Azure key vault private.pem read using bouncy castle [on hold]


Azure key vault private.pem read using bouncy castle [on hold]



I am using a nuget package: Org.BouncyCastle, in order to sign requests with SHA256withRSA. I have the "private.pem" file uploaded in azure key vault in secrets. I have created an Azure Key Vault and uploaded the private.pem file to the secrets.
I also have an azure active directory. Here, I created a new application registration. The application type chosen is "Web app/API". I gave it a name and the url. I can not find any clientSecret. From their documentation, I understood that the applicationId of the key in key vault is the clientId. Where can I find ClientSecret and how can I read (using Org.BouncyCastle) the "private.pem" file from the secrets in key vault?
Here is the program.cs config snippet.


SHA256withRSA


var host = WebHost.CreateDefaultBuilder(args).ConfigureAppConfiguration((ctx, config) => {
var buildConfig = config.Build();
var keyVaultConfigBuilder = new ConfigurationBuilder();

keyVaultConfigBuilder.AddAzureKeyVault(
"https://[mykey].vault.azure.net/",
buildConfig["ClientId"],
buildConfig["ClientSecret"]);

var keyVaultConfig = keyVaultConfigBuilder.Build();

config.AddConfiguration(keyVaultConfig);
})
.UseStartup<Startup>()
.UseConfiguration(Configuration);



Please clarify your specific problem or add additional details to highlight exactly what you need. As it's currently written, it’s hard to tell exactly what you're asking. See the How to Ask page for help clarifying this question. If this question can be reworded to fit the rules in the help center, please edit the question.





This is about a particular site API...
– arnt
2 days ago




1 Answer
1



Use this code To convert a pfx file to pem file. This is assuming you already have a pfx file that you're trying to convert.



As far the client secret is concerned, when you create the service principal you can find the client secret


public static X509Certificate2 ConvertFromPfxToPem(string filename)
{
using (System.IO.FileStream fs = System.IO.File.OpenRead(filename))
{
byte data = new byte[fs.Length];
byte res = null;
fs.Read(data, 0, data.Length);
if (data[0] != 0x30)
{
res = GetPem("CERTIFICATE", data);
}
X509Certificate2 x509 = new X509Certificate2(res); //Exception hit here
return x509;
}
}

private static byte GetPem(string type, byte data)
{
string pem = Encoding.UTF8.GetString(data);
string header = String.Format("-----BEGIN {0}-----", type);
string footer = String.Format("-----END {0}-----", type);
int start = pem.IndexOf(header) + header.Length;
int end = pem.IndexOf(footer, start);
string base64 = pem.Substring(start, (end - start));
base64 = base64.Replace(System.Environment.NewLine, "");
base64 = base64.Replace('-', '+');
base64 = base64.Replace('_', '/');
return Convert.FromBase64String(base64);
}

public static RSACryptoServiceProvider PemFileReader(){
RsaPrivateCrtKeyParameters keyParams;
using (var reader = File.OpenText("cert.pem")) // file containing RSA PKCS1 private key
{
keyParams = ((RsaPrivateCrtKeyParameters)new PemReader(reader).ReadObject());
}

RSAParameters rsaParameters = new RSAParameters();
rsaParameters.Modulus = keyParams.Modulus.ToByteArrayUnsigned();
rsaParameters.P = keyParams.P.ToByteArrayUnsigned();
rsaParameters.Q = keyParams.Q.ToByteArrayUnsigned();
rsaParameters.DP = keyParams.DP.ToByteArrayUnsigned();
rsaParameters.DQ = keyParams.DQ.ToByteArrayUnsigned();
rsaParameters.InverseQ = keyParams.QInv.ToByteArrayUnsigned();
rsaParameters.D = keyParams.Exponent.ToByteArrayUnsigned();
rsaParameters.Exponent = keyParams.PublicExponent.ToByteArrayUnsigned();
RSACryptoServiceProvider rsaKey = new RSACryptoServiceProvider(2048);
rsaKey.ImportParameters(rsaParameters);
return rsaKey;
}

Comments

Post a Comment

Popular posts from this blog

paramiko-expect timeout is happening after executing the command

paramiko-expect timeout is happening after executing the command Can someone help me why timeout is happening after executing the command .I am trying to SSH to a machine and execute a command.I want to store the result of the executed command . I have referred paramiko-timeout but i didn't get my expected result. import traceback try: import paramiko except ImportError: raise Exception("Please install paramiko , pip install paramiko") import pexpect from paramiko_expect import SSHClientInteraction def main(): HOSTNAME = "minion5.net" USERNAME = "root" PASSWORD = "help@432" PROMPT = "root@*:~$s+" try: client = paramiko.SSHClient() client.load_system_host_keys() client.set_missing_host_key_policy(paramiko.AutoAddPolicy()) client.connect(hostname=HOSTNAME, username=USERNAME, password=PASSWORD) with SSHClientInteraction(client, timeout=20, display=True) as interact: ...
Read more

Export result set on Dbeaver to CSV

Export result set on Dbeaver to CSV Normally I use Dbeaver for windows and always export my result set like this: run my query --> select the result --> export the result set --> select export to clipboard --> done This step by step puts my result set in my clipboard and I can paste it wherever I want to work with it. The problem is that now I am using dbeaver for mac and this guide is not working. I can go on until the moment that I select my result set like in the image below: exporting data set But once I go further in the process, in the last step I get: no query Note that in "source" it was suppose to show the query that originated the result set, but instead it says just "select. As a result it does't select my result or anything (besides being "successful"). Normally my query would show up there automatically and I couldn't find any option that corrects this problem in the menus. Please help me! Thanks. Aft...
Read more

Opening a url is failing in Swift

Opening a url is failing in Swift breakpointing inside the callback and logging success shows false. I added itms-apps to my plist: LSApplicationQueriesSchemes and put this in my app delegate: func application(_ app: UIApplication, open url: URL, options: [UIApplicationOpenURLOptionsKey : Any] = [:]) -> Bool { return true } func moreTapped() { let url = NSURL(string: "itms-apps://itunes.com/developer/quantum-productions/id979315877") if #available(iOS 10.0, *) { UIApplication.shared.open(url! as URL, options: [:], completionHandler: {(success: Bool) in }) } else { UIApplication.shared.openURL(url! as URL) } } Are you testing on a real device? – rmaddy Jun 21 at 23:57 I try on a device, get "Cannot Connect to App Store". Device is online ...
Read more