private void revokeToolStripMenuItem_Click_1(object sender, EventArgs e)
{
if (lstItems.SelectedItems.Count <= 0)
{
return;
}
EnrolledYubikey item = lstItems.SelectedItems[0].Tag as EnrolledYubikey;
if (item == null)
{
return;
}
DialogResult dlgResult = MetroMessageBox.Show(this, "Revoke the certificate enrolled at " + item.EnrolledAt.ToLocalTime() + " for " + item.Username + ". This action will revoke " +
"the certificate, but will NOT wipe the yubikey." + Environment.NewLine + Environment.NewLine +
"Certificate: " + item.Certificate.Serial + Environment.NewLine +
"Subject: " + item.Certificate.Subject + Environment.NewLine +
"Issuer: " + item.Certificate.Issuer + Environment.NewLine +
"Valid: " + item.Certificate.StartDate + " to " + item.Certificate.ExpireDate,
"Revoke certificate?", MessageBoxButtons.YesNo, MessageBoxIcon.Exclamation, MessageBoxDefaultButton.Button2);
if (dlgResult != DialogResult.Yes)
{
return;
}
DlgProgress prg = new DlgProgress("Revoking certificate");
prg.WorkerAction = worker =>
{
worker.ReportProgress(20, "Revoking certificate ...");
// Begin
try
{
CertificateUtilities.RevokeCertificate(item.CA, item.Certificate.Serial);
// Revoked
_dataStore.Remove(item);
}
catch (Exception ex)
{
MetroMessageBox.Show(this,
"Unable to revoke certificate " + item.Certificate.Serial + " of " + item.CA +
" enrolled on " + item.EnrolledAt + ". There was an error." + Environment.NewLine +
Environment.NewLine + ex.Message, "An error occurred.", MessageBoxButtons.OK, MessageBoxIcon.Warning);
return;
}
worker.ReportProgress(100, string.Empty);
// Write to disk
_dataStore.Save(FileStore);
};
prg.ShowDialog();
RefreshUserStore();
RefreshInsertedKey();
}
private void terminateToolStripMenuItem1_Click(object sender, EventArgs e)
{
if (lstItems.SelectedItems.Count <= 0)
{
return;
}
EnrolledYubikey item = lstItems.SelectedItems[0].Tag as EnrolledYubikey;
if (item == null)
{
return;
}
X509Certificate2 currentCert = new X509Certificate2(item.Certificate.RawCertificate);
DialogResult dlgResult = MessageBox.Show("This will terminate the Yubikey, wiping the PIN, PUK, Management Key and Certificates. " +
"This will also revoke the certificate. Proceeed?" + Environment.NewLine + Environment.NewLine +
"Will revoke: " + currentCert.Subject + Environment.NewLine +
"By: " + currentCert.Issuer, "Terminate (WILL revoke)",
MessageBoxButtons.YesNo, MessageBoxIcon.Exclamation, MessageBoxDefaultButton.Button2);
if (dlgResult != DialogResult.Yes)
{
return;
}
DlgPleaseInsertYubikey yubiWaiter = new DlgPleaseInsertYubikey(item);
DialogResult result = yubiWaiter.ShowDialog();
if (result != DialogResult.OK)
{
return;
}
DlgProgress prg = new DlgProgress("Terminating certificate");
prg.WorkerAction = worker =>
{
worker.ReportProgress(20, "Revoking certificate ...");
// Begin
try
{
CertificateUtilities.RevokeCertificate(item.CA, item.Certificate.Serial);
// Revoked
_dataStore.Remove(item);
}
catch (Exception ex)
{
MessageBox.Show(
"Unable to revoke certificate " + item.Certificate.Serial + " of " + item.CA +
" enrolled on " + item.EnrolledAt + ". There was an error." + Environment.NewLine +
Environment.NewLine + ex.Message, "An error occurred.", MessageBoxButtons.OK, MessageBoxIcon.Warning);
return;
}
// Wipe the Yubikey
worker.ReportProgress(50, "Wiping Yubikey ...");
string devName = YubikeyPivManager.Instance.ListDevices().FirstOrDefault();
bool hasDevice = !string.IsNullOrEmpty(devName);
if (hasDevice)
{
using (YubikeyPivDevice dev = YubikeyPivManager.Instance.OpenDevice(devName))
{
int serial = (int)dev.GetSerialNumber();
if (item.DeviceSerial != serial)
{
// Something went seriously wrong - perhaps the user switched keys?
MessageBox.Show("Unable to reset the yubikey. The inserted key did not match the key you wanted to wipe.", "An error occurred.", MessageBoxButtons.OK, MessageBoxIcon.Warning);
return;
}
}
using (YubikeyPivDevice piv = YubikeyPivManager.Instance.OpenDevice(devName))
{
piv.BlockPin();
worker.ReportProgress(70);
piv.BlockPuk();
worker.ReportProgress(90);
bool reset = piv.ResetDevice();
if (!reset)
{
MessageBox.Show("Unable to reset the yubikey. Try resetting it manually.", "An error occurred.", MessageBoxButtons.OK, MessageBoxIcon.Warning);
}
worker.ReportProgress(100);
}
}
// Write to disk
_dataStore.Save(FileStore);
};
prg.ShowDialog();
RefreshUserStore();
RefreshInsertedKey();
}
