public DtoActionResult UpdateCertificate(EntityCertificate certificate) { var u = GetCertificate(certificate.Id); if (u == null) { return new DtoActionResult { ErrorMessage = "Certificate Not Found", Id = 0 } } ; var validationResult = ValidateCertificateEntity(certificate, false); var actionResult = new DtoActionResult(); if (validationResult.Success) { _uow.CertificateRepository.Update(certificate, certificate.Id); _uow.Save(); actionResult.Success = true; actionResult.Id = certificate.Id; } else { actionResult.ErrorMessage = validationResult.ErrorMessage; } return(actionResult); }
private DtoValidationResult ValidateCertificateEntity(EntityCertificate certificate, bool isNew) { var validationResult = new DtoValidationResult { Success = true }; return(validationResult); //todo: add validation }
private byte[] GenerateDeviceCert(string symmKey, EntityComputer computer) { var iCert = new ServiceCertificate().GetIntermediate(); byte[] symmetricKey; using (RSACryptoServiceProvider rsa = (RSACryptoServiceProvider)iCert.PrivateKey) { var encryptedKey = Convert.FromBase64String(symmKey); symmetricKey = rsa.Decrypt(encryptedKey, true); } var intermediateEntity = new ServiceCertificate().GetIntermediateEntity(); var pass = new EncryptionServices().DecryptText(intermediateEntity.Password); var intermediateCert = new X509Certificate2(intermediateEntity.PfxBlob, pass, X509KeyStorageFlags.Exportable); var certRequest = new CertificateRequest(); var organization = ServiceSetting.GetSettingValue(SettingStrings.CertificateOrganization); certRequest.SubjectName = string.Format("O={0},CN={1}", organization, computer.Guid); certRequest.NotBefore = DateTime.UtcNow; certRequest.NotAfter = certRequest.NotBefore.AddYears(10); var certificate = new ServiceGenerateCertificate(certRequest).IssueCertificate(intermediateCert, false, false); var c = new EntityCertificate(); c.NotAfter = certificate.NotAfter; c.NotBefore = certificate.NotBefore; c.Serial = certificate.SerialNumber; var pfxPass = Membership.GeneratePassword(10, 0); c.Password = new EncryptionServices().EncryptText(pfxPass); c.PfxBlob = certificate.Export(X509ContentType.Pfx, pfxPass); c.SubjectName = certificate.Subject; c.Type = EnumCertificate.CertificateType.Device; var base64DeviceCert = Convert.ToBase64String(certificate.RawData); var encryptedCert = new ServiceSymmetricEncryption().EncryptData(symmetricKey, base64DeviceCert); new ServiceCertificate().AddCertificate(c); computer.CertificateId = c.Id; computer.ProvisionStatus = EnumProvisionStatus.Status.PendingConfirmation; computer.SymmKeyEncrypted = new EncryptionServices().EncryptText(Convert.ToBase64String(symmetricKey)); return(encryptedCert); }
public DtoActionResult AddCertificate(EntityCertificate certificate) { var validationResult = ValidateCertificateEntity(certificate, true); var actionResult = new DtoActionResult(); if (validationResult.Success) { _uow.CertificateRepository.Insert(certificate); _uow.Save(); actionResult.Success = true; actionResult.Id = certificate.Id; } else { actionResult.ErrorMessage = validationResult.ErrorMessage; } return(actionResult); }
public bool GenerateCAandInt() { var isAllowed = ConfigurationManager.AppSettings["AllowCAGen"]; if (!isAllowed.ToLower().Equals("true")) { Logger.Debug("Certificates cannot be generated without updating the web.config key AllowCAGen"); return(false); } var certRequest = new CertificateRequest(); var organization = new ServiceSetting().GetSetting(SettingStrings.CertificateOrganization); if (organization == null) { return(false); } if (string.IsNullOrEmpty(organization.Value)) { return(false); } certRequest.SubjectName = string.Format("O={0},CN=Toems CA", organization.Value); certRequest.NotBefore = DateTime.UtcNow; certRequest.NotAfter = certRequest.NotBefore.AddYears(20); var authCertificate = new ServiceGenerateCertificate(certRequest).CreateCertificateAuthorityCertificate(); var c = new EntityCertificate(); c.NotAfter = authCertificate.NotAfter; c.NotBefore = authCertificate.NotBefore; c.Serial = authCertificate.SerialNumber; var pfxPass = Membership.GeneratePassword(10, 0); c.Password = new EncryptionServices().EncryptText(pfxPass); c.PfxBlob = authCertificate.Export(X509ContentType.Pfx, pfxPass); c.SubjectName = authCertificate.Subject; c.Type = EnumCertificate.CertificateType.Authority; var existingCA = _uow.CertificateRepository.GetFirstOrDefault(x => x.Type == EnumCertificate.CertificateType.Authority); if (existingCA != null) { _uow.CertificateRepository.Delete(existingCA.Id); } _uow.CertificateRepository.Insert(c); //intermediate var intRequest = new CertificateRequest(); intRequest.SubjectName = string.Format("O={0},CN=Toems Intermediate", organization.Value); intRequest.NotBefore = DateTime.UtcNow; intRequest.NotAfter = intRequest.NotBefore.AddYears(20); var intCertificate = new ServiceGenerateCertificate(intRequest).IssueCertificate(authCertificate, true, false); var ce = new EntityCertificate(); ce.NotAfter = intCertificate.NotAfter; ce.NotBefore = intCertificate.NotBefore; ce.Serial = intCertificate.SerialNumber; var pfxPassInt = Membership.GeneratePassword(10, 0); ce.Password = new EncryptionServices().EncryptText(pfxPassInt); ce.PfxBlob = intCertificate.Export(X509ContentType.Pfx, pfxPassInt); ce.SubjectName = intCertificate.Subject; ce.Type = EnumCertificate.CertificateType.Intermediate; var existingInt = _uow.CertificateRepository.GetFirstOrDefault(x => x.Type == EnumCertificate.CertificateType.Intermediate); if (existingInt != null) { _uow.CertificateRepository.Delete(existingInt.Id); } _uow.CertificateRepository.Insert(ce); _uow.Save(); return(true); }