/// <summary>
/// Will renew the current customer certificate, and issue a new one.
/// </summary>
/// <param name="newKeystoreFile">The new PKCS#12 file will be saved here</param>
/// <param name="newKeystorePassword">Password to protect new PKCS#12 file</param>
public void RenewCustomerCertificate(FileInfo newKeystoreFile, string newKeystorePassword)
{
if (newKeystoreFile.Exists)
{
throw new ArgumentException("Keystore file " + newKeystoreFile.FullName + " already exists!");
}
GetBankCertificateIfRequired();
var request = new renewCustomerCertificate();
var certificateRequestGenerator = new CertificateRequestGenerator(FunctionIdentifier);
var pkcs10Bytes = certificateRequestGenerator.GetPkcs10Bytes();
request.certificateRequestMessage = new certificateRequestMessage {
certificateRequest = pkcs10Bytes
};
var client = CreateClient();
var technicalAddress = new technicalAddress();
var serviceHeader = BuildServiceHeader();
var response = client.renewCustomerCertificate(ref technicalAddress, ref serviceHeader, request);
var pemBlock = Encoding.UTF8.GetString(response.corporateMessage.content);
var pkcs12 = ToPkcs12Bytes(pemBlock, certificateRequestGenerator, newKeystorePassword);
File.WriteAllBytes(newKeystoreFile.FullName, pkcs12);
}
public void ActivateServiceAgreement(string activationCode)
{
if (KeystoreFile.Exists)
{
throw new ArgumentException("Keystore file " + KeystoreFile.FullName + " already exists - you have already activated.");
}
GetBankCertificateIfRequired();
var certificateRequestGenerator = new CertificateRequestGenerator(FunctionIdentifier, activationCode);
var pkcs10Bytes = certificateRequestGenerator.GetPkcs10Bytes();
var request = new activateServiceAgreement();
var activationAgreement = new activationAgreement
{
activationCode = Encoding.UTF8.GetBytes(activationCode),
certificateRequest = pkcs10Bytes
};
request.activationAgreement = activationAgreement;
var technicalAddress = new technicalAddress();
var activationHeader = BuildActivationHeader();
var response = CreateClient().activateServiceAgreement(ref technicalAddress, ref activationHeader, request);
var pemBlock = Encoding.UTF8.GetString(response.corporateMessage.content);
ReceiveAndValidateCertificates(pemBlock, certificateRequestGenerator);
}
protected static byte[] ToPkcs12Bytes(string pemBlock, CertificateRequestGenerator certificateRequestGenerator, string keystorePassword)
{
var reader = new PemBlockReader(pemBlock);
var certificates = reader.ReadCertificates();
new CertificateChainValidator(CertificateStore.Instance.TrustedCaCertificates).AssertValid(certificates);
var pkcs12 = certificateRequestGenerator.CreatePkcs12(certificates[certificates.Count - 1], keystorePassword);
return(pkcs12);
}
private void ReceiveAndValidateCertificates(string pemBlock, CertificateRequestGenerator certificateRequestGenerator)
{
var pkcs12 = ToPkcs12Bytes(pemBlock, certificateRequestGenerator, KeystorePassword);
File.WriteAllBytes(KeystoreFile.FullName, pkcs12);
}
