public CreatePrivateCertificateResult IssuePendingCertificate(Guid id, ClaimsPrincipal user) { PendingCertificate pendingCertificate = certificateRepository.Get <PendingCertificate>(id); KeyUsage keyUsage = dataTransformation.ParseKeyUsage(pendingCertificate.KeyUsage); AdcsTemplate template = templateLogic.DiscoverTemplate(pendingCertificate.CipherAlgorithm, pendingCertificate.Provider, keyUsage); if (authorizationLogic.IsAuthorized(template, user)) { CertificateRequest csr = certificateProvider.CreateCsrKeyPair(dataTransformation.NewCertificateSubjectFromModel(pendingCertificate), pendingCertificate.CipherAlgorithm, pendingCertificate.KeySize, pendingCertificate.Provider, SigningRequestProtocol.Pkcs10); MicrosoftCertificateAuthority ca = configurationRepository.GetPrivateCertificateAuthority(pendingCertificate.HashAlgorithm); CertificateAuthorityRequestResponse response = ca.Sign(csr, template.Name, template.KeyUsage); CreatePrivateCertificateResult result = ProcessCertificateAuthorityResponse(pendingCertificate, response, csr.Subject, user); certificateRepository.Delete <PendingCertificate>(id); return(result); } else { throw new UnauthorizedAccessException("Current user is not authorized to issue pending certificates"); } }
private SignPrivateCertificateResult ProcessPendingSigningWorkflow(SignPrivateCertificateModel model) { SignPrivateCertificateResult result = new SignPrivateCertificateResult(PrivateCertificateRequestStatus.Pending); PendingCertificate pendingCertificate = new PendingCertificate(model); certificateRepository.Insert <PendingCertificate>(pendingCertificate); return(result); }
private CreatePrivateCertificateResult ProcessNewPendingCertificateWorkflow(CreatePrivateCertificateModel model) { CreatePrivateCertificateResult result = new CreatePrivateCertificateResult(PrivateCertificateRequestStatus.Pending, Guid.NewGuid()); PendingCertificate pendingCertificate = new PendingCertificate(model); certificateRepository.Insert <PendingCertificate>(pendingCertificate); return(result); }