Create README.md

.github/workflows/dotnet.yml

@@ -0,0 +1,35 @@
+name: .NET
+on:
+  push:
+    branches: [ master ]
+  pull_request:
+    branches: [ master ]
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+    - name: Clone 📥
+      uses: actions/checkout@v2
+    - name: Setup .NET 5
+      uses: actions/setup-dotnet@v1
+      with:
+        dotnet-version: 5.0.x
+    - name: Restore dependencies 📦
+      run: dotnet restore
+    - name: Build Library 🔧
+      run: dotnet build src/Org.Security.Cryptography.X509Extensions/Org.Security.Cryptography.X509Extensions.csproj --no-restore
+    - name: Build Tests 🔧
+      run: dotnet build src/UnitTests/UnitTests.csproj --no-restore
+    - name: Test With Code Coverage 🧪
+      run: dotnet test src/UnitTests/UnitTests.csproj --no-build --framework Net5.0 /p:CollectCoverage=true /p:CoverletOutputFormat=opencover /p:Threshold=80 /p:ThresholdType=line /p:Exclude=\"[*]X509.EnduranceTest.Shared*,[*]UnitTests*\" --verbosity normal
+    - name: Upload Coverage To CodeCov.io ⇪
+      uses: codecov/codecov-action@v2
+      with:
+        files: src/UnitTests/coverage.Net5.0.opencover.xml
+        verbose: true
+    - name: Deploy Docs to GitHug Pages 🚀
+      uses: JamesIves/github-pages-deploy-action@releases/v3
+      with:
+        GITHUB_TOKEN: $
+        BRANCH: gh-pages
+        FOLDER: src/Org.Security.Cryptography.X509Extensions/_site

.gitignore

@@ -13,6 +13,9 @@
 # User-specific files (MonoDevelop/Xamarin Studio)
 *.userprefs
 
+#logs
+.log
+
 # Mono auto generated files
 mono_crash.*
 
@@ -61,6 +64,10 @@ project.lock.json
 project.fragment.lock.json
 artifacts/
 
+#donet tools
+
+tools
+.config
 # StyleCop
 StyleCopReport.xml
 
@@ -140,7 +147,7 @@ _TeamCity*
 # Visual Studio code coverage results
 *.coverage
 *.coveragexml
-
+*.opencover.xml
 # NCrunch
 _NCrunch_*
 .*crunch*.local.xml
@@ -166,6 +173,10 @@ DocProject/Help/*.hhp
 DocProject/Help/Html2
 DocProject/Help/html
 
+#DocFx files
+
+/**/_site
+
 # Click-Once directory
 publish/
 
@@ -226,7 +237,6 @@ ClientBin/
 *.dbmdl
 *.dbproj.schemaview
 *.jfm
-*.pfx
 *.publishsettings
 orleans.codegen.cs
 

README.md

@@ -0,0 +1,57 @@
+
+| Area          |      Badges  |
+|:--------------|:-------------|
+| Build         | ![.Net workflow](https://github.com/dotnet-demos/Org.Security.Cryptography.X509Extensions/actions/workflows/dotnet.yml/badge.svg) |
+| Code          | ![GitHub code size in bytes](https://img.shields.io/github/languages/code-size/dotnet-demos/Org.Security.Cryptography.X509Extensions) ![GitHub repo size](https://img.shields.io/github/repo-size/dotnet-demos/Org.Security.Cryptography.X509Extensions) [![](https://tokei.rs/b1/github/dotnet-demos/Org.Security.Cryptography.X509Extensions)](https://github.com/dotnet-demos/Org.Security.Cryptography.X509Extensions) |
+| Code Quality  | [![Maintainability](https://api.codeclimate.com/v1/badges/b64e91057b6c905e0347/maintainability)](https://codeclimate.com/github/dotnet-demos/Org.Security.Cryptography.X509Extensions/maintainability) |
+| Test          | [![codecov](https://codecov.io/gh/dotnet-demos/Org.Security.Cryptography.X509Extensions/branch/master/graph/badge.svg?token=AS2FV3ACUI)](https://codecov.io/gh/dotnet-demos/Org.Security.Cryptography.X509Extensions) |
+
+# Org.Security.Cryptography.X509Extensions
+`X509Certificate2` Extensions and classes for Encrypting and Signing using X509 certs.
+
+# Getting started
+
+- Clone or download the repo
+- Compile Org.Security.Cryptography.X509Extensions.csproj to get the assembly.
+- Refer the assembly in your project.
+
+## Usage (Encryption)
+
+ ```C#
+     var x509Certificate = GetCertificateUsingYourWay(); // This certificate doesn't need to have private key.
+     Stream yourStreamToEncrypt = GetYourStreamToEncrypt();
+     var encryptedStream = new MemoryStream();
+     x509Certificate.EncryptStream(yourStreamToEncrypt,encryptedStream);  
+ ```
+
+## Usage (Decryption)
+
+ ```C#
+     var x509Certificate = GetCertificateWithPrivateKeyUsingYourWay();
+     Stream yourStreamToDecrypt = GetYourStreamToDecrypt();
+     var decryptedStream = new MemoryStream();
+     x509Certificate.DecryptStream(yourStreamToDecrypt, decryptedStream);  
+ ```
+For other APIs, please refer the unit tests or the [API documentation](https://dotnet-demos.github.io/Org.Security.Cryptography.X509Extensions/api/index.html)
+
+# Documentation
+
+[Documentation site](https://dotnet-demos.github.io/Org.Security.Cryptography.X509Extensions/) has [articles](https://dotnet-demos.github.io/Org.Security.Cryptography.X509Extensions/articles/intro.html) as well as [API documentation](https://dotnet-demos.github.io/Org.Security.Cryptography.X509Extensions/api/index.html).
+
+# Running tests
+
+Use `dotnet test` command or use the "Test Explorer" windows of Visual Studio.
+
+In order to view coverage, use any of the below methods.
+
+## Commandline
+
+Below command has codecoverage threshold 100. It will fail as of now.
+
+`dotnet test "src/UnitTests/UnitTests.csproj" --framework Net5.0 /p:CollectCoverage=true /p:CoverletOutputFormat=opencover /p:Threshold=100 /p:ThresholdType=line /p:Exclude="[*]X509.EnduranceTest.Shared*"`
+
+It is excluding the shared test library.
+
+## Visual Studio
+
+Use the "Run Coverlet Report" extension as mentioned [here](https://www.code4it.dev/blog/code-coverage-vs-2019-coverlet).

X509Extensions.sln

@@ -0,0 +1,54 @@
+
+Microsoft Visual Studio Solution File, Format Version 12.00
+# Visual Studio Version 17
+VisualStudioVersion = 17.6.33723.286
+MinimumVisualStudioVersion = 10.0.40219.1
+Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Solution Items", "Solution Items", "{EAA2E090-9112-4E79-B25C-030FF4B6D25D}"
+	ProjectSection(SolutionItems) = preProject
+		.github\workflows\dotnet.yml = .github\workflows\dotnet.yml
+	EndProjectSection
+EndProject
+Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "Org.Security.Cryptography.X509Extensions", "src\Org.Security.Cryptography.X509Extensions\Org.Security.Cryptography.X509Extensions.csproj", "{1EEFA765-F0B2-4C93-A543-F3DC6410F60E}"
+EndProject
+Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "UnitTests", "src\UnitTests\UnitTests.csproj", "{870A984C-F0FB-438C-8FAF-E5ECD1E1A680}"
+EndProject
+Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "X509.EnduranceTest.Shared", "src\X509.EnduranceTest.Shared\X509.EnduranceTest.Shared.csproj", "{F2511529-D3CA-4050-AD04-1605EA0AF5B0}"
+EndProject
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "X509.EnduranceTest.NetFramework", "src\X509.EnduranceTest.NetFramework\X509.EnduranceTest.NetFramework.csproj", "{9389DAC3-E2E1-41BA-BE5C-34F3F8930DFC}"
+EndProject
+Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "X509.EnduranceTest.Net6", "src\X509.EnduranceTest.Net6\X509.EnduranceTest.Net6.csproj", "{B96A2F2E-7E13-4C7E-B6ED-40C7D4BD6149}"
+EndProject
+Global
+	GlobalSection(SolutionConfigurationPlatforms) = preSolution
+		Debug|Any CPU = Debug|Any CPU
+		Release|Any CPU = Release|Any CPU
+	EndGlobalSection
+	GlobalSection(ProjectConfigurationPlatforms) = postSolution
+		{1EEFA765-F0B2-4C93-A543-F3DC6410F60E}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{1EEFA765-F0B2-4C93-A543-F3DC6410F60E}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{1EEFA765-F0B2-4C93-A543-F3DC6410F60E}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{1EEFA765-F0B2-4C93-A543-F3DC6410F60E}.Release|Any CPU.Build.0 = Release|Any CPU
+		{870A984C-F0FB-438C-8FAF-E5ECD1E1A680}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{870A984C-F0FB-438C-8FAF-E5ECD1E1A680}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{870A984C-F0FB-438C-8FAF-E5ECD1E1A680}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{870A984C-F0FB-438C-8FAF-E5ECD1E1A680}.Release|Any CPU.Build.0 = Release|Any CPU
+		{F2511529-D3CA-4050-AD04-1605EA0AF5B0}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{F2511529-D3CA-4050-AD04-1605EA0AF5B0}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{F2511529-D3CA-4050-AD04-1605EA0AF5B0}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{F2511529-D3CA-4050-AD04-1605EA0AF5B0}.Release|Any CPU.Build.0 = Release|Any CPU
+		{9389DAC3-E2E1-41BA-BE5C-34F3F8930DFC}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{9389DAC3-E2E1-41BA-BE5C-34F3F8930DFC}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{9389DAC3-E2E1-41BA-BE5C-34F3F8930DFC}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{9389DAC3-E2E1-41BA-BE5C-34F3F8930DFC}.Release|Any CPU.Build.0 = Release|Any CPU
+		{B96A2F2E-7E13-4C7E-B6ED-40C7D4BD6149}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{B96A2F2E-7E13-4C7E-B6ED-40C7D4BD6149}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{B96A2F2E-7E13-4C7E-B6ED-40C7D4BD6149}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{B96A2F2E-7E13-4C7E-B6ED-40C7D4BD6149}.Release|Any CPU.Build.0 = Release|Any CPU
+	EndGlobalSection
+	GlobalSection(SolutionProperties) = preSolution
+		HideSolutionNode = FALSE
+	EndGlobalSection
+	GlobalSection(ExtensibilityGlobals) = postSolution
+		SolutionGuid = {854A5078-7E41-474A-827E-7FA6204BF5CA}
+	EndGlobalSection
+EndGlobal

diagrams/simple.puml

@@ -0,0 +1,19 @@
+@startuml
+object Sender {
+    Encrypt data
+}
+package payload {
+    object Contents{
+        Length Of encrypted DEK (Int32)
+        Asymmemetric Encrypted DEK(Data Encryption Key)  
+        Length Of encrypted IV (Int32)
+        Asymmemetric Encrypted IV (Initialization Vector)
+        Symmetric Encrypted Data using DEK
+    }
+}
+object Receiver {
+    Decrypt data
+}
+Sender -right-> Contents
+Contents -right-> Receiver
+@enduml

diagrams/thumbprint.puml

@@ -0,0 +1,21 @@
+@startuml
+object Sender {
+    Encrypt data
+}
+package payload {
+    object Contents{
+        Length Of certiticate thumbprint (Int32)
+        Unencrypted certificate thumbprint
+        Length Of encrypted DEK (Int32)
+        Asymmemetric Encrypted DEK(Data Encryption Key)  
+        Length Of encrypted IV (Int32)
+        Asymmemetric Encrypted IV (Initialization Vector)
+        Symmetric Encrypted Data using DEK
+    }
+}
+object Receiver {
+    Decrypt data
+}
+Sender -right-> Contents
+Contents -right-> Receiver
+@enduml

diagrams/timestamp.puml

@@ -0,0 +1,23 @@
+@startuml
+object Sender {
+    Encrypt data
+}
+package payload {
+    object Contents{
+        Length Of certiticate thumbprint (Int32)
+        Unencrypted certificate thumbprint
+        Length Of encrypted timestamp in utc (Int32)
+        Asymmemetric Encrypted DEK(Data Encryption Key)
+        Length Of encrypted DEK (Int32)
+        Asymmemetric Encrypted DEK(Data Encryption Key)  
+        Length Of encrypted IV (Int32)
+        Asymmemetric Encrypted IV (Initialization Vector)
+        Symmetric Encrypted Data using DEK
+    }
+}
+object Receiver {
+    Decrypt data
+}
+Sender -right-> Contents
+Contents -right-> Receiver
+@enduml

src/Org.Security.Cryptography.X509Extensions/.gitignore

@@ -0,0 +1,9 @@
+###############
+#    folder   #
+###############
+/**/DROP/
+/**/TEMP/
+/**/packages/
+/**/bin/
+/**/obj/
+_site

src/Org.Security.Cryptography.X509Extensions/CacheManager.cs

@@ -0,0 +1,31 @@
+
+using Microsoft.Extensions.Caching.Memory;
+using System;
+using System.Runtime.CompilerServices;
+
+[assembly: InternalsVisibleTo("UnitTests")]
+namespace Org.Security.Cryptography
+{
+    internal static class CacheManager
+    {
+        static MemoryCache algorithmCache = new MemoryCache(new MemoryCacheOptions());
+
+        //2021-08-27 - Joy George Kunjikkuru - Hack of the day - Just for unit testing exposing this ClearCache(); Should never be exposing in real scenario.
+        internal static void ClearCache()
+        {
+            algorithmCache = new MemoryCache(new MemoryCacheOptions());
+        }
+        internal static TOut GetOrAdd<TOut>(object key, Func<object, TOut> valueFunction)
+        {
+            TOut outValue;
+            algorithmCache.TryGetValue<TOut>(key, out outValue);
+            if (null == outValue)
+            {
+                outValue = valueFunction(key);
+                algorithmCache.Set<TOut>(key, outValue);
+
+            }
+            return outValue;
+        }
+    }
+}

src/Org.Security.Cryptography.X509Extensions/Defaults.cs

@@ -0,0 +1,12 @@
+using System;
+
+namespace Org.Security.Cryptography
+{
+    internal static class Defaults
+    {
+        internal const string DEF_DataEncryptionAlgorithmName = "Aes";
+        internal const int DEF_KeySize = 256;
+        internal const int DEF_BlockSize = 128;
+        internal static readonly TimeSpan EncyptedPayloadTimeSpan = TimeSpan.FromMinutes(1);
+    }
+}

src/Org.Security.Cryptography.X509Extensions/Org.Security.Cryptography.X509Extensions.csproj

@@ -16,5 +16,16 @@
     <PackageLicenseExpression>MIT</PackageLicenseExpression>
     <PackageReleaseNotes></PackageReleaseNotes>
   </PropertyGroup>
+  <PropertyGroup>
+    <LogFile>Docfx-$(TargetFramework).log</LogFile>
+    <LogLevel>Warning</LogLevel>
+  </PropertyGroup>
+  <ItemGroup>
+    <PackageReference Include="docfx.console" Version="2.58.0">
+      <PrivateAssets>all</PrivateAssets>
+      <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
+    </PackageReference>
+    <PackageReference Include="Microsoft.Extensions.Caching.Memory" Version="5.0.0" />
+  </ItemGroup>
 
 </Project>

src/Org.Security.Cryptography.X509Extensions/StreamExtensions.cs

@@ -0,0 +1,48 @@
+
+using System;
+using System.IO;
+
+namespace Org.Security.Cryptography
+{
+    internal static class StreamExtensions
+    {
+        //...............................................................................
+        #region Utils: WriteLengthAndBytes(), ReadLengthAndBytes()
+        //...............................................................................
+        internal static void WriteLengthAndBytes(this Stream outputStream, byte[] bytes)
+        {
+            if (null == outputStream) throw new ArgumentNullException(nameof(outputStream));
+            if (null == bytes) throw new ArgumentNullException(nameof(bytes));
+
+            // Int32 length to exactly-four-bytes array.
+            var length = BitConverter.GetBytes((Int32)bytes.Length);
+
+            // Write the four-byte-length followed by the data.
+            outputStream.Write(length, 0, length.Length);
+            outputStream.Write(bytes, 0, bytes.Length);
+        }
+
+        internal static byte[] ReadLengthAndBytes(this Stream inputStream, int maxBytes)
+        {
+            if (null == inputStream) throw new ArgumentNullException(nameof(inputStream));
+
+            // Read an Int32, exactly four bytes.
+            var arrLength = new byte[4];
+            var bytesRead = inputStream.Read(arrLength, 0, 4);
+            if (bytesRead != 4) throw new Exception("Unexpected end of InputStream. Expecting 4 bytes.");
+
+            // Length of data to read.
+            var length = BitConverter.ToInt32(arrLength, 0);
+            if (length > maxBytes) throw new Exception($"Unexpected data size {length:#,0} bytes. Expecting NOT more than {maxBytes:#,0} bytes.");
+
+            // Read suggested no of bytes...
+            var bytes = new byte[length];
+            bytesRead = inputStream.Read(bytes, 0, bytes.Length);
+            if (bytesRead != bytes.Length) throw new Exception($"Unexpected end of input stream. Expecting {bytes.Length:#,0} bytes.");
+
+            return bytes;
+        }
+
+        #endregion
+    }
+}