public async Task <IList <X509Certificate2> > GetTrustBundleAsync(Uri providerUri, string apiVersion)
{
HttpClient httpClient = null;
try
{
httpClient = HttpClientHelper.GetHttpClient(providerUri);
var hsmHttpClient = new HttpHsmClient(httpClient)
{
BaseUrl = HttpClientHelper.GetBaseUrl(providerUri)
};
TrustBundleResponse response = await GetTrustBundleWithRetry(hsmHttpClient, apiVersion).ConfigureAwait(false);
var certs = ParseCertificates(response.Certificate);
return(certs);
}
catch (Exception ex)
{
switch (ex)
{
case SwaggerException <ErrorResponse> errorResponseException:
throw new HttpHsmComunicationException($"Error calling GetTrustBundleWithRetry: {errorResponseException.Result?.Message ?? string.Empty}", errorResponseException.StatusCode);
case SwaggerException swaggerException:
throw new HttpHsmComunicationException($"Error calling GetTrustBundleWithRetry: {swaggerException.Response ?? string.Empty}", swaggerException.StatusCode);
default:
throw;
}
}
finally
{
httpClient?.Dispose();
}
}
private async Task <SignResponse> SignAsyncWithRetry(HttpHsmClient hsmHttpClient, string moduleId, string generationId, SignRequest signRequest)
{
var transientRetryPolicy = new RetryPolicy(TransientErrorDetectionStrategy, TransientRetryStrategy);
SignResponse response = await transientRetryPolicy.ExecuteAsync(() => hsmHttpClient.SignAsync(_apiVersion, moduleId, generationId, signRequest));
return(response);
}
private static async Task <TrustBundleResponse> GetTrustBundleWithRetryAsync(
HttpHsmClient hsmHttpClient,
string apiVersion)
{
var transientRetryPolicy = new RetryPolicy(s_transientErrorDetectionStrategy, s_transientRetryStrategy);
return(await transientRetryPolicy
.RunWithRetryAsync(() => hsmHttpClient.TrustBundleAsync(apiVersion))
.ConfigureAwait(false));
}
public async Task <string> SignAsync(string moduleId, string generationId, string data)
{
if (string.IsNullOrEmpty(moduleId))
{
throw new ArgumentNullException(nameof(moduleId));
}
if (string.IsNullOrEmpty(generationId))
{
throw new ArgumentNullException(nameof(generationId));
}
var signRequest = new SignRequest()
{
KeyId = DefaultKeyId,
Algo = DefaultSignRequestAlgo,
Data = Encoding.UTF8.GetBytes(data)
};
HttpClient httpClient = HttpClientHelper.GetHttpClient(_providerUri);
try
{
var hsmHttpClient = new HttpHsmClient(httpClient)
{
BaseUrl = HttpClientHelper.GetBaseUrl(_providerUri)
};
SignResponse response = await this.SignAsyncWithRetry(hsmHttpClient, moduleId, generationId, signRequest);
return(Convert.ToBase64String(response.Digest));
}
catch (Exception ex)
{
switch (ex)
{
case SwaggerException <ErrorResponse> errorResponseException:
throw new HttpHsmComunicationException(
$"Error calling SignAsync: {errorResponseException.Result?.Message ?? string.Empty}",
errorResponseException.StatusCode);
case SwaggerException swaggerException:
throw new HttpHsmComunicationException(
$"Error calling SignAsync: {swaggerException.Response ?? string.Empty}",
swaggerException.StatusCode);
default:
throw;
}
}
finally
{
httpClient.Dispose();
}
}