Beispiel #1
0
 public CreateNewKeyPairRequestFormApiModel(CreateNewKeyPairRequestApiModel apiModel) :
     base()
 {
     ApplicationId      = apiModel.ApplicationId;
     CertificateGroupId = apiModel.CertificateGroupId;
     CertificateTypeId  = apiModel.CertificateTypeId;
     SubjectName        = apiModel.SubjectName;
     DomainNames        = apiModel.DomainNames;
     PrivateKeyFormat   = apiModel.PrivateKeyFormat;
     PrivateKeyPassword = apiModel.PrivateKeyPassword;
 }
        public NodeId StartNewKeyPairRequest(
            NodeId applicationId,
            string certificateGroupId,
            string certificateTypeId,
            string subjectName,
            string[] domainNames,
            string privateKeyFormat,
            string privateKeyPassword,
            string authorityId)
        {
            string appId = OpcVaultClientHelper.GetServiceIdFromNodeId(applicationId, NamespaceIndex);

            if (string.IsNullOrEmpty(appId))
            {
                throw new ServiceResultException(StatusCodes.BadInvalidArgument, "The ApplicationId is invalid.");
            }

            if (String.IsNullOrWhiteSpace(certificateTypeId))
            {
                throw new ServiceResultException(StatusCodes.BadInvalidArgument, "The CertificateTypeId does not refer to a supported CertificateType.");
            }

            if (String.IsNullOrWhiteSpace(certificateGroupId))
            {
                throw new ServiceResultException(StatusCodes.BadInvalidArgument, "The CertificateGroupId does not refer to a supported CertificateGroup.");
            }

            try
            {
                var model = new CreateNewKeyPairRequestApiModel(
                    appId,
                    certificateGroupId,
                    certificateTypeId,
                    subjectName,
                    domainNames,
                    privateKeyFormat,
                    privateKeyPassword
                    );

                string requestId = _opcVaultServiceClient.CreateNewKeyPairRequest(model);

                return(OpcVaultClientHelper.GetNodeIdFromServiceId(requestId, NamespaceIndex));
            }
            catch (HttpOperationException httpEx)
            {
                // TODO: return matching ServiceResultException
                //throw new ServiceResultException(StatusCodes.BadNodeIdUnknown);
                //throw new ServiceResultException(StatusCodes.BadInvalidArgument);
                //throw new ServiceResultException(StatusCodes.BadUserAccessDenied);
                throw new ServiceResultException(httpEx, StatusCodes.BadRequestNotAllowed);
            }
        }
Beispiel #3
0
        protected override ValidationResult IsValid(object value, ValidationContext validationContext)
        {
            CreateNewKeyPairRequestApiModel request = (CreateNewKeyPairRequestApiModel)validationContext.ObjectInstance;
            var errorList = new List <string>();

            if (String.IsNullOrWhiteSpace(request.SubjectName))
            {
                errorList.Add(nameof(request.SubjectName));
            }
            if (request.DomainNames != null)
            {
                if (request.DomainNames.Count > 0)
                {
                    if (String.IsNullOrWhiteSpace(request.DomainNames[0]))
                    {
                        errorList.Add("DomainNames[0]");
                    }
                }
            }
            if (String.IsNullOrWhiteSpace(request.PrivateKeyFormat))
            {
                errorList.Add(nameof(request.PrivateKeyFormat));
            }
            if (errorList.Count > 0)
            {
                return(new ValidationResult("Required Field.", errorList));
            }

            try
            {
                var dn     = Opc.Ua.Utils.ParseDistinguishedName(request.SubjectName);
                var prefix = dn.Where(x => x.StartsWith("CN=", StringComparison.OrdinalIgnoreCase)).FirstOrDefault();
                if (prefix == null)
                {
                    errorList.Add(nameof(request.SubjectName));
                    return(new ValidationResult("Need at least a common name CN=", errorList));
                }
            }
            catch
            {
                errorList.Add(nameof(request.SubjectName));
            }
            if (errorList.Count > 0)
            {
                return(new ValidationResult("Not a well formed Certificate Subject.", errorList));
            }

            return(ValidationResult.Success);
        }
Beispiel #4
0
        public async Task <string> CreateNewKeyPairRequestAsync([FromBody] CreateNewKeyPairRequestApiModel newKeyPairRequest)
        {
            if (newKeyPairRequest == null)
            {
                throw new ArgumentNullException(nameof(newKeyPairRequest));
            }
            string authorityId = User.Identity.Name;

            return(await _certificateRequest.StartNewKeyPairRequestAsync(
                       newKeyPairRequest.ApplicationId,
                       newKeyPairRequest.CertificateGroupId,
                       newKeyPairRequest.CertificateTypeId,
                       newKeyPairRequest.SubjectName,
                       newKeyPairRequest.DomainNames,
                       newKeyPairRequest.PrivateKeyFormat,
                       newKeyPairRequest.PrivateKeyPassword,
                       authorityId));
        }