Beispiel #1
0
        /// <summary>
        /// Get active data from hot server. 
        /// This is neccessary on integrity update.
        /// </summary>
        /// <returns>Active data from hot server</returns>
        public CAModelDto GetModel()
        {
            CAModelDto retVal = new CAModelDto();

            retVal.ActiveCertificates = new HashSet<CertificateDto>();
            foreach(var cer in activeCertificates)
            {
                retVal.ActiveCertificates.Add(new CertificateDto(cer));
            }

            retVal.RevocationList = new HashSet<CertificateDto>();
            foreach(var cer in revocationList)
            {
                retVal.RevocationList.Add(new CertificateDto(cer));
            }

            retVal.ClientDict = new Dictionary<string, string>();
            foreach(var pair in clientDict)
            {
                retVal.ClientDict.Add(pair.Key, pair.Value);
            }

            retVal.CaCertificate = new CertificateDto(caCertificate);

            return retVal;
        }
Beispiel #2
0
        /// <summary>
        /// This method is used for integrity update.
        /// Integrity update implies data copy from hot to backup server.
        /// </summary>
        /// <param name="param">Data from hot server</param>
        /// <returns></returns>
        public bool SetModel(CAModelDto param)
        {
            bool retVal = true;
            
            // Copy and install valid CA certificate to backup server
            if (File.Exists(PFX_PATH))
            {
                System.IO.File.Delete(PFX_PATH);
            }

            CertificateHandler.ReplaceCACertificateInStore(caCertificate, param.CaCertificate.GetCert());
            caCertificate = param.CaCertificate.GetCert();
            caPrivateKey = DotNetUtilities.GetKeyPair(caCertificate.PrivateKey).Private;
            CertificateHandler.ExportToFileSystem(X509ContentType.Pfx, caCertificate, caCertificate.SubjectName.Name);

            // Export and install active client certificates on backup server
            activeCertificates.Clear();
            foreach(var cerDto in param.ActiveCertificates)
            {
                X509Certificate2 cert = cerDto.GetCert();
                activeCertificates.Add(cert);
                CertificateHandler.ExportToFileSystem(X509ContentType.Pfx, cert, cert.SubjectName.Name);

                string fileName = cert.SubjectName.Name.Contains("=") ? cert.SubjectName.Name.Split('=')[1] : cert.SubjectName.Name;
                if (!File.Exists(CERT_FOLDER_PATH + cert.SubjectName.Name + fileName + ".pfx"))
                {
                    CertificateHandler.AddCertificateToStore(cert, StoreName.TrustedPeople, StoreLocation.LocalMachine);
                }
            }

            // Set active revocation list on backup server
            revocationList.Clear();
            foreach (var cerDto in param.RevocationList)
            {
                X509Certificate2 cert = cerDto.GetCert();
                revocationList.Add(cert);
            }

            clientDict.Clear();
            foreach (var pair in param.ClientDict)
            {
                clientDict.Add(pair.Key, pair.Value);
            }

            return retVal;
        }