diff --git a/src/LetsEncrypt/LetsEncrypt.csproj b/src/LetsEncrypt/LetsEncrypt.csproj
index ae5e10f..54bddde 100644
--- a/src/LetsEncrypt/LetsEncrypt.csproj
+++ b/src/LetsEncrypt/LetsEncrypt.csproj
@@ -8,8 +8,9 @@
+
-
+
diff --git a/src/LetsEncrypt/Services/JwsService.cs b/src/LetsEncrypt/Services/JwsService.cs
index 2258666..73720f5 100644
--- a/src/LetsEncrypt/Services/JwsService.cs
+++ b/src/LetsEncrypt/Services/JwsService.cs
@@ -106,7 +106,4 @@ public class JwsService : IJwsService {
.Split('=').First() // Remove any trailing '='s
.Replace('+', '-') // 62nd char of encoding
.Replace('/', '_'); // 63rd char of encoding
-
-
-
}
diff --git a/src/LetsEncrypt/Services/LetsEncryptService.cs b/src/LetsEncrypt/Services/LetsEncryptService.cs
index c409dcb..ff78184 100644
--- a/src/LetsEncrypt/Services/LetsEncryptService.cs
+++ b/src/LetsEncrypt/Services/LetsEncryptService.cs
@@ -52,7 +52,7 @@ public class LetsEncryptService : ILetsEncryptService {
private HttpClient _httpClient;
- private IJwsService _jwsService;
+ private IJwsService? _jwsService;
private AcmeDirectory? _directory;
private RegistrationCache? _cache;
diff --git a/src/LetsEncryptConsole/App.cs b/src/LetsEncryptConsole/App.cs
index 0bf1031..d5866a2 100644
--- a/src/LetsEncryptConsole/App.cs
+++ b/src/LetsEncryptConsole/App.cs
@@ -23,20 +23,17 @@ public class App : IApp {
private readonly ILogger _logger;
private readonly Configuration _appSettings;
private readonly ILetsEncryptService _letsEncryptService;
- private readonly IKeyService _keyService;
private readonly ITerminalService _terminalService;
public App(
ILogger logger,
IOptions appSettings,
ILetsEncryptService letsEncryptService,
- IKeyService keyService,
ITerminalService terminalService
) {
_logger = logger;
_appSettings = appSettings.Value;
_letsEncryptService = letsEncryptService;
- _keyService = keyService;
_terminalService = terminalService;
}
@@ -102,16 +99,12 @@ public class App : IApp {
// if valid check if cert and key exists otherwise recreate
// else continue with new certificate request
var certRes = new CachedCertificateResult();
- if (registrationCache.TryGetCachedCertificate(site.Name, out certRes)) {
- string cert = Path.Combine(sslPath, $"{site.Name}.crt");
- //if(!File.Exists(cert))
- File.WriteAllText(cert, certRes.Certificate);
+ if (registrationCache != null && registrationCache.TryGetCachedCertificate(site.Name, out certRes)) {
- string key = Path.Combine(sslPath, $"{site.Name}.key");
- //if(!File.Exists(key)) {
- using (StreamWriter writer = File.CreateText(key))
- _keyService.ExportPrivateKey(certRes.PrivateKey, writer);
- //}
+ File.WriteAllText(Path.Combine(sslPath, $"{site.Name}.crt"), certRes.Certificate);
+
+ if (certRes.PrivateKey != null)
+ File.WriteAllText(Path.Combine(sslPath, $"{site.Name}.key"), certRes.PrivateKey.ExportRSAPrivateKeyPem());
_logger.LogInformation("Certificate and Key exists and valid. Restored from cache.");
}
@@ -188,11 +181,10 @@ public class App : IApp {
certRes = new CachedCertificateResult();
if (registrationCache.TryGetCachedCertificate(site.Name, out certRes)) {
- File.WriteAllText(Path.Combine(sslPath, site.Name + ".crt"), certRes.Certificate);
+ File.WriteAllText(Path.Combine(sslPath, $"{site.Name}.crt"), certRes.Certificate);
- using (var writer = File.CreateText(Path.Combine(sslPath, site.Name + ".key"))) {
- _keyService.ExportPrivateKey(certRes.PrivateKey, writer);
- }
+ if(certRes.PrivateKey != null)
+ File.WriteAllText(Path.Combine(sslPath, $"{site.Name}.key"), certRes.PrivateKey.ExportRSAPrivateKeyPem());
_logger.LogInformation("Certificate saved.");
@@ -256,7 +248,6 @@ public class App : IApp {
string owner,
string changeMode
) {
-
using var sshService = new SSHService(logger, sshSettings.Host, sshSettings.Port, sshSettings.Username, sshSettings.Password);
sshService.Connect();
diff --git a/src/LetsEncryptConsole/Program.cs b/src/LetsEncryptConsole/Program.cs
index e9d7efe..7edba4d 100644
--- a/src/LetsEncryptConsole/Program.cs
+++ b/src/LetsEncryptConsole/Program.cs
@@ -42,8 +42,6 @@ class Program {
#region Services
services.RegisterLetsEncrypt();
-
- services.AddSingleton();
services.AddSingleton();
#endregion
diff --git a/src/LetsEncryptConsole/Services/KeyService.cs b/src/LetsEncryptConsole/Services/KeyService.cs
deleted file mode 100644
index 5718db1..0000000
--- a/src/LetsEncryptConsole/Services/KeyService.cs
+++ /dev/null
@@ -1,150 +0,0 @@
-using System.Security.Cryptography;
-
-namespace MaksIT.LetsEncryptConsole.Services;
-
-public interface IKeyService {
- void ExportPublicKey(RSACryptoServiceProvider csp, TextWriter outputStream);
- void ExportPrivateKey(RSACryptoServiceProvider csp, TextWriter outputStream);
-}
-
-public class KeyService : IKeyService {
- ///
- /// Export a certificate to a PEM format string
- ///
- /// The certificate to export
- /// A PEM encoded string
- //public static string ExportToPEM(X509Certificate2 cert)
- //{
- // StringBuilder builder = new StringBuilder();
-
- // builder.AppendLine("-----BEGIN CERTIFICATE-----");
- // builder.AppendLine(Convert.ToBase64String(cert.Export(X509ContentType.Cert), Base64FormattingOptions.InsertLineBreaks));
- // builder.AppendLine("-----END CERTIFICATE-----");
-
- // return builder.ToString();
- //}
- public void ExportPublicKey(RSACryptoServiceProvider csp, TextWriter outputStream) {
- var parameters = csp.ExportParameters(false);
- using (var stream = new MemoryStream()) {
- var writer = new BinaryWriter(stream);
- writer.Write((byte)0x30); // SEQUENCE
- using (var innerStream = new MemoryStream()) {
- var innerWriter = new BinaryWriter(innerStream);
- innerWriter.Write((byte)0x30); // SEQUENCE
- EncodeLength(innerWriter, 13);
- innerWriter.Write((byte)0x06); // OBJECT IDENTIFIER
- var rsaEncryptionOid = new byte[] { 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01 };
- EncodeLength(innerWriter, rsaEncryptionOid.Length);
- innerWriter.Write(rsaEncryptionOid);
- innerWriter.Write((byte)0x05); // NULL
- EncodeLength(innerWriter, 0);
- innerWriter.Write((byte)0x03); // BIT STRING
- using (var bitStringStream = new MemoryStream()) {
- var bitStringWriter = new BinaryWriter(bitStringStream);
- bitStringWriter.Write((byte)0x00); // # of unused bits
- bitStringWriter.Write((byte)0x30); // SEQUENCE
- using (var paramsStream = new MemoryStream()) {
- var paramsWriter = new BinaryWriter(paramsStream);
- EncodeIntegerBigEndian(paramsWriter, parameters.Modulus); // Modulus
- EncodeIntegerBigEndian(paramsWriter, parameters.Exponent); // Exponent
- var paramsLength = (int)paramsStream.Length;
- EncodeLength(bitStringWriter, paramsLength);
- bitStringWriter.Write(paramsStream.GetBuffer(), 0, paramsLength);
- }
- var bitStringLength = (int)bitStringStream.Length;
- EncodeLength(innerWriter, bitStringLength);
- innerWriter.Write(bitStringStream.GetBuffer(), 0, bitStringLength);
- }
- var length = (int)innerStream.Length;
- EncodeLength(writer, length);
- writer.Write(innerStream.GetBuffer(), 0, length);
- }
-
- var base64 = Convert.ToBase64String(stream.GetBuffer(), 0, (int)stream.Length).ToCharArray();
- outputStream.WriteLine("-----BEGIN PUBLIC KEY-----");
- for (var i = 0; i < base64.Length; i += 64) {
- outputStream.WriteLine(base64, i, Math.Min(64, base64.Length - i));
- }
- outputStream.WriteLine("-----END PUBLIC KEY-----");
- }
- }
-
- public void ExportPrivateKey(RSACryptoServiceProvider csp, TextWriter outputStream) {
- if (csp.PublicOnly) throw new ArgumentException("CSP does not contain a private key", "csp");
- var parameters = csp.ExportParameters(true);
- using (var stream = new MemoryStream()) {
- var writer = new BinaryWriter(stream);
- writer.Write((byte)0x30); // SEQUENCE
- using (var innerStream = new MemoryStream()) {
- var innerWriter = new BinaryWriter(innerStream);
- EncodeIntegerBigEndian(innerWriter, new byte[] { 0x00 }); // Version
- EncodeIntegerBigEndian(innerWriter, parameters.Modulus);
- EncodeIntegerBigEndian(innerWriter, parameters.Exponent);
- EncodeIntegerBigEndian(innerWriter, parameters.D);
- EncodeIntegerBigEndian(innerWriter, parameters.P);
- EncodeIntegerBigEndian(innerWriter, parameters.Q);
- EncodeIntegerBigEndian(innerWriter, parameters.DP);
- EncodeIntegerBigEndian(innerWriter, parameters.DQ);
- EncodeIntegerBigEndian(innerWriter, parameters.InverseQ);
- var length = (int)innerStream.Length;
- EncodeLength(writer, length);
- writer.Write(innerStream.GetBuffer(), 0, length);
- }
-
- var base64 = Convert.ToBase64String(stream.GetBuffer(), 0, (int)stream.Length).ToCharArray();
- outputStream.WriteLine("-----BEGIN RSA PRIVATE KEY-----");
- // Output as Base64 with lines chopped at 64 characters
- for (var i = 0; i < base64.Length; i += 64) {
- outputStream.WriteLine(base64, i, Math.Min(64, base64.Length - i));
- }
- outputStream.WriteLine("-----END RSA PRIVATE KEY-----");
- }
- }
-
- private void EncodeLength(BinaryWriter stream, int length) {
- if (length < 0) throw new ArgumentOutOfRangeException("length", "Length must be non-negative");
- if (length < 0x80) {
- // Short form
- stream.Write((byte)length);
- }
- else {
- // Long form
- var temp = length;
- var bytesRequired = 0;
- while (temp > 0) {
- temp >>= 8;
- bytesRequired++;
- }
- stream.Write((byte)(bytesRequired | 0x80));
- for (var i = bytesRequired - 1; i >= 0; i--) {
- stream.Write((byte)(length >> (8 * i) & 0xff));
- }
- }
- }
-
- private void EncodeIntegerBigEndian(BinaryWriter stream, byte[] value, bool forceUnsigned = true) {
- stream.Write((byte)0x02); // INTEGER
- var prefixZeros = 0;
- for (var i = 0; i < value.Length; i++) {
- if (value[i] != 0) break;
- prefixZeros++;
- }
- if (value.Length - prefixZeros == 0) {
- EncodeLength(stream, 1);
- stream.Write((byte)0);
- }
- else {
- if (forceUnsigned && value[prefixZeros] > 0x7f) {
- // Add a prefix zero to force unsigned if the MSB is 1
- EncodeLength(stream, value.Length - prefixZeros + 1);
- stream.Write((byte)0);
- }
- else {
- EncodeLength(stream, value.Length - prefixZeros);
- }
- for (var i = prefixZeros; i < value.Length; i++) {
- stream.Write(value[i]);
- }
- }
- }
-}
diff --git a/src/SSHProvider/SSHProvider.csproj b/src/SSHProvider/SSHProvider.csproj
index aef8d01..7a8377a 100644
--- a/src/SSHProvider/SSHProvider.csproj
+++ b/src/SSHProvider/SSHProvider.csproj
@@ -9,7 +9,7 @@
-
+
diff --git a/src/SSHProvider/SSHService.cs b/src/SSHProvider/SSHService.cs
index 90ef7e2..419f4b0 100644
--- a/src/SSHProvider/SSHService.cs
+++ b/src/SSHProvider/SSHService.cs
@@ -1,9 +1,12 @@
-using DomainResults.Common;
+using System.Text;
+using System.Text.RegularExpressions;
+
using Microsoft.Extensions.Logging;
+using DomainResults.Common;
+
using Renci.SshNet;
using Renci.SshNet.Common;
-using System.Text.RegularExpressions;
namespace MaksIT.SSHProvider {
@@ -22,8 +25,6 @@ namespace MaksIT.SSHProvider {
public readonly SshClient _sshClient;
public readonly SftpClient _sftpClient;
-
-
public SSHService(
ILogger logger,
string host,
@@ -31,11 +32,40 @@ namespace MaksIT.SSHProvider {
string username,
string password
) {
+
+ if(string.IsNullOrWhiteSpace(username) || string.IsNullOrWhiteSpace(password))
+ throw new ArgumentNullException($"{nameof(username)} or {nameof(password)} is null, empty or white space");
+
_logger = logger;
_sshClient = new SshClient(host, port, username, password);
_sftpClient = new SftpClient(host, port, username, password);
}
+
+ public SSHService(
+ ILogger logger,
+ string host,
+ int port,
+ string username,
+ string [] privateKeys
+ ) {
+
+ if (string.IsNullOrWhiteSpace(username) || privateKeys.Any(x => string.IsNullOrWhiteSpace(x)))
+ throw new ArgumentNullException($"{nameof(username)} or {nameof(privateKeys)} contains key which is null, empty or white space");
+
+ _logger = logger;
+
+ var privateKeyFiles = new List();
+ foreach (var privateKey in privateKeys) {
+ using (var ms = new MemoryStream(Encoding.ASCII.GetBytes(privateKey))) {
+ privateKeyFiles.Add(new PrivateKeyFile(ms));
+ }
+ }
+
+ _sshClient = new SshClient(host, port, username, privateKeyFiles.ToArray());
+ _sftpClient = new SftpClient(host, port, username, privateKeyFiles.ToArray());
+ }
+
public IDomainResult Connect() {
try {
_sshClient.Connect();
diff --git a/src/Tests/SSHSerivceTests/SSHProviderTests.csproj b/src/Tests/SSHSerivceTests/SSHProviderTests.csproj
index 49415f7..cb4a20a 100644
--- a/src/Tests/SSHSerivceTests/SSHProviderTests.csproj
+++ b/src/Tests/SSHSerivceTests/SSHProviderTests.csproj
@@ -10,13 +10,13 @@
-
-
-
+
+
+
runtime; build; native; contentfiles; analyzers; buildtransitive
all
-
+
runtime; build; native; contentfiles; analyzers; buildtransitive
all