GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → novotnyllc → RSAKeyVaultProvider

novotnyllc / RSAKeyVaultProvider

Licence: MIT license
Enables Azure Key Vault secrets and certificates to be used by .NET Crypto

Programming Languages

C#
18002 projects

Labels

cryptographyrsax509key-vault

Projects that are alternatives of or similar to RSAKeyVaultProvider

Phpseclib
PHP Secure Communications Library
Stars: ✭ 4,627 (+12752.78%)
Mutual labels:  rsa, x509
AzureADAuthRazorUiServiceApiCertificate
Azure AD flows using ASP.NET Core and Microsoft.Identity
Stars: ✭ 41 (+13.89%)
Mutual labels:  x509, key-vault
Openssl Nodejs
is a package which gives you a possibility to run every OpenSSL command 🔒 in Node.js in a handy way. Moreover, parameters like -in, -keyin, -config and etc can be replaced by a raw data (Buffor).
Stars: ✭ 25 (-30.56%)
Mutual labels:  rsa, x509
Oscrypto
Compiler-free Python crypto library backed by the OS, supporting CPython and PyPy
Stars: ✭ 257 (+613.89%)
Mutual labels:  rsa, x509
Jsrsasign
The 'jsrsasign' (RSA-Sign JavaScript Library) is an opensource free cryptography library supporting RSA/RSAPSS/ECDSA/DSA signing/validation, ASN.1, PKCS#1/5/8 private/public key, X.509 certificate, CRL, OCSP, CMS SignedData, TimeStamp, CAdES JSON Web Signature/Token in pure JavaScript.
Stars: ✭ 2,760 (+7566.67%)
Mutual labels:  rsa, x509
fortify
Fortify enables web applications to use smart cards, local certificate stores and do certificate enrollment. This is the desktop application repository.
Stars: ✭ 88 (+144.44%)
Mutual labels:  x509
Cloud-PAW-Management
Simplify PAW and SPA for the masses, unify the MS Internal, and public PAW specs, and expedite deployment to ~5min or less.
Stars: ✭ 45 (+25%)
Mutual labels:  key-vault
prsa
RSA Public Key Encryption
Stars: ✭ 18 (-50%)
Mutual labels:  rsa
openssl
A functions wrapping of OpenSSL library for symmetric and asymmetric encryption and decryption.
Stars: ✭ 199 (+452.78%)
Mutual labels:  rsa
pkcs11-tools
A set of tools to manage objects on PKCS#11 crypotographic tokens. Compatible with any PKCS#11 library, including NSS.
Stars: ✭ 70 (+94.44%)
Mutual labels:  x509
ct-woodpecker
A tool to monitor a certificate transparency log for operational problems
Stars: ✭ 136 (+277.78%)
Mutual labels:  x509
mobileid
Mobile ID Sample Scripts
Stars: ✭ 13 (-63.89%)
Mutual labels:  rsa
galois
A performant NumPy extension for Galois fields and their applications
Stars: ✭ 106 (+194.44%)
Mutual labels:  rsa
openssl
Fork of OpenSSL that includes prototype quantum-resistant algorithms and ciphersuites based on liboqs
Stars: ✭ 215 (+497.22%)
Mutual labels:  x509
asinine
Embeddable ASN.1 (DER) and X.509v3 decoder
Stars: ✭ 34 (-5.56%)
Mutual labels:  x509
webcrypto
A WebCrypto Polyfill for NodeJS
Stars: ✭ 111 (+208.33%)
Mutual labels:  rsa
RSA-via-OpenSSL-libeay32
Реализация шифрования/дешифрование строки алгоритмом RSA через библиотеку openssl на Delphi
Stars: ✭ 29 (-19.44%)
Mutual labels:  rsa
tongyimall
高仿小米商城用户端,是Vue + SpringBoot的前后端分离项目,包括首页门户、商品分类、首页轮播、商品展示、购物车、地址管理等部分。管理端在另一个仓库。
Stars: ✭ 55 (+52.78%)
Mutual labels:  rsa
RSA-ATTACK
RSA加密应用常见缺陷的原理与实践
Stars: ✭ 155 (+330.56%)
Mutual labels:  rsa
DotnetRSA
DotnetRSA is a .NET Core Global Tool.Dotnet RSA Tool can help you generate xml pkcs1, pkcs8 three kinds of format keys, and supports three types of mutual conversion.
Stars: ✭ 27 (-25%)
Mutual labels:  rsa
View All Similar Projects ➔

About

The RSAKeyVaultProvider enables you to use secrets and certificates stored in an Azure Key Vault for performing signing and decryption operations. (Encrypt and verify can be done locally with the public key material.) The type derives from RSA so can be used anywhere an AsymmetricAlgorithm can be, including with SignedXml types.

Package

NuGet: RSAKeyVaultProvider
RSAKeyVaultProvider

CI feed is on Azure Artifacts: https://pkgs.dev.azure.com/clairernovotny/GitBuilds/_packaging/RSAKeyVaultProvider/nuget/v3/index.json
RSAKeyVaultProvider package in RSAKeyVaultProvider feed in Azure Artifacts

Setup

To run these tests, you'll need to import a code signing certificate into an Azure Key Vault. You can do this by importing the PFX for certs you already have, or, the harder way, by generating a CSR in the HSM and using that for an EV Code Signing certificate. You will also need to create a new RSA key using Add-AzureKeyVaultKey or the UI mentioned below. Use the key name as the azureKeyVaultKeyName in the config and the certificate name as the azureKeyVaultCertificateName.

You can also use the Azure Portal to generate a new key and certificate. In the cetificate make sure to go to the advanced policies and select "Data Encipherment" so that it can do the decrypt tests.

Create a service principal / application and grant it access to the Key Vault with the following permissions:

Category Permission
Key Get, Sign, Decrypt
Certificate Get

You'll need to drop a json file called azure-creds.json in the tests private directory with the following values:

{
  "clientId": "",
  "clientSecret": "",
  "tenantId": "",
  "azureKeyVaultUrl": "",
  "azureKeyVaultCertificateName": "",
  "azureKeyVaultKeyName": "" 
}

Azure Key Vault Explorer

There's a handy GUI for accessing Key Vault and includes support for importing certificates: https://github.com/elize1979/AzureKeyVaultExplorer

The app defaults to logging into an @microsoft.com account, so if you want to connect to a different directory, you need to change the settings first. Change the Authority to https://login.windows.net/common and edit the DomainHints value to have your AAD domain(s) in it.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].