private static StatusInfo Extract(ArgsInfo arguments)
{
StatusInfo si;
try
{
si = new StatusInfo(
new ResultInfo(
_serializer.CertificateToSerializable(
arguments.CertificateSource,
arguments.InputFile,
arguments.NodeId)
)
);
}
catch (Exception e)
{
si = new StatusInfo(
new ErrorInfo(
ErrorCodes.CertificateExtractionException,
ErrorType.CertificateExtraction,
e.Message));
}
return(si);
}
public async Task <IHttpActionResult> Command(string command)
{
if (!Request.IsAuthorized())
{
Log.Fatal("Blocked WebApiHost request from {blockedIp}", Request.GetRemoteIp());
return(StatusCode(HttpStatusCode.Forbidden));
}
var context = new OperationContext(Request);
try
{
Program.WebApiHost.ClientConnected();
context.SetRawInputParameters(Request.RequestUri.Query, command);
var inputParameters = await ReadInputParameters(Request, command);
context.SetInputParameters(inputParameters);
var validationResult = ValidateParameters(inputParameters);
if (!validationResult.isParametersOk)
{
return(ErrorResultBadRequest(validationResult.errorReason, context));
}
switch (inputParameters.ArgsInfo.Function)
{
case ProgramFunction.Sign:
var signerResponse = _signer.Sign(
inputParameters.ArgsInfo.SigType,
inputParameters.ArgsInfo.GostFlavor,
inputParameters.ArgsInfo.CertificateThumbprint,
inputParameters.DataToSign,
inputParameters.ArgsInfo.NodeId,
inputParameters.ArgsInfo.IgnoreExpiredCertificate,
inputParameters.ArgsInfo.IsAddSigningTime);
var binaryData = signerResponse.IsResultBase64Bytes
? Convert.FromBase64String(signerResponse.SignedData)
: Encoding.UTF8.GetBytes(signerResponse.SignedData);
context.SetSignerResponse(signerResponse);
var streamToReturn = new MemoryStream(binaryData);
var returnMessage = new HttpResponseMessage(HttpStatusCode.OK)
{
Content = new StreamContent(streamToReturn),
};
SetAdditionalResponseProperties(returnMessage);
Log.Debug(
"Successfully signed file from ip {requesterIp} with following parameters: [{parameters}]",
Request.GetRemoteIp(),
context.RawInputParameters);
return(SuccessResult(returnMessage, context));
case ProgramFunction.Verify:
var verifierResponse = _verifier.VerifySignature(
inputParameters.ArgsInfo.SigType,
nodeId: inputParameters.ArgsInfo.NodeId,
signedFileBytes: inputParameters.DataToSign,
signatureFileBytes: inputParameters.SignatureFileBytes,
isVerifyCertificateChain: inputParameters.ArgsInfo.IsVerifyCertificateChain);
var verifierRetrurnMessge = new HttpResponseMessage(HttpStatusCode.OK)
{
Content = new StringContent(JsonConvert.SerializeObject(verifierResponse))
};
SetAdditionalResponseProperties(verifierRetrurnMessge);
Log.Debug(
"Successfully checked signature from ip {requesterIp} with following parameters: [{parameters}]",
Request.GetRemoteIp(),
context.RawInputParameters);
return(SuccessResult(verifierRetrurnMessge, context));
case ProgramFunction.Extract:
var readCertificate = _certificateProcessor.ReadCertificateFromSignedFile(
inputParameters.ArgsInfo.SigType,
signedFileBytes: inputParameters.DataToSign,
signatureFileBytes: inputParameters.SignatureFileBytes,
nodeId: inputParameters.ArgsInfo.NodeId);
var serializableCertificate = _certificateSerializer.CertificateToSerializable(readCertificate);
var extractedCertificateRetrurnMessge = new HttpResponseMessage(HttpStatusCode.OK)
{
Content = new StringContent(JsonConvert.SerializeObject(serializableCertificate))
};
SetAdditionalResponseProperties(extractedCertificateRetrurnMessge);
Log.Debug(
"Successfully extracted certificate from signed file from ip {requesterIp} with following parameters: [{parameters}]",
Request.GetRemoteIp(),
context.RawInputParameters);
return(SuccessResult(extractedCertificateRetrurnMessge, context));
case ProgramFunction.VerifyAndExtract:
var verifierResponsePart = _verifier.VerifySignature(
inputParameters.ArgsInfo.SigType,
signedFileBytes: inputParameters.DataToSign,
signatureFileBytes: inputParameters.SignatureFileBytes,
nodeId: inputParameters.ArgsInfo.NodeId,
isVerifyCertificateChain: inputParameters.ArgsInfo.IsVerifyCertificateChain);
var readCertificatePart = _certificateProcessor.ReadCertificateFromSignedFile(
inputParameters.ArgsInfo.SigType,
signedFileBytes: inputParameters.DataToSign,
signatureFileBytes: inputParameters.SignatureFileBytes,
nodeId: inputParameters.ArgsInfo.NodeId);
var serializableCertificatePart =
_certificateSerializer.CertificateToSerializable(readCertificatePart);
var combinedResponse = new CombinedResponse()
{
VerificationResult = verifierResponsePart,
ExtractedCertificate = serializableCertificatePart
};
if (verifierResponsePart.SigningDateTime.HasValue)
{
combinedResponse.SignatureInfo = new()
{
SigningDateTime = verifierResponsePart.SigningDateTime
};
}
var verifyAndExtractRetrurnMessge = new HttpResponseMessage(HttpStatusCode.OK)
{
Content = new StringContent(JsonConvert.SerializeObject(combinedResponse))
};
SetAdditionalResponseProperties(verifyAndExtractRetrurnMessge);
Log.Debug(
"Successfully verified and extracted certificate from signed file from ip {requesterIp} with following parameters: [{parameters}]",
Request.GetRemoteIp(),
context.RawInputParameters);
return(SuccessResult(verifyAndExtractRetrurnMessge, context));
case ProgramFunction.Describe:
var readInputCertificate = _certificateProcessor.ReadCertificateFromCertificateFile(inputParameters.CertificateFileBytes);
var describedCertificate =
_certificateSerializer.CertificateToSerializable(readInputCertificate);
var certificateDescribeReturnMessge = new HttpResponseMessage(HttpStatusCode.OK)
{
Content = new StringContent(JsonConvert.SerializeObject(describedCertificate))
};
Log.Debug(
"Successfully described extracted certificate from ip {requesterIp}",
Request.GetRemoteIp());
return(SuccessResult(certificateDescribeReturnMessge, context));
default:
return(ErrorResultBadRequest($"Command {command} is not supported.", context));
}
}
catch (OperationCanceledException opce)
{
Log.Warning("Client disconnected prior to singing completion");
return(ErrorResultBadRequest(opce, context));
}
catch (Exception ex)
{
Log.Error(ex, "Error occured during signing process with command: {command}", command);
return(ErrorResultBadRequest(ex, context));
}
finally
{
SaveOperationContext(context);
Program.WebApiHost.ClientDisconnected();
}
}
