From 56d0247a102185663ffa9a7b856622d3aafc08cf Mon Sep 17 00:00:00 2001 From: Aleksander Heintz Date: Thu, 22 Aug 2024 10:06:05 +0200 Subject: [PATCH 1/3] feat: add pem export --- .../Altinn.Cli.Jwks/Commands/ExportCommand.cs | 1 + .../Commands/ExportMaskinportenCommand.cs | 1 - .../Commands/ExportPemCommand.cs | 62 +++++++++++++++++++ .../Properties/launchSettings.json | 6 ++ 4 files changed, 69 insertions(+), 1 deletion(-) create mode 100644 src/Altinn.Cli/src/Altinn.Cli.Jwks/Commands/ExportPemCommand.cs diff --git a/src/Altinn.Cli/src/Altinn.Cli.Jwks/Commands/ExportCommand.cs b/src/Altinn.Cli/src/Altinn.Cli.Jwks/Commands/ExportCommand.cs index cda55ca..e5aa333 100644 --- a/src/Altinn.Cli/src/Altinn.Cli.Jwks/Commands/ExportCommand.cs +++ b/src/Altinn.Cli/src/Altinn.Cli.Jwks/Commands/ExportCommand.cs @@ -11,5 +11,6 @@ public ExportCommand() { AddCommand(new ExportKeyCommand()); AddCommand(new ExportMaskinportenCommand()); + AddCommand(new ExportPemCommand()); } } diff --git a/src/Altinn.Cli/src/Altinn.Cli.Jwks/Commands/ExportMaskinportenCommand.cs b/src/Altinn.Cli/src/Altinn.Cli.Jwks/Commands/ExportMaskinportenCommand.cs index 65bbe6f..faba448 100644 --- a/src/Altinn.Cli/src/Altinn.Cli.Jwks/Commands/ExportMaskinportenCommand.cs +++ b/src/Altinn.Cli/src/Altinn.Cli.Jwks/Commands/ExportMaskinportenCommand.cs @@ -1,5 +1,4 @@ using Altinn.Cli.Jwks.Stores; -using System.Buffers.Text; using System.CommandLine; using System.Diagnostics.CodeAnalysis; using System.Text.Json; diff --git a/src/Altinn.Cli/src/Altinn.Cli.Jwks/Commands/ExportPemCommand.cs b/src/Altinn.Cli/src/Altinn.Cli.Jwks/Commands/ExportPemCommand.cs new file mode 100644 index 0000000..057394c --- /dev/null +++ b/src/Altinn.Cli/src/Altinn.Cli.Jwks/Commands/ExportPemCommand.cs @@ -0,0 +1,62 @@ +using Altinn.Cli.Jwks.Stores; +using Microsoft.IdentityModel.Tokens; +using System.CommandLine; +using System.CommandLine.IO; +using System.Diagnostics.CodeAnalysis; +using System.Security.Cryptography; + +namespace Altinn.Cli.Jwks.Commands; + +[ExcludeFromCodeCoverage] +internal class ExportPemCommand + : BaseCommand +{ + public static Argument NameArg { get; } + = new Argument("name", "Name of the integration to generate JWKs for."); + + public static Option ProdOption { get; } + = new Option( + aliases: ["--prod", "-p"], + description: "Generate PROD keys. Defaults to true unless --test is specified."); + + public ExportPemCommand() + : base("pem", "Export a public key in pem format") + { + AddArgument(NameArg); + AddOption(ProdOption); + + this.SetHandler(ExecuteAsync, Console, StoreOption, NameArg, ProdOption, CancellationToken); + } + + private async Task ExecuteAsync( + IConsole console, + JsonWebKeySetStore store, + string name, + bool prod, + CancellationToken cancellationToken) + { + var environment = prod ? JsonWebKeySetEnvironment.Prod : JsonWebKeySetEnvironment.Test; + var keySet = await store.GetKeySet(name, environment, JsonWebKeySetVariant.Public, cancellationToken); + + var signingKey = keySet.GetSigningKeys().Last(); + switch (signingKey) + { + case RsaSecurityKey rsa: + WriteRsa(console, rsa); + break; + + default: + console.Error.WriteLine("Unsupported key type."); + return 1; + } + + return 0; + } + + private void WriteRsa(IConsole console, RsaSecurityKey key) + { + var rsa = key.Rsa ?? RSA.Create(key.Parameters); + var pem = rsa.ExportRSAPublicKeyPem(); + console.Out.WriteLine(pem); + } +} diff --git a/src/Altinn.Cli/src/Altinn.Cli.Jwks/Properties/launchSettings.json b/src/Altinn.Cli/src/Altinn.Cli.Jwks/Properties/launchSettings.json index 02a4418..6aa085c 100644 --- a/src/Altinn.Cli/src/Altinn.Cli.Jwks/Properties/launchSettings.json +++ b/src/Altinn.Cli/src/Altinn.Cli.Jwks/Properties/launchSettings.json @@ -23,6 +23,12 @@ "commandLineArgs": "--store ./test-keys export key br --base64", "workingDirectory": "obj", "hotReloadEnabled": false + }, + "export key pem": { + "commandName": "Project", + "commandLineArgs": "--store ./test-keys export pem br", + "workingDirectory": "obj", + "hotReloadEnabled": false } } } From 3379b95179ee7908179f591de6cd82ef23469030 Mon Sep 17 00:00:00 2001 From: Aleksander Heintz Date: Thu, 22 Aug 2024 10:12:18 +0200 Subject: [PATCH 2/3] chore: use index instead of Last --- src/Altinn.Cli/src/Altinn.Cli.Jwks/Commands/ExportPemCommand.cs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Altinn.Cli/src/Altinn.Cli.Jwks/Commands/ExportPemCommand.cs b/src/Altinn.Cli/src/Altinn.Cli.Jwks/Commands/ExportPemCommand.cs index 057394c..294054a 100644 --- a/src/Altinn.Cli/src/Altinn.Cli.Jwks/Commands/ExportPemCommand.cs +++ b/src/Altinn.Cli/src/Altinn.Cli.Jwks/Commands/ExportPemCommand.cs @@ -38,7 +38,7 @@ private async Task ExecuteAsync( var environment = prod ? JsonWebKeySetEnvironment.Prod : JsonWebKeySetEnvironment.Test; var keySet = await store.GetKeySet(name, environment, JsonWebKeySetVariant.Public, cancellationToken); - var signingKey = keySet.GetSigningKeys().Last(); + var signingKey = keySet.GetSigningKeys()[^1]; switch (signingKey) { case RsaSecurityKey rsa: From 6c01bdf96bdf58d14b921d1cf5ee2f500588b9cd Mon Sep 17 00:00:00 2001 From: Aleksander Heintz Date: Thu, 22 Aug 2024 11:00:36 +0200 Subject: [PATCH 3/3] fix: use spki pem --- src/Altinn.Cli/src/Altinn.Cli.Jwks/Commands/ExportPemCommand.cs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Altinn.Cli/src/Altinn.Cli.Jwks/Commands/ExportPemCommand.cs b/src/Altinn.Cli/src/Altinn.Cli.Jwks/Commands/ExportPemCommand.cs index 294054a..3fe95fb 100644 --- a/src/Altinn.Cli/src/Altinn.Cli.Jwks/Commands/ExportPemCommand.cs +++ b/src/Altinn.Cli/src/Altinn.Cli.Jwks/Commands/ExportPemCommand.cs @@ -56,7 +56,7 @@ private async Task ExecuteAsync( private void WriteRsa(IConsole console, RsaSecurityKey key) { var rsa = key.Rsa ?? RSA.Create(key.Parameters); - var pem = rsa.ExportRSAPublicKeyPem(); + var pem = rsa.ExportSubjectPublicKeyInfoPem(); console.Out.WriteLine(pem); } }