/// <summary>
/// Retrieves the most recent 'CA Exchange' certificate. If the certificate does not exist, the method
/// will instruct CA server to generate or enroll a new one.
/// </summary>
/// <exception cref="UninitializedObjectException">The object is not properly initialized.</exception>
/// <exception cref="ServerUnavailableException">CA server is not accessible via RPC/DCOM.</exception>
/// <exception cref="UnauthorizedAccessException">The caller do not have at least <strong>Read</strong> permissions.</exception>
/// <exception cref="PlatformNotSupportedException">Current CA is not <strong>Enterprise CA</strong>. Only Enterprise CAs supports this feature.</exception>
/// <returns>CA Exchange certificate.</returns>
public X509Certificate2 GetCAExchangeCertificate()
{
if (String.IsNullOrEmpty(Name))
{
throw new UninitializedObjectException();
}
if (!IsEnterprise)
{
throw new PlatformNotSupportedException(Error.E_NONENTERPRISE);
}
if (!Ping())
{
ServerUnavailableException e = new ServerUnavailableException(DisplayName);
e.Data.Add(nameof(e.Source), OfflineSource.DCOM);
throw e;
}
var CertRequest = new CCertRequest();
try {
Int32 index = (Int32)CertRequest.GetCAProperty(ConfigString, CertAdmConstants.CrPropCaxchgcertcount, 0, 1, 0) - 1;
if (index >= 0)
{
String Base64 = (String)CertRequest.GetCAProperty(ConfigString, CertAdmConstants.CrPropCaxchgcert, index, 3, 1);
return(new X509Certificate2(Convert.FromBase64String(Base64)));
}
throw new Exception(String.Format(Error.E_XCHGUNAVAILABLE, DisplayName));
} catch (Exception e) {
throw Error.ComExceptionHandler(e);
} finally {
CryptographyUtils.ReleaseCom(CertRequest);
}
}
/// <summary>
/// Returns all CA certificates.
/// </summary>
/// <exception cref="UninitializedObjectException">
/// Current object is not initialized.
/// </exception>
/// <exception cref="ServerUnavailableException">
/// Current CA server could not be contacted via remote registry and RPC protocol.
/// </exception>
/// <returns>A collection of CA certificates.</returns>
public X509Certificate2Collection GetCACerts()
{
if (String.IsNullOrEmpty(Name))
{
throw new UninitializedObjectException();
}
if (!Ping())
{
var e = new ServerUnavailableException(DisplayName);
e.Data.Add(nameof(e.Source), OfflineSource.DCOM);
throw e;
}
var CertRequest = new CCertRequest();
var certs = new X509Certificate2Collection();
Int32 count = (Int32)CertRequest.GetCAProperty(ConfigString, CertAdmConstants.CrPropCasigcertcount, 0, 1, 0);
for (Int32 index = 0; index < count; index++)
{
certs.Add(new X509Certificate(Convert.FromBase64String((String)CertRequest.GetCAProperty(ConfigString, CertAdmConstants.CrPropCasigcert, index, 3, 1))));
}
CryptographyUtils.ReleaseCom(CertRequest);
return(certs);
}
void getVersion()
{
if (RegistryOnline)
{
switch ((Int32)CryptoRegistry.GetRReg("Version", String.Empty, ComputerName))
{
case 0x00010001: Version = "2000"; break;
case 0x00020002: Version = "2003"; break;
case 0x00030001: Version = "2008"; break;
case 0x00040001: Version = "2008R2"; break;
case 0x00050001: Version = "2012"; break;
case 0x00060001: Version = "2012R2"; break;
// there are no functional changes between 2016 and 2019, so treat them both as 2016
case 0x00070001:
case 0x00080001: Version = "2016"; break;
}
SetupStatus = (SetupStatusEnum)CryptoRegistry.GetRReg("SetupStatus", String.Empty, ComputerName);
}
else
{
String ver = (String)_certRequest.GetCAProperty(ConfigString, CertAdmConstants.CrPropProductversion, 0, 4, 0);
String[] vers = ver.Split(new [] { ":" }, StringSplitOptions.RemoveEmptyEntries);
switch (vers[0])
{
case "5.0": Version = "2000"; break;
case "5.2": Version = "2003"; break;
case "6.0": Version = "2008"; break;
case "6.1": Version = "2008R2"; break;
case "6.2": Version = "2012"; break;
case "6.3": Version = "2012R2"; break;
default:
Version = vers[0].StartsWith("10.0")
? "2016"
: "Unknown";
break;
}
SetupStatus = SetupStatusEnum.Unknown;
}
}
public IEnumerable <Template> GetCaTemplates(string caServer)
{
var certRequest = new CCertRequest();
var templates = new List <Template>();
var regex = new Regex(@"([A-Za-z]+)");
var value = certRequest.GetCAProperty(caServer, 29, 0, 4, 0).ToString();
var lines = Regex.Split(value, @"\n");
foreach (var line in lines)
{
var match = regex.Match(line);
if (match.Success)
{
templates.Add(new Template {
Name = line
});
}
}
return(templates);
}
void m_initialize(CertificateAuthority certificateAuthority)
{
if (!certificateAuthority.IsEnterprise)
{
throw new PlatformNotSupportedException();
}
if (!certificateAuthority.Ping())
{
var e = new ServerUnavailableException(certificateAuthority.DisplayName);
e.Data.Add(nameof(e.Source), OfflineSource.DCOM);
throw e;
}
Name = certificateAuthority.Name;
DisplayName = certificateAuthority.DisplayName;
ComputerName = certificateAuthority.ComputerName;
version = certificateAuthority.Version;
sku = certificateAuthority.Sku;
configString = certificateAuthority.ConfigString;
var CertAdmin = new CCertRequest();
String templates = (String)CertAdmin.GetCAProperty(certificateAuthority.ConfigString, CertAdmConstants.CrPropTemplates, 0, CertAdmConstants.ProptypeString, 0);
var toBeAdded = new List <CertificateTemplate>();
if (templates != String.Empty)
{
String[] SplitString = { "\n" };
String[] TempArray = templates.Split(SplitString, StringSplitOptions.RemoveEmptyEntries);
for (Int32 index = 0; index < TempArray.Length; index += 2)
{
toBeAdded.Add(new CertificateTemplate("Name", TempArray[index]));
}
Templates = toBeAdded.ToArray();
}
else
{
Templates = new CertificateTemplate[0];
}
}
public string SelectCA()
{
var certConfig = new CCertConfig();
var certRequest = new CCertRequest();
try
{
// Get CA config from UI
var caConfig = certConfig.GetConfig((int)CertificateConfiguration.CC_UIPICKCONFIG);
if (string.IsNullOrWhiteSpace(caConfig))
{
return(null);
}
// Get CA Connection string
var ca = certConfig.GetField("Config");
// Get CA Type
var caType = certRequest.GetCAProperty(caConfig, 10, 0, 1, 0).ToString();
var caTypeText = "";
switch (caType)
{
case "0":
caTypeText = "ENTERPRISE ROOT CA";
break;
case "1":
caTypeText = "ENTERPRISE SUB CA";
break;
case "3":
caTypeText = "STANDALONE ROOT CA";
break;
case "4":
caTypeText = "STANDALONE SUB CA";
break;
}
return(ca);
}
catch (Exception ex)
{
string error = null;
if (ex.HResult.ToString() == "-2147023673")
{
error = "Closed By user";
}
else if (ex.HResult.ToString() == "-2147024637")
{
error = "Can't find available Servers";
}
else
{
error = ex.Message + " " + ex.HResult;
}
throw new Exception(error, ex);
}
}