/// <summary>
/// Updates policy module flags by writing them to Certification Authority.
/// </summary>
/// <param name="restart">
/// Indicates whether to restart certificate services to immediately apply changes. Updated settings has no effect
/// until CA service is restarted.
/// </param>
/// <exception cref="UnauthorizedAccessException">
/// The caller do not have sufficient permissions to make changes in the CA configuration.
/// </exception>
/// <exception cref="ServerUnavailableException">
/// The target CA server could not be contacted via remote registry and RPC protocol.
/// </exception>
/// <returns>
/// <strong>True</strong> if configuration was changed. If an object was not modified since it was instantiated, configuration is not updated
/// and the method returns <strong>False</strong>.
/// </returns>
/// <remarks>The caller must have <strong>Administrator</strong> permissions on the target CA server.</remarks>
public Boolean SetInfo(Boolean restart)
{
if (IsModified)
{
if (CryptoRegistry.Ping(ComputerName))
{
CryptoRegistry.SetRReg((Int32)EditFlags, "EditFlags", RegistryValueKind.DWord, $@"{Name}\PolicyModules\{activePolicyModule}", ComputerName);
if (restart)
{
CertificateAuthority.Restart(ComputerName);
}
IsModified = false;
return(true);
}
if (CertificateAuthority.Ping(ComputerName))
{
CryptoRegistry.SetRegFallback(configString, $@"PolicyModules\{activePolicyModule}", "EditFlags", (Int32)EditFlags);
if (restart)
{
CertificateAuthority.Restart(ComputerName);
}
IsModified = false;
return(true);
}
ServerUnavailableException e = new ServerUnavailableException(DisplayName);
e.Data.Add(nameof(e.Source), (OfflineSource)3);
throw e;
}
return(false);
}
void m_initialize(CertificateAuthority certificateAuthority)
{
Name = certificateAuthority.Name;
DisplayName = certificateAuthority.DisplayName;
ComputerName = certificateAuthority.ComputerName;
configString = certificateAuthority.ConfigString;
version = certificateAuthority.Version;
isEnterprise = certificateAuthority.IsEnterprise;
if (CryptoRegistry.Ping(ComputerName))
{
activePolicyModule = (String)CryptoRegistry.GetRReg("Active", $@"{Name}\PolicyModules", ComputerName);
EditFlags = (PolicyModuleFlagEnum)CryptoRegistry.GetRReg("EditFlags", $@"{Name}\PolicyModules\{activePolicyModule}", ComputerName);
}
else
{
if (CertificateAuthority.Ping(ComputerName))
{
activePolicyModule = (String)CryptoRegistry.GetRegFallback(configString, "PolicyModules", "EditFlags");
EditFlags = (PolicyModuleFlagEnum)CryptoRegistry.GetRegFallback(configString, $@"PolicyModules\{activePolicyModule}", "EditFlags");
}
else
{
ServerUnavailableException e = new ServerUnavailableException(DisplayName);
e.Data.Add(nameof(e.Source), (OfflineSource)3);
throw e;
}
}
}
/// <summary>
/// Writes this object to a securable object's Access Control List.
/// </summary>
/// <param name="restart">
/// Indiciates whether to restart certificate services to immediately apply changes. Updated settings has
/// no effect until CA service is restarted.
/// </param>
/// <exception cref="ServerUnavailableException">
/// The target CA server could not be contacted via remote registry and RPC protocol.
/// </exception>
public void SetObjectSecurity(Boolean restart)
{
if (CryptoRegistry.Ping(ComputerName))
{
CryptoRegistry.SetRReg(GetSecurityDescriptorBinaryForm(), "Security", _name, ComputerName);
if (restart)
{
CertificateAuthority.Restart(ComputerName);
}
return;
}
if (CertificateAuthority.Ping(ComputerName))
{
CryptoRegistry.SetRegFallback(_config, String.Empty, "Security", GetSecurityDescriptorBinaryForm());
if (restart)
{
CertificateAuthority.Restart(ComputerName);
}
return;
}
ServerUnavailableException e = new ServerUnavailableException(DisplayName);
e.Data.Add("Source", (OfflineSource)3);
throw e;
}
void m_initialize(CertificateAuthority certificateAuthority)
{
Name = certificateAuthority.Name;
DisplayName = certificateAuthority.DisplayName;
ComputerName = certificateAuthority.ComputerName;
ConfigString = certificateAuthority.ConfigString;
Version = certificateAuthority.Version;
if (CryptoRegistry.Ping(ComputerName))
{
CRLFlags = (CRLFlagEnum)CryptoRegistry.GetRReg("CRLFlags", Name, ComputerName);
}
else
{
if (CertificateAuthority.Ping(ComputerName))
{
CRLFlags = (CRLFlagEnum)CryptoRegistry.GetRegFallback(ConfigString, "", "CRLFlags");
}
else
{
ServerUnavailableException e = new ServerUnavailableException(DisplayName);
e.Data.Add(nameof(e.Source), (OfflineSource)3);
throw e;
}
}
}
/// <summary>
/// Updates management interface flags by writing them to Certification Authority.
/// </summary>
/// <param name="restart">
/// Indiciates whether to restart certificate services to immediately apply changes. Updated settings has no effect
/// until CA service is restarted.
/// </param>
/// <exception cref="UnauthorizedAccessException">
/// The caller do not have sufficient permissions to make changes in the CA configuration.
/// </exception>
/// <exception cref="ServerUnavailableException">
/// The target CA server could not be contacted via remote registry and RPC protocol.
/// </exception>
/// <returns>
/// <strong>True</strong> if configuration was changed. If an object was not modified since it was instantiated, configuration is not updated
/// and the method returns <strong>False</strong>.
/// </returns>
/// <remarks>The caller must have <strong>Administrator</strong> permissions on the target CA server.</remarks>
public Boolean SetInfo(Boolean restart)
{
if (IsModified)
{
if (CryptoRegistry.Ping(ComputerName))
{
CryptoRegistry.SetRReg((Int32)InterfaceFlags, "InterfaceFlags", RegistryValueKind.DWord, Name, ComputerName);
if (restart)
{
CertificateAuthority.Restart(ComputerName);
}
IsModified = false;
return(true);
}
if (CertificateAuthority.Ping(ComputerName))
{
CryptoRegistry.SetRegFallback(ConfigString, String.Empty, "InterfaceFlags", (Int32)InterfaceFlags);
if (restart)
{
CertificateAuthority.Restart(ComputerName);
}
IsModified = false;
return(true);
}
ServerUnavailableException e = new ServerUnavailableException(DisplayName);
e.Data.Add(nameof(e.Source), (OfflineSource)3);
throw e;
}
return(false);
}
/// <summary>
/// Updates policy module extension lists by writing them to Certification Authority.
/// </summary>
/// <param name="restart">
/// Indiciates whether to restart certificate services to immediately apply changes. Updated settings has no effect
/// until CA service is restarted.</param>
/// <exception cref="UnauthorizedAccessException">
/// If the caller do not have sufficient permissions to make changes in the CA configuration.
/// </exception>
/// <exception cref="ServerUnavailableException">
/// If the target CA server could not be contacted via remote registry and RPC protocol.
/// </exception>
/// <returns>
/// <strong>True</strong> if configuration was changed. If an object was not modified since it was instantiated, configuration is not updated
/// and the method returns <strong>False</strong>.
/// </returns>
/// <remarks>The caller must have <strong>Administrator</strong> permissions on the target CA server.</remarks>
public Boolean SetInfo(Boolean restart)
{
if (IsModified)
{
List <String> oidstrings;
if (CryptoRegistry.Ping(ComputerName))
{
String path = $@"{Name}\PolicyModules\{ActivePolicyModule}";
oidstrings = EnabledExtensionList.Select(oid => oid.Value).ToList();
CryptoRegistry.SetRReg(oidstrings, "EnableRequestExtensionList", path, ComputerName);
oidstrings.Clear();
oidstrings.AddRange(OfflineExtensionList.Select(oid => oid.Value));
CryptoRegistry.SetRReg(oidstrings, "EnableEnrolleeRequestExtensionList", path, ComputerName);
oidstrings.Clear();
oidstrings.AddRange(DisabledExtensionList.Select(oid => oid.Value));
CryptoRegistry.SetRReg(oidstrings, "DisableExtensionList", path, ComputerName);
oidstrings.Clear();
if (restart)
{
CertificateAuthority.Restart(ComputerName);
}
IsModified = false;
return(true);
}
if (CertificateAuthority.Ping(ComputerName))
{
String path = $@"PolicyModules\{ActivePolicyModule}";
oidstrings = EnabledExtensionList.Select(oid => oid.Value).ToList();
CryptoRegistry.SetRegFallback(ConfigString, path, "EnableRequestExtensionList", oidstrings.ToArray());
oidstrings.Clear();
oidstrings.AddRange(OfflineExtensionList.Select(oid => oid.Value));
CryptoRegistry.SetRegFallback(ConfigString, path, "EnableEnrolleeRequestExtensionList", oidstrings.ToArray());
oidstrings.Clear();
oidstrings.AddRange(DisabledExtensionList.Select(oid => oid.Value));
CryptoRegistry.SetRegFallback(ConfigString, path, "DisableExtensionList", oidstrings.ToArray());
oidstrings.Clear();
if (restart)
{
CertificateAuthority.Restart(ComputerName);
}
IsModified = false;
return(true);
}
ServerUnavailableException e = new ServerUnavailableException(DisplayName);
e.Data.Add(nameof(e.Source), (OfflineSource)3);
throw e;
}
return(false);
}
void m_initialize(CertificateAuthority certificateAuthority)
{
List <Oid> Oids = new List <Oid>();
Name = certificateAuthority.Name;
DisplayName = certificateAuthority.DisplayName;
ComputerName = certificateAuthority.ComputerName;
ConfigString = certificateAuthority.ConfigString;
if (CryptoRegistry.Ping(ComputerName))
{
ActivePolicyModule = (String)CryptoRegistry.GetRReg("Active", $@"{Name}\PolicyModules", ComputerName);
String[] oidstrings = (String[])CryptoRegistry.GetRReg("EnableRequestExtensionList", $@"{Name}\PolicyModules\{ActivePolicyModule}", ComputerName);
Oids.AddRange(oidstrings.Select(item => new Oid(item)));
EnabledExtensionList = Oids.ToArray();
Oids.Clear();
oidstrings = (String[])CryptoRegistry.GetRReg("EnableEnrolleeRequestExtensionList", $@"{Name}\PolicyModules\{ActivePolicyModule}", ComputerName);
Oids.AddRange(oidstrings.Select(item => new Oid(item)));
OfflineExtensionList = Oids.ToArray();
Oids.Clear();
oidstrings = (String[])CryptoRegistry.GetRReg("DisableExtensionList", $@"{Name}\PolicyModules\{ActivePolicyModule}", ComputerName);
Oids.AddRange(oidstrings.Select(item => new Oid(item)));
DisabledExtensionList = Oids.ToArray();
Oids.Clear();
}
else
{
if (CertificateAuthority.Ping(ComputerName))
{
ActivePolicyModule = (String)CryptoRegistry.GetRReg("Active", $@"{Name}\PolicyModules", ComputerName);
String[] oidstrings = (String[])CryptoRegistry.GetRegFallback(ConfigString, $@"PolicyModules\{ActivePolicyModule}", "EnableRequestExtensionList");
Oids.AddRange(oidstrings.Select(item => new Oid(item)));
EnabledExtensionList = Oids.ToArray();
Oids.Clear();
oidstrings = (String[])CryptoRegistry.GetRegFallback(ConfigString, $@"PolicyModules\{ActivePolicyModule}", "EnableEnrolleeRequestExtensionList");
Oids.AddRange(oidstrings.Select(item => new Oid(item)));
OfflineExtensionList = Oids.ToArray();
Oids.Clear();
oidstrings = (String[])CryptoRegistry.GetRegFallback(ConfigString, $@"PolicyModules\{ActivePolicyModule}", "DisableExtensionList");
Oids.AddRange(oidstrings.Select(item => new Oid(item)));
DisabledExtensionList = Oids.ToArray();
}
else
{
ServerUnavailableException e = new ServerUnavailableException(DisplayName);
e.Data.Add(nameof(e.Source), (OfflineSource)3);
throw e;
}
}
}
