/// <summary>
/// Store the certificate for the specified host.
/// </summary>
/// <param name="certificate">The certificate to store.</param>
/// <param name="host">The host the certificate belongs to.</param>
/// <param name="domainID">the domainID to which host belongs</param>
/// <param name="persist">If true save in store.</param>
public static void StoreDomainCertificate(byte[] certificate, string host, string domainID, bool persist)
{
// this function is neither tested nor used
string uriHost = GetHostFromUri(host);
log.Debug("storing certificate for host : {0}", uriHost);
CertPolicy.StoreCertificate(certificate, uriHost);
//try
//{
if (persist)
{
// Save the cert in the store.
Store store = Store.GetStore();
Domain domain = store.GetDomain(domainID);
// Check for an existing cert in the store.
Node cn = null;
ICSList nodeList = domain.Search(hostProperty, uriHost, SearchOp.Equal);
foreach (ShallowNode sn in nodeList)
{
cn = new Node(domain, sn);
if (!cn.IsType(CertType))
{
cn = null;
continue;
}
break;
}
if (cn == null)
{
// The cert doesn't exist ... create it.
//cn=new Node("
cn = new Node("Certificate for " + uriHost);
domain.SetType(cn, CertType);
cn.Properties.ModifyNodeProperty(new Property(hostProperty, uriHost));
}
Property myprop = new Property(certificateProperty, Convert.ToBase64String(certificate));
myprop.LocalProperty = true;
cn.Properties.ModifyNodeProperty(myprop);
//cn.Properties.ModifyNodeProperty(new Property(certificateProperty, Convert.ToBase64String(certificate)));
log.Debug("committed the storage of certificate");
domain.Commit(cn);
}
//}catch(Exception ex){}
}
/// <summary>
/// Store the PPKData with the specified property.
/// </summary>
/// <param name="ppkData">The PPK to store.</param>
/// <param name="prop">The property PPK belongs to.</param>
/// <param name="persist">If true save in store.</param>
/// <param name="inTable">If true save in Policy HashTable.</param>
/// <param name="isRA">.</param>
/// <param name="PPKtype">.</param>
public static void StorePPKData(byte[] ppkData, string prop, bool persist, bool inTable, bool isRA, string PPKtype)
{
Domain domain;
if (inTable && PPKtype == CertType)
{
if (isRA)
{
CertPolicy.StoreRACertificate(ppkData, prop);
}
else
{
CertPolicy.StoreCertificate(ppkData, prop);
}
}
if (persist)
{
// Save the cert in the store.
Store store = Store.GetStore();
if (isRA)
{
domain = store.GetDomain(store.DefaultDomain);
}
else
{
domain = store.GetDomain(store.LocalDomain);
}
// Check for an existing cert in the store.
Node cn = null;
ICSList nodeList;
if (isRA)
{
nodeList = domain.Search(raProperty, prop, SearchOp.Equal);
}
else
{
nodeList = domain.Search(hostProperty, prop, SearchOp.Equal);
}
foreach (ShallowNode sn in nodeList)
{
cn = new Node(domain, sn);
if (!cn.IsType(PPKtype))
{
cn = null;
continue;
}
break;
}
if (cn == null)
{
// The cert/rsa doesn't exist ... create it.
cn = new Node(certificateProperty + " for " + prop);
domain.SetType(cn, PPKtype);
if (isRA)
{
cn.CollisionPolicy = CollisionPolicy.ServerWins;
cn.Properties.ModifyNodeProperty(new Property(raProperty, prop));
}
else
{
cn.Properties.ModifyNodeProperty(new Property(hostProperty, prop));
}
}
cn.Properties.ModifyNodeProperty(new Property(certificateProperty, Convert.ToBase64String(ppkData)));
domain.Commit(cn);
log.Debug("committed the storage of certificate into domain");
}
}
/// <summary>
///
/// </summary>
public static void LoadCertsFromStore()
{
Store store = Store.GetStore();
Domain domain = store.GetDomain(store.LocalDomain);
// We need to get rid of any duplicate certificates that may exist.
Hashtable ht = new Hashtable();
ArrayList nodesToDelete = new ArrayList();
{
ICSList certs = domain.GetNodesByType(CertType);
ht.Clear();
nodesToDelete.Clear();
foreach (ShallowNode sn in certs)
{
Node node = new Node(domain, sn);
try
{
string nodeProperty = node.Properties.GetSingleProperty(hostProperty).Value.ToString();
if (nodeProperty != null)
{
if (ht.Contains(nodeProperty))
{
// A duplicate exists, use the most recent one.
Node dupNode = (Node)ht[nodeProperty];
DateTime nodeTime = (DateTime)node.Properties.GetSingleProperty(PropertyTags.NodeCreationTime).Value;
DateTime dupNodeTime = (DateTime)dupNode.Properties.GetSingleProperty(PropertyTags.NodeCreationTime).Value;
if (dupNodeTime > nodeTime)
{
nodesToDelete.Add(node);
node = dupNode;
}
else
{
nodesToDelete.Add(dupNode);
ht[nodeProperty] = node;
}
}
else
{
ht.Add(nodeProperty, node);
}
string sCert = node.Properties.GetSingleProperty(certificateProperty).Value.ToString();
byte[] certificate = Convert.FromBase64String(sCert);
CertPolicy.StoreCertificate(certificate, nodeProperty);
}
}
catch {}
}
if (nodesToDelete.Count > 0)
{
try
{
domain.Commit(domain.Delete((Node[])(nodesToDelete.ToArray(typeof(Node)))));
}
catch {}
}
}
}
