings.ClientId, request);
var page = Application.Current.MainPage.Navigation.NavigationStack.LastOrDefault(); // var page = Application.Current.MainPage.Navigation.NavigationStack.LastOrDefault();
await page.DisplayAlert("Success", "Your data has been updated successfully", "Ok"); // await page.DisplayAlert("Success", "Your data has been updated successfully", "Ok");
} //}
await Shell.Current.GoToAsync($"//{nameof(MainPage)}"); await Shell.Current.GoToAsync($"//{nameof(MainPage)}");
} }

6
QRBeeApi/Services/QRBeeAPIService.cs
View File

@ -50,7 +50,11 @@ namespace QRBee.Api.Services
var info = Convert(request); var info = Convert(request);
var clientId = await _storage.PutUserInfo(info); var clientId = await _storage.PutUserInfo(info);
var clientCertificate = _securityService.CreateCertificate(clientId,Encoding.UTF8.GetBytes(request.CertificateRequest.RsaPublicKey.ConvertToJson()));
using var rsa = LoadRsaPublicKey(request.CertificateRequest.RsaPublicKey);
var bytes = rsa.ExportRSAPublicKey();
var clientCertificate = _securityService.CreateCertificate(clientId,bytes);
var convertedClientCertificate = Convert(clientCertificate, clientId); var convertedClientCertificate = Convert(clientCertificate, clientId);
await _storage.InsertCertificate(convertedClientCertificate); await _storage.InsertCertificate(convertedClientCertificate);

31
QRBeeApi/Services/ServerPrivateKeyHandler.cs
View File

@ -10,6 +10,7 @@ namespace QRBee.Api.Services
/// </summary> /// </summary>
public class ServerPrivateKeyHandler : IPrivateKeyHandler public class ServerPrivateKeyHandler : IPrivateKeyHandler
{ {
private readonly ILogger<ServerPrivateKeyHandler> _logger;
private X509Certificate2? _certificate; private X509Certificate2? _certificate;
private readonly object _syncObject = new object(); private readonly object _syncObject = new object();
@ -21,6 +22,12 @@ namespace QRBee.Api.Services
private string PrivateKeyFileName => $"{Environment.GetFolderPath(System.Environment.SpecialFolder.LocalApplicationData)}/{FileName}"; private string PrivateKeyFileName => $"{Environment.GetFolderPath(System.Environment.SpecialFolder.LocalApplicationData)}/{FileName}";
public ServerPrivateKeyHandler(ILogger<ServerPrivateKeyHandler> logger)
{
_logger = logger;
}
/// <inheritdoc/> /// <inheritdoc/>
public bool Exists() public bool Exists()
=> File.Exists(PrivateKeyFileName); => File.Exists(PrivateKeyFileName);
@ -31,12 +38,14 @@ namespace QRBee.Api.Services
// locking used to make sure that only one thread generating a private key // locking used to make sure that only one thread generating a private key
lock (_syncObject) lock (_syncObject)
{ {
_logger.LogDebug("Generating private key");
var pk = CreateSelfSignedServerCertificate(subjectName); var pk = CreateSelfSignedServerCertificate(subjectName);
var pkcs12data = pk.Export(X509ContentType.Pfx, VeryBadNeverUseCertificatePassword); var pkcs12data = pk.Export(X509ContentType.Pfx, VeryBadNeverUseCertificatePassword);
File.WriteAllBytes(PrivateKeyFileName, pkcs12data); File.WriteAllBytes(PrivateKeyFileName, pkcs12data);
_certificate?.Dispose(); _certificate?.Dispose();
_certificate = new X509Certificate2(pkcs12data, VeryBadNeverUseCertificatePassword); _certificate = new X509Certificate2(pkcs12data, VeryBadNeverUseCertificatePassword);
_logger.LogInformation($"Private key generated: {PrivateKeyFileName}");
} }
return CreateCertificateRequest(subjectName); return CreateCertificateRequest(subjectName);
@ -47,7 +56,7 @@ namespace QRBee.Api.Services
{ {
//TODO in fact server should create certificate request in standard format if we ever want to get externally sighed certificate. //TODO in fact server should create certificate request in standard format if we ever want to get externally sighed certificate.
var pk = LoadPrivateKey(); var pk = LoadPrivateKey();
var rsa = pk.GetRSAPublicKey(); var rsa = pk.GetRSAPrivateKey();
if (rsa == null) if (rsa == null)
{ {
@ -116,18 +125,19 @@ namespace QRBee.Api.Services
/// <returns></returns> /// <returns></returns>
private X509Certificate2 CreateSelfSignedServerCertificate(string subjectName) private X509Certificate2 CreateSelfSignedServerCertificate(string subjectName)
{ {
_logger.LogDebug("Creating self-signed certificate");
// https://stackoverflow.com/questions/42786986/how-to-create-a-valid-self-signed-x509certificate2-programmatically-not-loadin // https://stackoverflow.com/questions/42786986/how-to-create-a-valid-self-signed-x509certificate2-programmatically-not-loadin
var distinguishedName = new X500DistinguishedName($"CN={subjectName}"); var distinguishedName = new X500DistinguishedName($"CN={subjectName}");
using RSA rsa = RSA.Create(RSABits); using RSA rsa = RSA.Create(RSABits);
var request = CreateClientCertificateRequest(distinguishedName, rsa); var request = CreateServerCertificateRequest(distinguishedName, rsa);
var certificate = request.CreateSelfSigned( var certificate = request.CreateSelfSigned(
new DateTimeOffset(DateTime.UtcNow.AddDays(-1)), new DateTimeOffset(DateTime.UtcNow.AddDays(-1)),
new DateTimeOffset(DateTime.UtcNow.AddDays(CertificateValidityDays)) new DateTimeOffset(DateTime.UtcNow.AddDays(CertificateValidityDays))
); );
_logger.LogInformation("Self-signed certificate created");
return certificate; return certificate;
} }
@ -137,25 +147,30 @@ namespace QRBee.Api.Services
/// <param name="distinguishedName"></param> /// <param name="distinguishedName"></param>
/// <param name="rsa"></param> /// <param name="rsa"></param>
/// <returns></returns> /// <returns></returns>
private static CertificateRequest CreateClientCertificateRequest(X500DistinguishedName distinguishedName, RSA rsa) private static CertificateRequest CreateServerCertificateRequest(X500DistinguishedName distinguishedName, RSA rsa)
{ {
var request = new CertificateRequest( var request = new CertificateRequest(
distinguishedName, distinguishedName,
rsa, rsa,
HashAlgorithmName.SHA256, HashAlgorithmName.SHA256,
RSASignaturePadding.Pkcs1 RSASignaturePadding.Pkcs1
); );
request.CertificateExtensions.Add( request.CertificateExtensions.Add(
new X509KeyUsageExtension( new X509KeyUsageExtension(
X509KeyUsageFlags.DataEncipherment X509KeyUsageFlags.DataEncipherment
| X509KeyUsageFlags.KeyEncipherment | X509KeyUsageFlags.KeyEncipherment
| X509KeyUsageFlags.DigitalSignature, | X509KeyUsageFlags.DigitalSignature
false)); | X509KeyUsageFlags.CrlSign
| X509KeyUsageFlags.KeyCertSign,
false));
request.CertificateExtensions.Add(new X509BasicConstraintsExtension(true,false,0,true));
return request; return request;
} }
/// <inheritdoc/> /// <inheritdoc/>
public X509Certificate2 LoadPrivateKey() public X509Certificate2 LoadPrivateKey()
{ {