/// <summary>
/// Revokes the certificate.
/// </summary>
/// <param name="certificate">The certificate in DER format.</param>
/// <param name="reason">The reason for revocation.</param>
/// <param name="certificatePrivateKey">The certificate's private key.</param>
/// <returns>
/// The awaitable.
/// </returns>
public async Task RevokeCertificate(byte[] certificate, RevocationReason reason, IKey certificatePrivateKey)
{
var endpoint = await this.GetResourceUri(d => d.RevokeCert);
var body = new CertificateRevocation
{
Certificate = JwsConvert.ToBase64String(certificate),
Reason = reason
};
JwsPayload payload;
if (certificatePrivateKey != null)
{
var jws = new JwsSigner(certificatePrivateKey);
payload = jws.Sign(body, url: endpoint, nonce: await HttpClient.ConsumeNonce());
}
else
{
payload = await Sign(body, endpoint);
}
await HttpClient.Post <string>(endpoint, payload, true);
}
/// <summary>
/// Initializes a new instance of the <see cref="RevokeGlobalCardRequest" /> class.
/// </summary>
/// <param name="cardId">The card ID to be revoked.</param>
/// <param name="reason">The revocation reason.</param>
/// <param name="validationToken">The validation token.</param>
public RevokeGlobalCardRequest(string cardId, RevocationReason reason, string validationToken)
: base(new RevokeCardSnapshotModel {
CardId = cardId, Reason = reason
})
{
this.validationToken = validationToken;
}
protected override void RestoreRequest(byte[] snapshot, Dictionary <string, byte[]> signatures)
{
this.takenSnapshot = snapshot;
this.acceptedSignatures = signatures;
var json = Encoding.UTF8.GetString(snapshot);
var details = JsonSerializer.Deserialize <RevokeCardModel>(json);
this.CardId = details.CardId;
this.Reason = details.Reason;
}
public async Task RevokeCertificateAsync(Certificate certificate, RevocationReason reason = RevocationReason.Unspecified)
{
var certificateRevocation = new CertificateRevocation
{
Certificate = JwsConvert.ToBase64String(certificate.GetOriginalCertificate()),
Reason = reason
};
var directory = await GetDirectoryAsync();
var nonce = await GetNonceAsync();
var signedData = new JwsSigner(certificate.Key).Sign(certificateRevocation, url: directory.RevokeCert, nonce: nonce);
var result = await PostAsync <Empty>(directory.RevokeCert, signedData);
}
/// <summary>
/// Send a revoke certificate request for the selected certificate.
/// </summary>
/// <param name="certificate">Certificate to revoke.</param>
/// <param name="revocationReason">Reason for revocation.</param>
/// <param name="cancellationToken">Cancellation token for the async call.</param>
/// <returns></returns>
/// <exception cref="Exceptions.API.UnauthorizedException">Thrown if the user isn't authorized to revoke the certificate.</exception>
/// <exception cref="Exceptions.API.BadRevocationReasonException">Thrown if the <paramref name="revocationReason"/> isn't allowed.</exception>
public async Task RevokeCertificateAsync(X509Certificate2 certificate, RevocationReason revocationReason, CancellationToken cancellationToken = default)
{
if (certificate == null)
{
throw new ArgumentNullException(nameof(certificate));
}
var revocationRequest = new CertificateRevocationRequest
{
Reason = revocationReason,
Certificate = certificate.GetPublicKeyString()
};
await client.PostAsync <string>(Directory.RevokeCertificate, revocationRequest, cancellationToken);
}
/// <summary>
/// Revokes the provided certificate from the ACME Service.
/// </summary>
/// <param name="certificate">the certificate to revoke</param>
/// <returns>true in case of success, false otherwise</returns>
public async Task <bool> RevokeCertificate(X509Certificate2 certificate, int reason)
{
if (certificate == null)
{
return(false);
}
try {
InitCertes();
RevocationReason rr = (RevocationReason)(Enum.GetValues(RevocationReason.Unspecified.GetType())).GetValue(reason);
await _acme.RevokeCertificate(certificate.RawData, rr, null);
return(true);
} catch (Exception exp) {
logger.Error($"Failed to revoke certificate with serial {certificate.GetSerialNumberString()} from CA: {ProcessCertesException(exp)}");
return(false);
}
}
/// <summary>
/// Revokes the certificate.
/// </summary>
/// <param name="certificate">The certificate in DER format.</param>
/// <param name="reason">The reason for revocation.</param>
/// <param name="certificatePrivateKey">The certificate's private key.</param>
/// <returns>
/// The awaitable.
/// </returns>
public async Task RevokeCertificate(byte[] certificate, RevocationReason reason, IKey certificatePrivateKey)
{
var endpoint = await this.GetResourceUri(d => d.RevokeCert);
var body = new CertificateRevocation
{
Certificate = JwsConvert.ToBase64String(certificate),
Reason = reason
};
if (certificatePrivateKey != null)
{
var jws = new JwsSigner(certificatePrivateKey);
await HttpClient.Post <string>(jws, endpoint, body, true);
}
else
{
await HttpClient.Post <string>(this, endpoint, body, true);
}
}
public void Revoke(X509Certificate certificate, RevocationReason reason, DateTimeOffset revocationDate)
{
if (certificate == null)
{
throw new ArgumentNullException(nameof(certificate));
}
if (!_issuedCertificates.ContainsKey(certificate.SerialNumber))
{
throw new ArgumentException("Unknown serial number.", nameof(certificate));
}
if (_revokedCertificates.ContainsKey(certificate.SerialNumber))
{
throw new ArgumentException("Certificate already revoked.", nameof(certificate));
}
_revokedCertificates.Add(
certificate.SerialNumber,
new RevocationInfo(certificate.SerialNumber, revocationDate, reason));
}
internal RevocationInfo(BigInteger serialNumber, DateTimeOffset revocationDate, RevocationReason reason)
{
SerialNumber = serialNumber;
RevocationDate = revocationDate;
Reason = reason;
}
/// <summary>
/// Initializes a new instance of the <see cref="DeleteRelationRequest"/> class.
/// </summary>
/// <param name="cardId">The card ID to be revoked.</param>
/// <param name="reason">The revocation reason.</param>
public DeleteRelationRequest(string cardId, RevocationReason reason) : base(cardId, reason)
{
}
public async Task Revoke(byte[] cert, RevocationReason reason)
{
await _acmeContext.RevokeCertificate(cert, reason, null);
}
/// <summary>
/// Initializes a new instance of the <see cref="RevokeCardRequest"/> class.
/// </summary>
public RevokeCardRequest(string cardId, RevocationReason reason)
{
this.CardId = cardId;
this.Reason = reason;
}
/// <summary>
/// Initializes a new instance of the <see cref="RevokeCardRequest" /> class.
/// </summary>
/// <param name="cardId">The card ID to be revoked.</param>
/// <param name="reason">The revocation reason.</param>
public RevokeCardRequest(string cardId, RevocationReason reason)
: base(new RevokeCardSnapshotModel {
CardId = cardId, Reason = reason
})
{
}
