From 5ee4eba196e3ec03d207b44743197804f5917f49 Mon Sep 17 00:00:00 2001
From: idimov-keeper <78815270+idimov-keeper@users.noreply.github.com>
Date: Wed, 4 Sep 2024 16:11:25 -0500
Subject: [PATCH] KSM-550 Stop generating UIDs that start with "-" (#646)
---
sdk/dotNet/README.md | 4 ++++
sdk/dotNet/SecretsManager/CryptoUtils.cs | 13 +++++++++++++
sdk/dotNet/SecretsManager/SecretsManager.csproj | 6 +++---
sdk/dotNet/SecretsManager/SecretsManagerClient.cs | 4 ++--
4 files changed, 22 insertions(+), 5 deletions(-)
diff --git a/sdk/dotNet/README.md b/sdk/dotNet/README.md
index 8a77aa2b..cc10cda8 100644
--- a/sdk/dotNet/README.md
+++ b/sdk/dotNet/README.md
@@ -3,6 +3,10 @@
# Change Log
+## 16.6.7
+
+* KSM-550 - Stop generating UIDs that start with "-"
+
## 16.6.6
* KSM-360 - GHA to build and release strong named assemblies
diff --git a/sdk/dotNet/SecretsManager/CryptoUtils.cs b/sdk/dotNet/SecretsManager/CryptoUtils.cs
index 84f73137..3ba24046 100644
--- a/sdk/dotNet/SecretsManager/CryptoUtils.cs
+++ b/sdk/dotNet/SecretsManager/CryptoUtils.cs
@@ -80,6 +80,19 @@ public static byte[] GetRandomBytes(int length)
return bytes;
}
+ public static byte[] GetUidBytes()
+ {
+ byte dash = 0b1111_1000;
+ var bytes = new byte[] { };
+ for (int i = 0; i < 8; i++) {
+ bytes = GetRandomBytes(16);
+ if ((dash & bytes[0]) != dash) break;
+ }
+ if ((dash & bytes[0]) == dash)
+ bytes[0] = (byte)(bytes[0] & (byte)0b0111_1111);
+ return bytes;
+ }
+
public static byte[] GenerateKeyPair()
{
var keyGenerator = new ECKeyPairGenerator();
diff --git a/sdk/dotNet/SecretsManager/SecretsManager.csproj b/sdk/dotNet/SecretsManager/SecretsManager.csproj
index 0a662ddc..f4c18583 100644
--- a/sdk/dotNet/SecretsManager/SecretsManager.csproj
+++ b/sdk/dotNet/SecretsManager/SecretsManager.csproj
@@ -5,9 +5,9 @@
9
Keeper Security Inc.
SecretsManager .Net SDK
- 16.6.6
- 16.6.6
- 16.6.6
+ 16.6.7
+ 16.6.7
+ 16.6.7
en-US
Keeper.SecretsManager
Sergey Aldoukhov
diff --git a/sdk/dotNet/SecretsManager/SecretsManagerClient.cs b/sdk/dotNet/SecretsManager/SecretsManagerClient.cs
index bcb6eec6..01bdf108 100644
--- a/sdk/dotNet/SecretsManager/SecretsManagerClient.cs
+++ b/sdk/dotNet/SecretsManager/SecretsManagerClient.cs
@@ -1262,7 +1262,7 @@ private static CreatePayload PrepareCreatePayload(IKeyValueStorage storage, Crea
var recordBytes = JsonUtils.SerializeJson(recordData);
var recordKey = CryptoUtils.GetRandomBytes(32);
- var recordUid = CryptoUtils.GetRandomBytes(16);
+ var recordUid = CryptoUtils.GetUidBytes();
var encryptedRecord = CryptoUtils.Encrypt(recordBytes, recordKey);
var encryptedRecordKey = CryptoUtils.PublicEncrypt(recordKey, ownerPublicKey);
var encryptedFolderKey = CryptoUtils.Encrypt(recordKey, folderKey);
@@ -1283,7 +1283,7 @@ private static CreateFolderPayload PrepareCreateFolderPayload(IKeyValueStorage s
var folderDataBytes = JsonUtils.SerializeJson(new KeeperFolderName { name = folderName });
var folderKey = CryptoUtils.GetRandomBytes(32);
- var folderUid = CryptoUtils.GetRandomBytes(16);
+ var folderUid = CryptoUtils.GetUidBytes();
var encryptedFolderData = CryptoUtils.Encrypt(folderDataBytes, folderKey, true);
var encryptedFolderKey = CryptoUtils.Encrypt(folderKey, sharedFolderKey, true);