Merge pull request #1 from PKISharp/master

Merge with PKISharp master branch
PKISharp · Feb 9, 2019 · 609f519 · 609f519
2 parents 6753b05 + b323fff
commit 609f519
Show file tree

Hide file tree

Showing 118 changed files with 9,054 additions and 134 deletions.
diff --git a/.gitignore b/.gitignore
@@ -289,4 +289,7 @@ __pycache__/
 
 # Global ignore folder
 _IGNORE
-_TMP
+_TMP
+*.db
+*.crt
+*.pem
diff --git a/ACMESharpCore.sln b/ACMESharpCore.sln
@@ -21,6 +21,10 @@ Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "PKISharp.SimplePKI", "src\P
 EndProject
 Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "PKISharp.SimplePKI.UnitTests", "test\PKISharp.SimplePKI.UnitTests\PKISharp.SimplePKI.UnitTests.csproj", "{B4D9A8E9-7EC0-45AB-91A7-E788DD1A811C}"
 EndProject
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "ACMESharp.MockServer", "src\ACMESharp.MockServer\ACMESharp.MockServer.csproj", "{C9A4DD60-B2A0-4607-8452-823F60F5EF31}"
+EndProject
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "ACMESharp.MockServer.UnitTests", "test\ACMESharp.MockServer.UnitTests\ACMESharp.MockServer.UnitTests.csproj", "{7540669E-3D3B-48A6-9244-25735049CD06}"
+EndProject
 Global
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
 		Debug|Any CPU = Debug|Any CPU
@@ -118,6 +122,30 @@ Global
 		{B4D9A8E9-7EC0-45AB-91A7-E788DD1A811C}.Release|x64.Build.0 = Release|Any CPU
 		{B4D9A8E9-7EC0-45AB-91A7-E788DD1A811C}.Release|x86.ActiveCfg = Release|Any CPU
 		{B4D9A8E9-7EC0-45AB-91A7-E788DD1A811C}.Release|x86.Build.0 = Release|Any CPU
+		{C9A4DD60-B2A0-4607-8452-823F60F5EF31}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{C9A4DD60-B2A0-4607-8452-823F60F5EF31}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{C9A4DD60-B2A0-4607-8452-823F60F5EF31}.Debug|x64.ActiveCfg = Debug|Any CPU
+		{C9A4DD60-B2A0-4607-8452-823F60F5EF31}.Debug|x64.Build.0 = Debug|Any CPU
+		{C9A4DD60-B2A0-4607-8452-823F60F5EF31}.Debug|x86.ActiveCfg = Debug|Any CPU
+		{C9A4DD60-B2A0-4607-8452-823F60F5EF31}.Debug|x86.Build.0 = Debug|Any CPU
+		{C9A4DD60-B2A0-4607-8452-823F60F5EF31}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{C9A4DD60-B2A0-4607-8452-823F60F5EF31}.Release|Any CPU.Build.0 = Release|Any CPU
+		{C9A4DD60-B2A0-4607-8452-823F60F5EF31}.Release|x64.ActiveCfg = Release|Any CPU
+		{C9A4DD60-B2A0-4607-8452-823F60F5EF31}.Release|x64.Build.0 = Release|Any CPU
+		{C9A4DD60-B2A0-4607-8452-823F60F5EF31}.Release|x86.ActiveCfg = Release|Any CPU
+		{C9A4DD60-B2A0-4607-8452-823F60F5EF31}.Release|x86.Build.0 = Release|Any CPU
+		{7540669E-3D3B-48A6-9244-25735049CD06}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{7540669E-3D3B-48A6-9244-25735049CD06}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{7540669E-3D3B-48A6-9244-25735049CD06}.Debug|x64.ActiveCfg = Debug|Any CPU
+		{7540669E-3D3B-48A6-9244-25735049CD06}.Debug|x64.Build.0 = Debug|Any CPU
+		{7540669E-3D3B-48A6-9244-25735049CD06}.Debug|x86.ActiveCfg = Debug|Any CPU
+		{7540669E-3D3B-48A6-9244-25735049CD06}.Debug|x86.Build.0 = Debug|Any CPU
+		{7540669E-3D3B-48A6-9244-25735049CD06}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{7540669E-3D3B-48A6-9244-25735049CD06}.Release|Any CPU.Build.0 = Release|Any CPU
+		{7540669E-3D3B-48A6-9244-25735049CD06}.Release|x64.ActiveCfg = Release|Any CPU
+		{7540669E-3D3B-48A6-9244-25735049CD06}.Release|x64.Build.0 = Release|Any CPU
+		{7540669E-3D3B-48A6-9244-25735049CD06}.Release|x86.ActiveCfg = Release|Any CPU
+		{7540669E-3D3B-48A6-9244-25735049CD06}.Release|x86.Build.0 = Release|Any CPU
 	EndGlobalSection
 	GlobalSection(NestedProjects) = preSolution
 		{7271DEFE-BC5D-4716-883E-1C1343AF38EA} = {7E7FB75C-39A9-40A8-A5E0-5D90A21E40C0}
@@ -127,5 +155,7 @@ Global
 		{3DE930D7-55B4-419F-8BB3-1FE9424D5644} = {7E7FB75C-39A9-40A8-A5E0-5D90A21E40C0}
 		{E8D8739A-DCBC-4A4C-AB65-1A3F9EFB6015} = {7E7FB75C-39A9-40A8-A5E0-5D90A21E40C0}
 		{B4D9A8E9-7EC0-45AB-91A7-E788DD1A811C} = {CB261B10-6C7A-4B27-BB1E-448ACC76A10B}
+		{C9A4DD60-B2A0-4607-8452-823F60F5EF31} = {7E7FB75C-39A9-40A8-A5E0-5D90A21E40C0}
+		{7540669E-3D3B-48A6-9244-25735049CD06} = {CB261B10-6C7A-4B27-BB1E-448ACC76A10B}
 	EndGlobalSection
 EndGlobal
diff --git a/README.md b/README.md
@@ -2,7 +2,8 @@
 
 An ACME client library for .NET Standard (Let's Encrypt)
 
-[![Build status](https://ci.appveyor.com/api/projects/status/bvf3hiyantc3m8tv?svg=true)](https://ci.appveyor.com/project/ebekker/acmesharpcore)
+[![Build status](https://ci.appveyor.com/api/projects/status/bvf3hiyantc3m8tv?svg=true)](https://ci.appveyor.com/project/ebekker/acmesharpcore) ![NuGet Pre Release](https://img.shields.io/nuget/vpre/ACMESharpCore.svg)
+
 
 This is a port of the [ACMESharp](https://github.com/ebekker/ACMESharp) client library to .NET Standard 2.0.
 
@@ -27,10 +28,10 @@ If you are interested in using Let's Encrypt, or any other ACME-compliant CA in
 
 The goals for this project:
 
-* Migrate the ACMESharp client library to .NET Standard 2.0
-* Remove legacy cruft
-* Clean up the namespace structure and code org
-* Adjust coding standards to better conform with industry standards
-* Clearly separate and maintain independently the client library and the PS module
-* Complete any missing features from the ACME spec
-* Prepare for, and implement move to ACME 2.0 spec
+* [x] Migrate the ACMESharp client library to .NET Standard 2.0
+* [x] Remove legacy cruft
+* [x] Clean up the namespace structure and code org
+* [x] Adjust coding standards to better conform with industry standards
+* [x] Complete any missing features from the ACME spec
+* [x] Prepare for, and implement move to ACME 2.0 spec
+* [ ] Clearly separate and maintain independently the client library and the PS module
diff --git a/src/ACMESharp.MockServer/ACMESharp.MockServer.csproj b/src/ACMESharp.MockServer/ACMESharp.MockServer.csproj
@@ -0,0 +1,21 @@
+<Project Sdk="Microsoft.NET.Sdk.Web">
+
+  <PropertyGroup>
+    <TargetFramework>netcoreapp2.1</TargetFramework>
+  </PropertyGroup>
+
+  <ItemGroup>
+    <Folder Include="wwwroot\" />
+  </ItemGroup>
+
+  <ItemGroup>
+    <PackageReference Include="LiteDB" Version="4.1.4" />
+    <PackageReference Include="Microsoft.AspNetCore.App" />
+  </ItemGroup>
+
+  <ItemGroup>
+    <ProjectReference Include="..\ACMESharp\ACMESharp.csproj" />
+    <ProjectReference Include="..\PKISharp.SimplePKI\PKISharp.SimplePKI.csproj" />
+  </ItemGroup>
+
+</Project>
diff --git a/src/ACMESharp.MockServer/CertificateAuthority.cs b/src/ACMESharp.MockServer/CertificateAuthority.cs
@@ -0,0 +1,135 @@
+using System;
+using System.IO;
+using System.Linq;
+using ACMESharp.MockServer.Storage;
+using PKISharp.SimplePKI;
+
+namespace ACMESharp.MockServer
+{
+    public class CertificateAuthority
+    {
+        private Options _opts;
+        private PkiKeyPair _keyPair;
+
+        private long _serNum;
+
+        public CertificateAuthority(Options opts)
+        {
+            _opts = opts;
+
+            Init();
+        }
+
+        public PkiCertificate CaCertificate { get; set; }
+
+        private void Init()
+        {
+            if (File.Exists(_opts.CaKeyPairSavePath))
+            {
+                using (var fs = new FileStream(_opts.CaKeyPairSavePath, FileMode.Open))
+                {
+                    _keyPair = PkiKeyPair.Load(fs);
+                }
+            }
+            if (_keyPair == null)
+            {
+                switch (_opts.KeyPairAlgorithm)
+                {
+                    case PkiAsymmetricAlgorithm.Rsa:
+                        _keyPair = PkiKeyPair.GenerateRsaKeyPair(_opts.BitLength ?? 2048);
+                        break;
+                    case PkiAsymmetricAlgorithm.Ecdsa:
+                        _keyPair = PkiKeyPair.GenerateEcdsaKeyPair(_opts.BitLength ?? 256);
+                        break;
+                    default:
+                        throw new Exception("unsupported Key Pair Algorithm");
+                }
+
+                using (var fs = new FileStream(_opts.CaKeyPairSavePath, FileMode.CreateNew))
+                {
+                    _keyPair.Save(fs);
+                }
+            }
+
+            if (File.Exists(_opts.CaCertificateSavePath))
+            {
+                using (var fs = new FileStream(_opts.CaCertificateSavePath, FileMode.Open))
+                {
+                    CaCertificate = PkiCertificate.Load(fs);
+                }
+            }
+            if (CaCertificate == null)
+            {
+                var caCsr = new PkiCertificateSigningRequest(
+                        _opts.CaSubjectName, _keyPair, _opts.SignatureHashAlgorithm);
+                CaCertificate = caCsr.CreateCa(
+                        DateTimeOffset.Now.ToUniversalTime(),
+                        DateTimeOffset.Now.AddYears(10).ToUniversalTime());
+
+                using (var fs = new FileStream(_opts.CaCertificateSavePath, FileMode.CreateNew))
+                {
+                    CaCertificate.Save(fs);
+                }
+            }
+        }
+
+        public PkiCertificate Sign(PkiCertificateSigningRequest csr,
+                DateTimeOffset? notBefore = null,
+                DateTimeOffset? notAfter = null)
+        {
+            if (notBefore == null)
+                notBefore = _opts.MinBefore;
+            if (notAfter == null)
+                notAfter = _opts.MinAfter;
+
+            if (notBefore.Value > _opts.MaxBefore)
+                notBefore = _opts.MaxBefore;
+            if (notBefore.Value < _opts.MinBefore)
+                notBefore = _opts.MinBefore;
+
+            if (notAfter.Value > _opts.MaxAfter)
+                notAfter = _opts.MaxAfter;
+            if (notAfter.Value < _opts.MinAfter)
+                notAfter = _opts.MinAfter;
+
+            var serNum = DateTime.Now.Ticks;
+            var serNumBytes = BitConverter.GetBytes(serNum);
+            if (BitConverter.IsLittleEndian)
+                serNumBytes = serNumBytes.Reverse().ToArray();
+
+            return csr.Create(CaCertificate, _keyPair.PrivateKey, notBefore.Value, notAfter.Value, serNumBytes);
+        }
+
+        public PkiCertificate Sign(PkiEncodingFormat format, byte[] encodedCsr,
+                PkiHashAlgorithm signingHashAlgorithm,
+                DateTimeOffset? notBefore = null,
+                DateTimeOffset? notAfter = null)
+        {
+            var csr = new PkiCertificateSigningRequest(format, encodedCsr, signingHashAlgorithm);
+            return Sign(csr, notBefore, notAfter);
+        }
+
+        public class Options
+        {
+            public string CaKeyPairSavePath { get; set; }
+
+            public string CaCertificateSavePath { get; set; }
+
+            public PkiAsymmetricAlgorithm KeyPairAlgorithm { get; set; }
+
+            public int? BitLength { get; set; }
+
+            public string CaSubjectName { get; set; }
+
+            public PkiHashAlgorithm SignatureHashAlgorithm { get; set; }
+
+            public DateTimeOffset MinBefore { get; set; } = DateTimeOffset.Now.ToUniversalTime();
+
+            public DateTimeOffset MaxBefore { get; set; } = DateTimeOffset.Now.ToUniversalTime();
+
+            public DateTimeOffset MinAfter { get; set; } = DateTimeOffset.Now.AddMonths(3).ToUniversalTime();
+
+            public DateTimeOffset MaxAfter { get; set; } = DateTimeOffset.Now.AddMonths(3).ToUniversalTime();
+        }
+    }
+}
-Original file line number
+Diff line change
@@ Expand Up / @@ -289,4 +289,7 @@ __pycache__/ @@
     # Global ignore folder
     _IGNORE
-    _TMP
+    _TMP
+    *.db
+    *.crt
+    *.pem