Ticket #33 : Fix the installer & fetch the certificate

src/EHealth/Medikit.EHealth/KeyStore/KeyStoreManager.cs

@@ -1,6 +1,11 @@
 // Copyright (c) SimpleIdServer. All rights reserved.
 // Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information.
 using Microsoft.Extensions.Options;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Pkcs;
+using System;
+using System.IO;
+using System.Security.Cryptography;
 using System.Security.Cryptography.X509Certificates;
 using System.Text.RegularExpressions;
 
@@ -30,25 +35,58 @@ public X509Certificate2 GetIdETKCertificate()
         {
             return GetCertificate(_options.IdentityCertificateStore, new Regex("[0-9]{13}"), _options.IdentityCertificateStorePassword);
         }
-        
+
         public X509Certificate2 GetOrgETKCertificate()
         {
             return GetCertificate(_options.OrgCertificateStore, new Regex("[0-9]{13}"), _options.OrgCertificateStorePassword);
         }
 
         private static X509Certificate2 GetCertificate(string path, Regex regex, string password)
         {
-            var col = new X509Certificate2Collection();
-            col.Import(path, password, X509KeyStorageFlags.Exportable);
-            foreach(var cert in col)
+            var store = new Pkcs12Store(new MemoryStream(File.ReadAllBytes(path)), password.ToCharArray());
+            string al = null;
+            foreach (string alias in store.Aliases)
             {
-                if(regex.IsMatch(cert.FriendlyName))
+                if (regex.IsMatch(alias))
                 {
-                    return cert;
+                    al = alias;
+                    break;
                 }
             }
 
-            return null;
+            var cert = store.GetCertificate(al);
+            var key = (RsaPrivateCrtKeyParameters)store.GetKey(al).Key;
+            var rsa = RSA.Create();
+            rsa.ImportParameters(ToRSAParameters(key));
+            var certificate = new X509Certificate2(cert.Certificate.GetEncoded(), password, X509KeyStorageFlags.PersistKeySet);
+            certificate = certificate.CopyWithPrivateKey(rsa);
+            return certificate;
+        }
+
+        private static RSAParameters ToRSAParameters(RsaPrivateCrtKeyParameters privKey)
+        {
+            RSAParameters rp = new RSAParameters();
+            rp.Modulus = privKey.Modulus.ToByteArrayUnsigned();
+            rp.Exponent = privKey.PublicExponent.ToByteArrayUnsigned();
+            rp.P = privKey.P.ToByteArrayUnsigned();
+            rp.Q = privKey.Q.ToByteArrayUnsigned();
+            rp.D = ConvertRSAParametersField(privKey.Exponent, rp.Modulus.Length);
+            rp.DP = ConvertRSAParametersField(privKey.DP, rp.P.Length);
+            rp.DQ = ConvertRSAParametersField(privKey.DQ, rp.Q.Length);
+            rp.InverseQ = ConvertRSAParametersField(privKey.QInv, rp.Q.Length);
+            return rp;
+        }
+
+        private static byte[] ConvertRSAParametersField(Org.BouncyCastle.Math.BigInteger n, int size)
+        {
+            byte[] bs = n.ToByteArrayUnsigned();
+            if (bs.Length == size)
+                return bs;
+            if (bs.Length > size)
+                throw new ArgumentException("Specified size too small", "size");
+            byte[] padded = new byte[size];
+            Array.Copy(bs, 0, padded, size - bs.Length, bs.Length);
+            return padded;
         }
     }
 }

src/EHealth/Medikit.EHealth/Medikit.EHealth.csproj

@@ -6,6 +6,7 @@
     <PackageReference Include="System.Security.Cryptography.Xml" Version="4.7.0" />
     <PackageReference Include="Microsoft.Extensions.Options" Version="2.1.0" />
     <PackageReference Include="Microsoft.Extensions.Http" Version="2.1.0" />
+    <PackageReference Include="BouncyCastle.NetCore" Version="1.8.6" />
   </ItemGroup>
   <ItemGroup>
     <ProjectReference Include="..\..\EID\Medikit.EID\Medikit.EID.csproj" />

src/Medikit/Medikit.Installer/Medikit.Installer.wixproj

@@ -6,6 +6,7 @@
     <ProductVersion>3.10</ProductVersion>
     <ProjectGuid>c226945d-43c5-47c0-8674-3583fa68497b</ProjectGuid>
     <SchemaVersion>2.0</SchemaVersion>
+    <Company>SimpleIdServer</Company>
     <OutputName>Medikit.Installer</OutputName>
     <OutputType>Package</OutputType>
   </PropertyGroup>

src/Medikit/Medikit.Installer/Product.wxs

@@ -4,7 +4,7 @@
 		<Package InstallerVersion="200" Compressed="yes" InstallScope="perMachine" />
 
 		<MajorUpgrade DowngradeErrorMessage="A newer version of [ProductName] is already installed." />
-		<MediaTemplate />
+    <MediaTemplate EmbedCab="yes" />
 
 		<Feature Id="ProductFeature" Title="Medikit.Installer" Level="1">
 			<ComponentGroupRef Id="ProductComponents" />

src/Medikit/Medikit.Installer/assets.wxs

@@ -5,6 +5,9 @@
             <Component Id="cmpF82FCA80BBAF44D285C97F10993DEEE6" Guid="*">
                 <File Id="fil840B80AC19861C7F9F04FBDCFAE331CE" KeyPath="yes" Source="$(var.Medikit.Installer)\appsettings.json" />
             </Component>
+            <Component Id="cmpCF9B3A227754E55B2A4622BDADF51333" Guid="*">
+                <File Id="fil244CDAED28510644E512EA1DBCB9390F" KeyPath="yes" Source="$(var.Medikit.Installer)\BouncyCastle.Crypto.dll" />
+            </Component>
             <Component Id="cmp91710BBC26289F9B4656241FE8A97166" Guid="*">
                 <File Id="fil56A6452FF21E11E7D230D690E4155030" KeyPath="yes" Source="$(var.Medikit.Installer)\Medikit.Authenticate.Client.deps.json" />
             </Component>
@@ -175,6 +178,7 @@
     <Fragment>
         <ComponentGroup Id="Medikit.Installer.Binaries">
             <ComponentRef Id="cmpF82FCA80BBAF44D285C97F10993DEEE6" />
+            <ComponentRef Id="cmpCF9B3A227754E55B2A4622BDADF51333" />
             <ComponentRef Id="cmp91710BBC26289F9B4656241FE8A97166" />
             <ComponentRef Id="cmp7F45CC870ADB8D50B9C9992DAAA22E21" />