Merge pull request #18 from DEFRA/feature/2832-crypto-tool

krisddefra · web-flow · commit 898e6dc6d4fb · 2025-09-23T15:51:11.000+01:00
2832 crypto tool
diff --git a/KeeperData.Bridge.sln b/KeeperData.Bridge.sln
@@ -31,6 +31,10 @@ Project("{E53339B2-1760-4266-BCC7-CA923CBCF16C}") = "docker-compose", "docker-co
 EndProject
 Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "KeeperData.Core.Tests.Unit", "tests\KeeperData.Core.Tests.Unit\KeeperData.Core.Tests.Unit.csproj", "{389DD08B-1B37-4BF2-9F2B-3F4805B25A46}"
 EndProject
+Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "util", "util", "{25784FFF-FBA8-4398-8497-7BE1FF8F92A5}"
+EndProject
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "KeeperData.Crypto.Tool", "src\KeeperData.Crypto.Tool\KeeperData.Crypto.Tool.csproj", "{92F51802-9BF8-42A8-98C9-C25B27163DF0}"
+EndProject
 Global
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
 		Debug|Any CPU = Debug|Any CPU
@@ -77,6 +81,10 @@ Global
 		{389DD08B-1B37-4BF2-9F2B-3F4805B25A46}.Debug|Any CPU.Build.0 = Debug|Any CPU
 		{389DD08B-1B37-4BF2-9F2B-3F4805B25A46}.Release|Any CPU.ActiveCfg = Release|Any CPU
 		{389DD08B-1B37-4BF2-9F2B-3F4805B25A46}.Release|Any CPU.Build.0 = Release|Any CPU
+		{92F51802-9BF8-42A8-98C9-C25B27163DF0}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{92F51802-9BF8-42A8-98C9-C25B27163DF0}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{92F51802-9BF8-42A8-98C9-C25B27163DF0}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{92F51802-9BF8-42A8-98C9-C25B27163DF0}.Release|Any CPU.Build.0 = Release|Any CPU
 	EndGlobalSection
 	GlobalSection(SolutionProperties) = preSolution
 		HideSolutionNode = FALSE
@@ -86,6 +94,7 @@ Global
 		{E2B6D37D-2D17-4B43-83DC-36F1C4961526} = {02EA681E-C7D8-13C7-8484-4AC65E1B71E8}
 		{16AA106D-B4F1-46C9-92F3-548AE89FDA3A} = {02EA681E-C7D8-13C7-8484-4AC65E1B71E8}
 		{389DD08B-1B37-4BF2-9F2B-3F4805B25A46} = {02EA681E-C7D8-13C7-8484-4AC65E1B71E8}
+		{92F51802-9BF8-42A8-98C9-C25B27163DF0} = {25784FFF-FBA8-4398-8497-7BE1FF8F92A5}
 	EndGlobalSection
 	GlobalSection(ExtensibilityGlobals) = postSolution
 		SolutionGuid = {235917AE-9AF5-49A5-AB06-472A5E5DB30D}
diff --git a/src/KeeperData.Crypto.Tool/KeeperData.Crypto.Tool.csproj b/src/KeeperData.Crypto.Tool/KeeperData.Crypto.Tool.csproj
@@ -0,0 +1,20 @@
+<Project Sdk="Microsoft.NET.Sdk">
+
+  <PropertyGroup>
+    <OutputType>Exe</OutputType>
+    <TargetFramework>net8.0</TargetFramework>
+    <ImplicitUsings>enable</ImplicitUsings>
+    <Nullable>enable</Nullable>
+    <AssemblyName>kryp</AssemblyName>
+  </PropertyGroup>
+
+  <ItemGroup>
+    <PackageReference Include="Microsoft.Extensions.DependencyInjection" Version="9.0.9" />
+    <PackageReference Include="Microsoft.Extensions.Hosting" Version="9.0.9" />
+    <PackageReference Include="Microsoft.Extensions.Logging.Console" Version="9.0.9" />
+    <PackageReference Include="System.CommandLine" Version="2.0.0-rc.1.25451.107" />
+    <ProjectReference Include="..\KeeperData.Core\KeeperData.Core.csproj" />
+    <ProjectReference Include="..\KeeperData.Infrastructure\KeeperData.Infrastructure.csproj" />
+  </ItemGroup>
+
+</Project>
diff --git a/src/KeeperData.Crypto.Tool/Program.cs b/src/KeeperData.Crypto.Tool/Program.cs
@@ -0,0 +1,146 @@
+using KeeperData.Core.Crypto;
+using KeeperData.Infrastructure.Crypto;
+using Microsoft.Extensions.Configuration;
+using Microsoft.Extensions.DependencyInjection;
+using Microsoft.Extensions.Hosting;
+using Microsoft.Extensions.Logging;
+using System.CommandLine;
+
+var builder = Host.CreateApplicationBuilder(args);
+builder.Configuration.AddEnvironmentVariables();
+builder.Configuration.AddInMemoryCollection([new KeyValuePair<string, string?>("AesSalt", "fakesalt")]);
+builder.Services.AddLogging(config => config.AddConsole());
+builder.Services.AddCrypto(builder.Configuration);
+
+var host = builder.Build();
+
+var rootCommand = new RootCommand("KeeperData Crypto Tool - File encryption/decryption utility");
+
+var encryptCommand = new Command("encrypt", "Encrypt a file")
+{
+    new Option<string>("--input") { Description = "Input file path", Required = true },
+    new Option<string>("--output") { Description = "Output file path", Required = true },
+    new Option<string>("--password") { Description = "Encryption password", Required = true },
+    new Option<string>("--salt") { Description = "Encryption salt", Required = true }
+};
+
+encryptCommand.SetAction(async (parseResult) =>
+{
+    var inputFile = parseResult.GetValue<string>("--input")!;
+    var outputFile = parseResult.GetValue<string>("--output")!;
+    var password = parseResult.GetValue<string>("--password")!;
+    var salt = parseResult.GetValue<string>("--salt")!;
+
+    var cryptoTransform = host.Services.GetRequiredService<IAesCryptoTransform>();
+
+    Console.WriteLine($"Encrypting '{inputFile}' to '{outputFile}'...");
+
+    try
+    {
+        await cryptoTransform.EncryptFileAsync(
+            inputFile,
+            outputFile,
+            password,
+            salt,
+            (progress, status) =>
+            {
+                Console.Write($"\rProgress: {progress}% - {status}");
+            });
+
+        Console.WriteLine("\nEncryption completed successfully!");
+    }
+    catch (Exception ex)
+    {
+        Console.WriteLine($"\nEncryption failed: {ex.Message}");
+        Environment.Exit(1);
+    }
+});
+
+var decryptCommand = new Command("decrypt", "Decrypt a file")
+{
+    new Option<string>("--input") { Description = "Input file path", Required = true },
+    new Option<string>("--output") { Description = "Output file path", Required = true },
+    new Option<string>("--password") { Description = "Decryption password", Required = true },
+    new Option<string>("--salt") { Description = "Decryption salt", Required = true }
+};
+
+decryptCommand.SetAction(async (parseResult) =>
+{
+    var inputFile = parseResult.GetValue<string>("--input")!;
+    var outputFile = parseResult.GetValue<string>("--output")!;
+    var password = parseResult.GetValue<string>("--password")!;
+    var salt = parseResult.GetValue<string>("--salt")!;
+
+    var cryptoTransform = host.Services.GetRequiredService<IAesCryptoTransform>();
+
+    Console.WriteLine($"Decrypting '{inputFile}' to '{outputFile}'...");
+
+    try
+    {
+        await cryptoTransform.DecryptFileAsync(
+            inputFile,
+            outputFile,
+            password,
+            salt,
+            (progress, status) =>
+            {
+                Console.Write($"\rProgress: {progress}% - {status}");
+            });
+
+        Console.WriteLine("\nDecryption completed successfully!");
+    }
+    catch (Exception ex)
+    {
+        Console.WriteLine($"\nDecryption failed: {ex.Message}");
+        Environment.Exit(1);
+    }
+});
+
+var getPasswordCommand = new Command("get-password", "Get password for a filename")
+{
+    new Option<string>("--filename") { Description = "Filename to get password for", Required = true }
+};
+
+getPasswordCommand.SetAction((parseResult) =>
+{
+    var filename = parseResult.GetValue<string>("--filename")!;
+    var passwordSaltService = host.Services.GetRequiredService<IPasswordSaltService>();
+
+    try
+    {
+        var passwordSalt = passwordSaltService.Get(filename);
+        Console.WriteLine($"Password: {passwordSalt.Password}");
+        // Console.WriteLine($"Salt: {passwordSalt.Salt}"); // ignore salt, we only use fake values in this tool.
+    }
+    catch (Exception ex)
+    {
+        Console.WriteLine($"Error getting password for filename '{filename}': {ex.Message}");
+        Environment.Exit(1);
+    }
+});
+
+var generateFilenameCommand = new Command("generate-filename", "Generate a compliant filename");
+
+generateFilenameCommand.SetAction((parseResult) =>
+{
+    var passwordSaltService = host.Services.GetRequiredService<IPasswordSaltService>();
+
+    try
+    {
+        var filename = passwordSaltService.GenerateFileName();
+        Console.WriteLine($"Generated filename: {filename}");
+    }
+    catch (Exception ex)
+    {
+        Console.WriteLine($"Error generating filename: {ex.Message}");
+        Environment.Exit(1);
+    }
+});
+
+rootCommand.Add(encryptCommand);
+rootCommand.Add(decryptCommand);
+rootCommand.Add(getPasswordCommand);
+rootCommand.Add(generateFilenameCommand);
+
+var parseResult = rootCommand.Parse(args);
+return await parseResult.InvokeAsync();
diff --git a/src/KeeperData.Crypto.Tool/Properties/PublishProfiles/FolderProfile.pubxml b/src/KeeperData.Crypto.Tool/Properties/PublishProfiles/FolderProfile.pubxml
@@ -0,0 +1,17 @@
+﻿<?xml version="1.0" encoding="utf-8"?>
+<!-- https://go.microsoft.com/fwlink/?LinkID=208121. -->
+<Project>
+  <PropertyGroup>
+    <Configuration>Release</Configuration>
+    <Platform>Any CPU</Platform>
+    <PublishDir>bin\Release\net8.0\publish\win-x64\</PublishDir>
+    <PublishProtocol>FileSystem</PublishProtocol>
+    <_TargetId>Folder</_TargetId>
+    <TargetFramework>net8.0</TargetFramework>
+    <RuntimeIdentifier>win-x64</RuntimeIdentifier>
+    <SelfContained>true</SelfContained>
+    <PublishSingleFile>true</PublishSingleFile>
+    <PublishReadyToRun>true</PublishReadyToRun>
+    <PublishTrimmed>true</PublishTrimmed>
+  </PropertyGroup>
+</Project>
