public CreatePrivateCertificateResult IssuePendingCertificate(Guid id, ClaimsPrincipal user)
{
PendingCertificate pendingCertificate = certificateRepository.Get <PendingCertificate>(id);
KeyUsage keyUsage = dataTransformation.ParseKeyUsage(pendingCertificate.KeyUsage);
AdcsTemplate template = templateLogic.DiscoverTemplate(pendingCertificate.CipherAlgorithm, pendingCertificate.Provider, keyUsage);
if (authorizationLogic.IsAuthorized(template, user))
{
CertificateRequest csr = certificateProvider.CreateCsrKeyPair(dataTransformation.NewCertificateSubjectFromModel(pendingCertificate), pendingCertificate.CipherAlgorithm, pendingCertificate.KeySize, pendingCertificate.Provider, SigningRequestProtocol.Pkcs10);
MicrosoftCertificateAuthority ca = configurationRepository.GetPrivateCertificateAuthority(pendingCertificate.HashAlgorithm);
CertificateAuthorityRequestResponse response = ca.Sign(csr, template.Name, template.KeyUsage);
CreatePrivateCertificateResult result = ProcessCertificateAuthorityResponse(pendingCertificate, response, csr.Subject, user);
certificateRepository.Delete <PendingCertificate>(id);
return(result);
}
else
{
throw new UnauthorizedAccessException("Current user is not authorized to issue pending certificates");
}
}
private SignPrivateCertificateResult ProcessPendingSigningWorkflow(SignPrivateCertificateModel model)
{
SignPrivateCertificateResult result = new SignPrivateCertificateResult(PrivateCertificateRequestStatus.Pending);
PendingCertificate pendingCertificate = new PendingCertificate(model);
certificateRepository.Insert <PendingCertificate>(pendingCertificate);
return(result);
}
private CreatePrivateCertificateResult ProcessNewPendingCertificateWorkflow(CreatePrivateCertificateModel model)
{
CreatePrivateCertificateResult result = new CreatePrivateCertificateResult(PrivateCertificateRequestStatus.Pending, Guid.NewGuid());
PendingCertificate pendingCertificate = new PendingCertificate(model);
certificateRepository.Insert <PendingCertificate>(pendingCertificate);
return(result);
}
