public Object Clone() { EnterpriseKeyConfig clone = new EnterpriseKeyConfig(); clone.enterpriseId = this.enterpriseId; clone.ServerPKCS12Cert = this.ServerPKCS12Cert; clone.ClientPKCS12Cert = this.ClientPKCS12Cert; clone.ServerCert = this.ServerCert; clone.ServerPKCS12String = this.ServerPKCS12String; clone.ClientPKCS12String = this.ClientPKCS12String; clone.ServerCertString = this.ServerCertString; clone.ServerInstallationKey = this.ServerInstallationKey; return(clone); }
public void RenewCert(SqlConnection conn) { base.Connection = conn; DataTable dt = ExecuteDataTable("select server_cert, server_pkcs12_cert from server_cert with(nolock)"); if ((dt != null) && (dt.Rows.Count > 0)) //Existe certificado, então lê { //Resgata o certificado do banco X509Certificate atualServerPKCS12Cert = CATools.LoadCert(Convert.FromBase64String(dt.Rows[0]["server_pkcs12_cert"].ToString()), "w0):X,\\Q4^NoIO,):Z!."); //Primeiramente atualiza todas as senhas atuais para a senha usando o certificado da empresa SqlTransaction trans = null; /* * conn.BeginTransaction(); * try * { * //Criptografa a senha de todas as entidades * DataTable dtEnterprise = ExecuteDataTable("select * from enterprise with(nolock)", trans); * if (dtEnterprise == null) * throw new Exception("Erro on enterprise SQL"); * * foreach (DataRow drEnt in dtEnterprise.Rows) * { * Console.WriteLine("Enterprise " + drEnt["id"]); * * using (EnterpriseKeyConfig ek = new EnterpriseKeyConfig(conn, (Int64)drEnt["id"], trans)) * { * * DataTable dtEnt = ExecuteDataTable("select e.id, e.login, e.password from entity e with(nolock) inner join context c with(nolock) on c.id = e.context_id where c.enterprise_id = " + drEnt["id"], trans); * if (dtEnt == null) * throw new Exception("Erro on SQL"); * * foreach (DataRow dr in dtEnt.Rows) * { * Console.Write("\t[SK] Entity " + dr["id"] + ": "); * * CryptApi decryptApi = null; * try * { * * try * { * //Tenta decriptografia com certificado da empresa * decryptApi = CryptApi.ParsePackage(ek.ServerPKCS12Cert, Convert.FromBase64String(dr["password"].ToString())); * * //Processo OK, a senha ja está usando o certificado da empresa * Console.WriteLine("OK"); * continue; * * } * catch * { * * //Tenta decriptografia com o certificado geral do servidor * //Se conseguir atualiza a senha para o certificado da empresa * decryptApi = CryptApi.ParsePackage(atualServerPKCS12Cert, Convert.FromBase64String(dr["password"].ToString())); * } * * using (CryptApi ecryptApi = new CryptApi(ek.ServerCert, decryptApi.clearData)) * { * * DbParameterCollection pPar = new DbParameterCollection(); * String b64 = Convert.ToBase64String(ecryptApi.ToBytes()); * pPar.Add("@password", typeof(String), b64.Length).Value = b64; * * Exception ex1 = null; * for (Int32 count = 1; count <= 3; count++) * { * try * { * ExecuteNonQuery("update entity set password = @password where id = " + dr["id"], CommandType.Text, pPar, trans); * ex1 = null; * break; * } * catch (Exception ex) * { * ex1 = ex; * if (ex.Message.ToLower().IndexOf("timeout") != -1) * { * System.Threading.Thread.Sleep(1000 * count); * } * } * } * * if (ex1 != null) * throw ex1; * * Log(drEnt["id"].ToString(), dr["id"].ToString(), dr["login"].ToString(), Encoding.UTF8.GetString(decryptApi.clearData)); * Console.WriteLine("OK, Updated"); * } * * } * catch (Exception ex) * { * Console.WriteLine("Err"); * throw ex; * } * finally * { * if (decryptApi != null) decryptApi.Dispose(); * } * * } * * } * * Console.WriteLine(""); * } * * //Se tudo estiver OK, realiza o commit dos dados * trans.Commit(); * Console.WriteLine("Commit"); * } * catch (Exception ex) * { * Console.WriteLine("Rollback"); * if (trans != null) trans.Rollback(); * throw ex; * }*/ //Atualiza o certificado global do servidor //e gera novo certificado da empresa e atualiza o mesmo trans = conn.BeginTransaction(); Console.WriteLine("Update Global Server Certificate"); try { //Se a chave de instalaçõe é nula if (this.ServerInstallationKey == null) { this.ServerInstallationKey = GetInstallationCode(atualServerPKCS12Cert); } //Cria o novo certificado, e a chave se não existir ainda this.BuildCert(); //Exclui o certificado atual do banco ExecuteNonQuery("delete from server_cert", CommandType.Text, null, trans); //Salva o novo certificado DbParameterCollection par = new DbParameterCollection(); par.Add("@server_cert", typeof(String), this.ServerCertString.Length).Value = this.ServerCertString; par.Add("@server_pkcs12_cert", typeof(String), this.ServerPKCS12String.Length).Value = this.ServerPKCS12String; ExecuteNonQuery("insert into server_cert (server_cert, server_pkcs12_cert) values (@server_cert, @server_pkcs12_cert)", CommandType.Text, par, trans); Console.WriteLine("Commit"); trans.Commit(); } catch (Exception ex) { Console.WriteLine("Rollback"); trans.Rollback(); throw ex; } try { //Criptografa a senha de todas as entidades DataTable dtEnterprise = ExecuteDataTable("select * from enterprise with(nolock)", trans); if (dtEnterprise == null) { throw new Exception("Erro on enterprise SQL"); } foreach (DataRow drEnt in dtEnterprise.Rows) { Console.WriteLine("Enterprise " + drEnt["id"]); using (EnterpriseKeyConfig ek = new EnterpriseKeyConfig(conn, (Int64)drEnt["id"], trans)) ek.RenewCert(conn); Console.WriteLine(""); } try { System.Reflection.Assembly asm = System.Reflection.Assembly.GetAssembly(typeof(ServerKey2)); FileInfo certFile = new FileInfo(Path.Combine(Path.GetDirectoryName(asm.Location), "server.cer")); if (certFile.Exists) { certFile.Delete(); } File.WriteAllBytes(certFile.FullName, Convert.FromBase64String(this.ServerCertString)); } catch { } } catch (Exception ex) { throw ex; } } else //Não foi encontrado certificado no banco, erro { //Como ao instanciar esta classe a verificação e criação do certificado ja foi realizada, não deve acontecer esse erro throw new Exception("Erro on find server certificate"); } }