AttackSurfaceAnalyzer/Lib/Objects/CryptographicKeyObject.cs at 4035cc6c7c2467f4b92741d5184cbaf297017e5e · microsoft/AttackSurfaceAnalyzer · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
// Copyright (c) Microsoft Corporation. All rights reserved. Licensed under the MIT License.

using Microsoft.CST.AttackSurfaceAnalyzer.Types;
using Newtonsoft.Json;
using ProtoBuf;
using Serilog;
using System;
using System.Security.Cryptography;
using Tpm2Lib;

namespace Microsoft.CST.AttackSurfaceAnalyzer.Objects
{
    [ProtoContract(SkipConstructor = true)]
    public class CryptographicKeyObject : CollectObject
    {
        public CryptographicKeyObject(string Source, TpmAlgId tpmAlgId)
        {
            this.Source = Source;
            this.tpmAlgId = tpmAlgId;
        }

        public override RESULT_TYPE ResultType => RESULT_TYPE.KEY;

        public override string Identity
        {
            get
            {
                return Source;
            }
        }

        [ProtoMember(1)]
        public RsaKeyDetails? RsaDetails { get; set; }
        [ProtoMember(2)]
        public string Source { get; set; }
        [ProtoMember(3)]
        public TpmAlgId tpmAlgId { get; set; } = TpmAlgId.Null;
    }

    [ProtoContract]
    public class KeyDetailObject
    {
    }

    [ProtoContract(SkipConstructor = true)]
    public class RsaKeyDetails : KeyDetailObject
    {
        public RsaKeyDetails(byte[] modulus, byte[] d, byte[]? p = null, byte[]? q = null)
        {
            var parameters = new RSAParameters()
            {
                D = d,
                Modulus = modulus
            };

            if (p != null && q != null)
            {
                parameters.P = p;
                parameters.Q = q;
                ContainsPrivate = true;
            }

            //parameters.InverseQ;
            //parameters.Exponent;
            //parameters.DP;
            //parameters.DQ;

            rsa = RSA.Create(parameters);
        }

        [JsonConstructor]
        public RsaKeyDetails(string? PublicString = null, string? FullString = null)
        {
            rsa = RSA.Create();
            try
            {
                if (FullString != null)
                {
                    rsa.ImportRSAPrivateKey(Convert.FromBase64String(FullString), out _);
                }
                else if (PublicString != null)
                {
                    rsa.ImportRSAPublicKey(Convert.FromBase64String(PublicString), out _);
                }
            }
            catch(Exception e)
            {
                Log.Debug(e, "Failed to import RSA key.");
            }
        }
        public string? FullString
        {
            get
            {
                if (ContainsPrivate)
                {
                    return Convert.ToBase64String(rsa.ExportRSAPrivateKey());
                }
                return null;
            }
        }

        public string PublicString
        {
            get
            {
                return Convert.ToBase64String(rsa.ExportRSAPublicKey());
            }
        }

        public bool ShouldSerializeFullString()
        {
            return ContainsPrivate;
        }

        public bool ShouldSerializePublicString()
        {
            return !ContainsPrivate;
        }

        private bool ContainsPrivate = false;
        private RSA rsa;
    }
}