mirror of
https://github.com/bitwarden/server.git
synced 2025-06-14 06:50:47 -05:00
Moved the remaining methods out of BaseLicense. Renamed GetDataBytes to ToByteArray
This commit is contained in:
Conner Turnbull
parent
c405092a1e
commit
5ed8635f9c
@ -14,18 +14,37 @@ namespace Bit.Core.Billing.Licenses.Extensions;
|
|||||||
|
|
||||||
public static class LicenseExtensions
|
public static class LicenseExtensions
|
||||||
{
|
{
|
||||||
public static byte[] ComputeHash(this ILicense license) => SHA256.HashData(license.GetDataBytes(true));
|
public static byte[] ComputeHash(this ILicense license) => SHA256.HashData(license.ToByteArray(true));
|
||||||
|
|
||||||
public static bool VerifySignature(this ILicense license, X509Certificate2 certificate)
|
public static bool VerifySignature(this ILicense license, X509Certificate2 certificate)
|
||||||
{
|
{
|
||||||
var dataBytes = license.GetDataBytes();
|
var dataBytes = license.ToByteArray();
|
||||||
var signatureBytes = Convert.FromBase64String(license.Signature);
|
var signatureBytes = Convert.FromBase64String(license.Signature);
|
||||||
using var rsa = certificate.GetRSAPublicKey();
|
using var rsa = certificate.GetRSAPublicKey();
|
||||||
|
|
||||||
return rsa.VerifyData(dataBytes, signatureBytes, HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1);
|
return rsa.VerifyData(dataBytes, signatureBytes, HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1);
|
||||||
}
|
}
|
||||||
|
|
||||||
public static byte[] GetDataBytesWithAttributes(this ILicense license, bool forHash = false)
|
public static byte[] Sign(this ILicense license, X509Certificate2 certificate)
|
||||||
{
|
{
|
||||||
|
if (!certificate.HasPrivateKey)
|
||||||
|
{
|
||||||
|
throw new InvalidOperationException("You don't have the private key!");
|
||||||
|
}
|
||||||
|
|
||||||
|
var dataBytes = license.ToByteArray();
|
||||||
|
using var rsa = certificate.GetRSAPrivateKey();
|
||||||
|
|
||||||
|
return rsa.SignData(dataBytes, HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1);
|
||||||
|
}
|
||||||
|
|
||||||
|
public static byte[] ToByteArray(this ILicense license, bool forHash = false)
|
||||||
|
{
|
||||||
|
if (!license.ValidLicenseVersion)
|
||||||
|
{
|
||||||
|
throw new NotSupportedException($"Version {license.Version} is not supported.");
|
||||||
|
}
|
||||||
|
|
||||||
var props = license.GetType()
|
var props = license.GetType()
|
||||||
.GetProperties(BindingFlags.Public | BindingFlags.Instance)
|
.GetProperties(BindingFlags.Public | BindingFlags.Instance)
|
||||||
.Where(p =>
|
.Where(p =>
|
||||||
|
|||||||
@ -1,5 +1,4 @@
|
|||||||
using System.Security.Cryptography;
|
using System.Text.Json.Serialization;
|
||||||
using System.Security.Cryptography.X509Certificates;
|
|
||||||
using Bit.Core.Billing.Licenses.Attributes;
|
using Bit.Core.Billing.Licenses.Attributes;
|
||||||
using Bit.Core.Enums;
|
using Bit.Core.Enums;
|
||||||
|
|
||||||
@ -47,18 +46,7 @@ public abstract class BaseLicense : ILicense
|
|||||||
[LicenseIgnore]
|
[LicenseIgnore]
|
||||||
public string Token { get; set; }
|
public string Token { get; set; }
|
||||||
|
|
||||||
public abstract byte[] GetDataBytes(bool forHash = false);
|
[LicenseIgnore]
|
||||||
|
[JsonIgnore]
|
||||||
public byte[] Sign(X509Certificate2 certificate)
|
public abstract bool ValidLicenseVersion { get; }
|
||||||
{
|
|
||||||
if (!certificate.HasPrivateKey)
|
|
||||||
{
|
|
||||||
throw new InvalidOperationException("You don't have the private key!");
|
|
||||||
}
|
|
||||||
|
|
||||||
using (var rsa = certificate.GetRSAPrivateKey())
|
|
||||||
{
|
|
||||||
return rsa.SignData(GetDataBytes(), HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|||||||
@ -1,5 +1,4 @@
|
|||||||
using System.Security.Cryptography.X509Certificates;
|
using Bit.Core.Enums;
|
||||||
using Bit.Core.Enums;
|
|
||||||
|
|
||||||
namespace Bit.Core.Models.Business;
|
namespace Bit.Core.Models.Business;
|
||||||
|
|
||||||
@ -15,6 +14,5 @@ public interface ILicense
|
|||||||
string Hash { get; set; }
|
string Hash { get; set; }
|
||||||
string Signature { get; set; }
|
string Signature { get; set; }
|
||||||
string Token { get; set; }
|
string Token { get; set; }
|
||||||
byte[] GetDataBytes(bool forHash = false);
|
bool ValidLicenseVersion { get; }
|
||||||
byte[] Sign(X509Certificate2 certificate);
|
|
||||||
}
|
}
|
||||||
|
|||||||
@ -1,5 +1,6 @@
|
|||||||
using System.Security.Claims;
|
using System.Security.Claims;
|
||||||
using System.Text;
|
using System.Text;
|
||||||
|
using System.Text.Json.Serialization;
|
||||||
using Bit.Core.AdminConsole.Entities;
|
using Bit.Core.AdminConsole.Entities;
|
||||||
using Bit.Core.Billing.Enums;
|
using Bit.Core.Billing.Enums;
|
||||||
using Bit.Core.Billing.Licenses.Attributes;
|
using Bit.Core.Billing.Licenses.Attributes;
|
||||||
@ -207,20 +208,14 @@ public class OrganizationLicense : BaseLicense
|
|||||||
[LicenseIgnore]
|
[LicenseIgnore]
|
||||||
public bool UseRiskInsights { get; set; }
|
public bool UseRiskInsights { get; set; }
|
||||||
|
|
||||||
private bool ValidLicenseVersion
|
[LicenseIgnore]
|
||||||
|
[JsonIgnore]
|
||||||
|
public override bool ValidLicenseVersion
|
||||||
{
|
{
|
||||||
get => Version is >= 1 and <= CurrentLicenseFileVersion + 1;
|
get => Version is >= 1 and <= CurrentLicenseFileVersion + 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
public override byte[] GetDataBytes(bool forHash = false)
|
|
||||||
{
|
|
||||||
if (!ValidLicenseVersion)
|
|
||||||
{
|
|
||||||
throw new NotSupportedException($"Version {Version} is not supported.");
|
|
||||||
}
|
|
||||||
|
|
||||||
return this.GetDataBytesWithAttributes(forHash);
|
|
||||||
}
|
|
||||||
|
|
||||||
public bool CanUse(
|
public bool CanUse(
|
||||||
IGlobalSettings globalSettings,
|
IGlobalSettings globalSettings,
|
||||||
|
|||||||
@ -1,5 +1,6 @@
|
|||||||
using System.Security.Claims;
|
using System.Security.Claims;
|
||||||
using System.Text;
|
using System.Text;
|
||||||
|
using System.Text.Json.Serialization;
|
||||||
using Bit.Core.Billing.Licenses.Attributes;
|
using Bit.Core.Billing.Licenses.Attributes;
|
||||||
using Bit.Core.Billing.Licenses.Extensions;
|
using Bit.Core.Billing.Licenses.Extensions;
|
||||||
using Bit.Core.Entities;
|
using Bit.Core.Entities;
|
||||||
@ -60,21 +61,13 @@ public class UserLicense : BaseLicense
|
|||||||
[LicenseVersion(1)]
|
[LicenseVersion(1)]
|
||||||
public short? MaxStorageGb { get; set; }
|
public short? MaxStorageGb { get; set; }
|
||||||
|
|
||||||
private bool ValidLicenseVersion
|
[LicenseIgnore]
|
||||||
|
[JsonIgnore]
|
||||||
|
public override bool ValidLicenseVersion
|
||||||
{
|
{
|
||||||
get => Version == 1;
|
get => Version == 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
public override byte[] GetDataBytes(bool forHash = false)
|
|
||||||
{
|
|
||||||
if (!ValidLicenseVersion)
|
|
||||||
{
|
|
||||||
throw new NotSupportedException($"Version {Version} is not supported.");
|
|
||||||
}
|
|
||||||
|
|
||||||
return this.GetDataBytesWithAttributes(forHash);
|
|
||||||
}
|
|
||||||
|
|
||||||
public bool CanUse(User user, ClaimsPrincipal claimsPrincipal, out string exception)
|
public bool CanUse(User user, ClaimsPrincipal claimsPrincipal, out string exception)
|
||||||
{
|
{
|
||||||
var errorMessages = new StringBuilder();
|
var errorMessages = new StringBuilder();
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user