From 5ee4eba196e3ec03d207b44743197804f5917f49 Mon Sep 17 00:00:00 2001 From: idimov-keeper <78815270+idimov-keeper@users.noreply.github.com> Date: Wed, 4 Sep 2024 16:11:25 -0500 Subject: [PATCH] KSM-550 Stop generating UIDs that start with "-" (#646) --- sdk/dotNet/README.md | 4 ++++ sdk/dotNet/SecretsManager/CryptoUtils.cs | 13 +++++++++++++ sdk/dotNet/SecretsManager/SecretsManager.csproj | 6 +++--- sdk/dotNet/SecretsManager/SecretsManagerClient.cs | 4 ++-- 4 files changed, 22 insertions(+), 5 deletions(-) diff --git a/sdk/dotNet/README.md b/sdk/dotNet/README.md index 8a77aa2b..cc10cda8 100644 --- a/sdk/dotNet/README.md +++ b/sdk/dotNet/README.md @@ -3,6 +3,10 @@ # Change Log +## 16.6.7 + +* KSM-550 - Stop generating UIDs that start with "-" + ## 16.6.6 * KSM-360 - GHA to build and release strong named assemblies diff --git a/sdk/dotNet/SecretsManager/CryptoUtils.cs b/sdk/dotNet/SecretsManager/CryptoUtils.cs index 84f73137..3ba24046 100644 --- a/sdk/dotNet/SecretsManager/CryptoUtils.cs +++ b/sdk/dotNet/SecretsManager/CryptoUtils.cs @@ -80,6 +80,19 @@ public static byte[] GetRandomBytes(int length) return bytes; } + public static byte[] GetUidBytes() + { + byte dash = 0b1111_1000; + var bytes = new byte[] { }; + for (int i = 0; i < 8; i++) { + bytes = GetRandomBytes(16); + if ((dash & bytes[0]) != dash) break; + } + if ((dash & bytes[0]) == dash) + bytes[0] = (byte)(bytes[0] & (byte)0b0111_1111); + return bytes; + } + public static byte[] GenerateKeyPair() { var keyGenerator = new ECKeyPairGenerator(); diff --git a/sdk/dotNet/SecretsManager/SecretsManager.csproj b/sdk/dotNet/SecretsManager/SecretsManager.csproj index 0a662ddc..f4c18583 100644 --- a/sdk/dotNet/SecretsManager/SecretsManager.csproj +++ b/sdk/dotNet/SecretsManager/SecretsManager.csproj @@ -5,9 +5,9 @@ 9 Keeper Security Inc. SecretsManager .Net SDK - 16.6.6 - 16.6.6 - 16.6.6 + 16.6.7 + 16.6.7 + 16.6.7 en-US Keeper.SecretsManager Sergey Aldoukhov diff --git a/sdk/dotNet/SecretsManager/SecretsManagerClient.cs b/sdk/dotNet/SecretsManager/SecretsManagerClient.cs index bcb6eec6..01bdf108 100644 --- a/sdk/dotNet/SecretsManager/SecretsManagerClient.cs +++ b/sdk/dotNet/SecretsManager/SecretsManagerClient.cs @@ -1262,7 +1262,7 @@ private static CreatePayload PrepareCreatePayload(IKeyValueStorage storage, Crea var recordBytes = JsonUtils.SerializeJson(recordData); var recordKey = CryptoUtils.GetRandomBytes(32); - var recordUid = CryptoUtils.GetRandomBytes(16); + var recordUid = CryptoUtils.GetUidBytes(); var encryptedRecord = CryptoUtils.Encrypt(recordBytes, recordKey); var encryptedRecordKey = CryptoUtils.PublicEncrypt(recordKey, ownerPublicKey); var encryptedFolderKey = CryptoUtils.Encrypt(recordKey, folderKey); @@ -1283,7 +1283,7 @@ private static CreateFolderPayload PrepareCreateFolderPayload(IKeyValueStorage s var folderDataBytes = JsonUtils.SerializeJson(new KeeperFolderName { name = folderName }); var folderKey = CryptoUtils.GetRandomBytes(32); - var folderUid = CryptoUtils.GetRandomBytes(16); + var folderUid = CryptoUtils.GetUidBytes(); var encryptedFolderData = CryptoUtils.Encrypt(folderDataBytes, folderKey, true); var encryptedFolderKey = CryptoUtils.Encrypt(folderKey, sharedFolderKey, true);