/// <summary> /// Get active data from hot server. /// This is neccessary on integrity update. /// </summary> /// <returns>Active data from hot server</returns> public CAModelDto GetModel() { CAModelDto retVal = new CAModelDto(); retVal.ActiveCertificates = new HashSet<CertificateDto>(); foreach(var cer in activeCertificates) { retVal.ActiveCertificates.Add(new CertificateDto(cer)); } retVal.RevocationList = new HashSet<CertificateDto>(); foreach(var cer in revocationList) { retVal.RevocationList.Add(new CertificateDto(cer)); } retVal.ClientDict = new Dictionary<string, string>(); foreach(var pair in clientDict) { retVal.ClientDict.Add(pair.Key, pair.Value); } retVal.CaCertificate = new CertificateDto(caCertificate); return retVal; }
/// <summary> /// This method is used for integrity update. /// Integrity update implies data copy from hot to backup server. /// </summary> /// <param name="param">Data from hot server</param> /// <returns></returns> public bool SetModel(CAModelDto param) { bool retVal = true; // Copy and install valid CA certificate to backup server if (File.Exists(PFX_PATH)) { System.IO.File.Delete(PFX_PATH); } CertificateHandler.ReplaceCACertificateInStore(caCertificate, param.CaCertificate.GetCert()); caCertificate = param.CaCertificate.GetCert(); caPrivateKey = DotNetUtilities.GetKeyPair(caCertificate.PrivateKey).Private; CertificateHandler.ExportToFileSystem(X509ContentType.Pfx, caCertificate, caCertificate.SubjectName.Name); // Export and install active client certificates on backup server activeCertificates.Clear(); foreach(var cerDto in param.ActiveCertificates) { X509Certificate2 cert = cerDto.GetCert(); activeCertificates.Add(cert); CertificateHandler.ExportToFileSystem(X509ContentType.Pfx, cert, cert.SubjectName.Name); string fileName = cert.SubjectName.Name.Contains("=") ? cert.SubjectName.Name.Split('=')[1] : cert.SubjectName.Name; if (!File.Exists(CERT_FOLDER_PATH + cert.SubjectName.Name + fileName + ".pfx")) { CertificateHandler.AddCertificateToStore(cert, StoreName.TrustedPeople, StoreLocation.LocalMachine); } } // Set active revocation list on backup server revocationList.Clear(); foreach (var cerDto in param.RevocationList) { X509Certificate2 cert = cerDto.GetCert(); revocationList.Add(cert); } clientDict.Clear(); foreach (var pair in param.ClientDict) { clientDict.Add(pair.Key, pair.Value); } return retVal; }