public async Task SaveCertificateAsync(string orderUrl, X509Certificate certificate) { FileSystemCertCollectionFormat collectionFormat = await GetFileSystemCertCollectionFormat(); if (collectionFormat.Certs.Count > 64) { _logger.LogInformation("Too many saved certs, culling old records"); IEnumerable <KeyValuePair <string, FileSystemCertFormat> > oldRecords = collectionFormat.Certs.ToArray().OrderBy(i => i.Value.NotAfter).Take(32); foreach (var oldRecord in oldRecords) { _logger.LogInformation($"Remove cert {oldRecord.Key}"); collectionFormat.Certs.Remove(oldRecord.Key); } } byte[] serialized = _certCodec.Encode(certificate); string serializedStr = Convert.ToBase64String(serialized); collectionFormat.Certs[orderUrl] = new FileSystemCertFormat { NotAfter = new DateTimeOffset(certificate.NotAfter).ToUnixTimeMilliseconds(), NotBefore = new DateTimeOffset(certificate.NotBefore).ToUnixTimeMilliseconds(), Val = serializedStr }; await SaveFileSystemCertCollectionFormat(collectionFormat); }
public async Task <X509Certificate2> GetActiveCertificateAsync(long fromTimeStamp, long toTimeStamp) { if (toTimeStamp < fromTimeStamp) { throw new ArgumentOutOfRangeException( $"Invalid time range. FromTimeStamp {fromTimeStamp}, ToTimeStamp {toTimeStamp}"); } FileSystemPrivateKeyFormat keyFormat = null; FileSystemCertFormat certFormat = null; FileSystemCertCollectionFormat certsCollection = await GetFileSystemCertCollectionFormat(); FileSystemKeysCollectionFormat keysCollection = await GetFileSystemKeyCollectionFormat(); foreach (KeyValuePair <string, FileSystemCertFormat> keyValuePair in certsCollection.Certs) { string orderUrl = keyValuePair.Key; if (keysCollection.Keys.TryGetValue(orderUrl, out FileSystemPrivateKeyFormat currentPrivateKey)) { FileSystemCertFormat currentCert = keyValuePair.Value; if (currentCert.NotAfter > fromTimeStamp && currentCert.NotBefore <= toTimeStamp) { if (certFormat == null || certFormat.NotAfter < currentCert.NotAfter) { certFormat = currentCert; keyFormat = currentPrivateKey; } } } } if (certFormat == null) { return(null); } byte[] certBytes = Convert.FromBase64String(certFormat.Val); X509Certificate certificate = _certCodec.Decode(certBytes); byte[] privateKeyBytes = Convert.FromBase64String(keyFormat.Val); CertPrivateKey privateKey = _privateKeyCodec.Decode(privateKeyBytes); return(CertHelper.ToX509Certificate2(privateKey, certificate)); }
private Task SaveFileSystemCertCollectionFormat(FileSystemCertCollectionFormat fileSystemCertCollectionFormat) { string json = JsonSerializer.Serialize(fileSystemCertCollectionFormat); return(_fileSystem.WriteStringAsync("certs.json", json)); }