private static StatusInfo Extract(ArgsInfo arguments) { StatusInfo si; try { si = new StatusInfo( new ResultInfo( _serializer.CertificateToSerializable( arguments.CertificateSource, arguments.InputFile, arguments.NodeId) ) ); } catch (Exception e) { si = new StatusInfo( new ErrorInfo( ErrorCodes.CertificateExtractionException, ErrorType.CertificateExtraction, e.Message)); } return(si); }
public async Task <IHttpActionResult> Command(string command) { if (!Request.IsAuthorized()) { Log.Fatal("Blocked WebApiHost request from {blockedIp}", Request.GetRemoteIp()); return(StatusCode(HttpStatusCode.Forbidden)); } var context = new OperationContext(Request); try { Program.WebApiHost.ClientConnected(); context.SetRawInputParameters(Request.RequestUri.Query, command); var inputParameters = await ReadInputParameters(Request, command); context.SetInputParameters(inputParameters); var validationResult = ValidateParameters(inputParameters); if (!validationResult.isParametersOk) { return(ErrorResultBadRequest(validationResult.errorReason, context)); } switch (inputParameters.ArgsInfo.Function) { case ProgramFunction.Sign: var signerResponse = _signer.Sign( inputParameters.ArgsInfo.SigType, inputParameters.ArgsInfo.GostFlavor, inputParameters.ArgsInfo.CertificateThumbprint, inputParameters.DataToSign, inputParameters.ArgsInfo.NodeId, inputParameters.ArgsInfo.IgnoreExpiredCertificate, inputParameters.ArgsInfo.IsAddSigningTime); var binaryData = signerResponse.IsResultBase64Bytes ? Convert.FromBase64String(signerResponse.SignedData) : Encoding.UTF8.GetBytes(signerResponse.SignedData); context.SetSignerResponse(signerResponse); var streamToReturn = new MemoryStream(binaryData); var returnMessage = new HttpResponseMessage(HttpStatusCode.OK) { Content = new StreamContent(streamToReturn), }; SetAdditionalResponseProperties(returnMessage); Log.Debug( "Successfully signed file from ip {requesterIp} with following parameters: [{parameters}]", Request.GetRemoteIp(), context.RawInputParameters); return(SuccessResult(returnMessage, context)); case ProgramFunction.Verify: var verifierResponse = _verifier.VerifySignature( inputParameters.ArgsInfo.SigType, nodeId: inputParameters.ArgsInfo.NodeId, signedFileBytes: inputParameters.DataToSign, signatureFileBytes: inputParameters.SignatureFileBytes, isVerifyCertificateChain: inputParameters.ArgsInfo.IsVerifyCertificateChain); var verifierRetrurnMessge = new HttpResponseMessage(HttpStatusCode.OK) { Content = new StringContent(JsonConvert.SerializeObject(verifierResponse)) }; SetAdditionalResponseProperties(verifierRetrurnMessge); Log.Debug( "Successfully checked signature from ip {requesterIp} with following parameters: [{parameters}]", Request.GetRemoteIp(), context.RawInputParameters); return(SuccessResult(verifierRetrurnMessge, context)); case ProgramFunction.Extract: var readCertificate = _certificateProcessor.ReadCertificateFromSignedFile( inputParameters.ArgsInfo.SigType, signedFileBytes: inputParameters.DataToSign, signatureFileBytes: inputParameters.SignatureFileBytes, nodeId: inputParameters.ArgsInfo.NodeId); var serializableCertificate = _certificateSerializer.CertificateToSerializable(readCertificate); var extractedCertificateRetrurnMessge = new HttpResponseMessage(HttpStatusCode.OK) { Content = new StringContent(JsonConvert.SerializeObject(serializableCertificate)) }; SetAdditionalResponseProperties(extractedCertificateRetrurnMessge); Log.Debug( "Successfully extracted certificate from signed file from ip {requesterIp} with following parameters: [{parameters}]", Request.GetRemoteIp(), context.RawInputParameters); return(SuccessResult(extractedCertificateRetrurnMessge, context)); case ProgramFunction.VerifyAndExtract: var verifierResponsePart = _verifier.VerifySignature( inputParameters.ArgsInfo.SigType, signedFileBytes: inputParameters.DataToSign, signatureFileBytes: inputParameters.SignatureFileBytes, nodeId: inputParameters.ArgsInfo.NodeId, isVerifyCertificateChain: inputParameters.ArgsInfo.IsVerifyCertificateChain); var readCertificatePart = _certificateProcessor.ReadCertificateFromSignedFile( inputParameters.ArgsInfo.SigType, signedFileBytes: inputParameters.DataToSign, signatureFileBytes: inputParameters.SignatureFileBytes, nodeId: inputParameters.ArgsInfo.NodeId); var serializableCertificatePart = _certificateSerializer.CertificateToSerializable(readCertificatePart); var combinedResponse = new CombinedResponse() { VerificationResult = verifierResponsePart, ExtractedCertificate = serializableCertificatePart }; if (verifierResponsePart.SigningDateTime.HasValue) { combinedResponse.SignatureInfo = new() { SigningDateTime = verifierResponsePart.SigningDateTime }; } var verifyAndExtractRetrurnMessge = new HttpResponseMessage(HttpStatusCode.OK) { Content = new StringContent(JsonConvert.SerializeObject(combinedResponse)) }; SetAdditionalResponseProperties(verifyAndExtractRetrurnMessge); Log.Debug( "Successfully verified and extracted certificate from signed file from ip {requesterIp} with following parameters: [{parameters}]", Request.GetRemoteIp(), context.RawInputParameters); return(SuccessResult(verifyAndExtractRetrurnMessge, context)); case ProgramFunction.Describe: var readInputCertificate = _certificateProcessor.ReadCertificateFromCertificateFile(inputParameters.CertificateFileBytes); var describedCertificate = _certificateSerializer.CertificateToSerializable(readInputCertificate); var certificateDescribeReturnMessge = new HttpResponseMessage(HttpStatusCode.OK) { Content = new StringContent(JsonConvert.SerializeObject(describedCertificate)) }; Log.Debug( "Successfully described extracted certificate from ip {requesterIp}", Request.GetRemoteIp()); return(SuccessResult(certificateDescribeReturnMessge, context)); default: return(ErrorResultBadRequest($"Command {command} is not supported.", context)); } } catch (OperationCanceledException opce) { Log.Warning("Client disconnected prior to singing completion"); return(ErrorResultBadRequest(opce, context)); } catch (Exception ex) { Log.Error(ex, "Error occured during signing process with command: {command}", command); return(ErrorResultBadRequest(ex, context)); } finally { SaveOperationContext(context); Program.WebApiHost.ClientDisconnected(); } }