public void AcceptRequest(NodeId requestId, byte[] signedCertificate) { try { string reqId = OpcVaultClientHelper.GetServiceIdFromNodeId(requestId, NamespaceIndex); _opcVaultServiceClient.AcceptCertificateRequest(reqId); } catch (HttpOperationException httpEx) { throw new ServiceResultException(httpEx, StatusCodes.BadUserAccessDenied); } }
public NodeId StartNewKeyPairRequest( NodeId applicationId, string certificateGroupId, string certificateTypeId, string subjectName, string[] domainNames, string privateKeyFormat, string privateKeyPassword, string authorityId) { string appId = OpcVaultClientHelper.GetServiceIdFromNodeId(applicationId, NamespaceIndex); if (string.IsNullOrEmpty(appId)) { throw new ServiceResultException(StatusCodes.BadInvalidArgument, "The ApplicationId is invalid."); } if (String.IsNullOrWhiteSpace(certificateTypeId)) { throw new ServiceResultException(StatusCodes.BadInvalidArgument, "The CertificateTypeId does not refer to a supported CertificateType."); } if (String.IsNullOrWhiteSpace(certificateGroupId)) { throw new ServiceResultException(StatusCodes.BadInvalidArgument, "The CertificateGroupId does not refer to a supported CertificateGroup."); } try { var model = new CreateNewKeyPairRequestApiModel( appId, certificateGroupId, certificateTypeId, subjectName, domainNames, privateKeyFormat, privateKeyPassword ); string requestId = _opcVaultServiceClient.CreateNewKeyPairRequest(model); return(OpcVaultClientHelper.GetNodeIdFromServiceId(requestId, NamespaceIndex)); } catch (HttpOperationException httpEx) { // TODO: return matching ServiceResultException //throw new ServiceResultException(StatusCodes.BadNodeIdUnknown); //throw new ServiceResultException(StatusCodes.BadInvalidArgument); //throw new ServiceResultException(StatusCodes.BadUserAccessDenied); throw new ServiceResultException(httpEx, StatusCodes.BadRequestNotAllowed); } }
public CertificateRequestState FinishRequest( NodeId applicationId, NodeId requestId, out string certificateGroupId, out string certificateTypeId, out byte[] signedCertificate, out byte[] privateKey) { string reqId = OpcVaultClientHelper.GetServiceIdFromNodeId(requestId, NamespaceIndex); if (string.IsNullOrEmpty(reqId)) { throw new ServiceResultException(StatusCodes.BadInvalidArgument, "The RequestId is invalid."); } string appId = OpcVaultClientHelper.GetServiceIdFromNodeId(applicationId, NamespaceIndex); if (string.IsNullOrEmpty(appId)) { throw new ServiceResultException(StatusCodes.BadInvalidArgument, "The ApplicationId is invalid."); } certificateGroupId = null; certificateTypeId = null; signedCertificate = null; privateKey = null; try { var request = _opcVaultServiceClient.FetchCertificateRequestResult(reqId, appId); var state = (CertificateRequestState)Enum.Parse(typeof(CertificateRequestState), request.State.ToString(), true); if (state == CertificateRequestState.Approved) { certificateGroupId = request.CertificateGroupId; certificateTypeId = request.CertificateTypeId; signedCertificate = request.SignedCertificate != null?Convert.FromBase64String(request.SignedCertificate) : null; privateKey = request.PrivateKey != null?Convert.FromBase64String(request.PrivateKey) : null; } return(state); } catch (HttpOperationException httpEx) { //throw new ServiceResultException(StatusCodes.BadNotFound); //throw new ServiceResultException(StatusCodes.BadInvalidArgument); //throw new ServiceResultException(StatusCodes.BadUserAccessDenied); //throw new ServiceResultException(StatusCodes.BadNothingToDo); throw new ServiceResultException(httpEx, StatusCodes.BadRequestNotAllowed); } }
public void ApproveRequest( NodeId requestId, bool isRejected ) { try { // intentionally ignore the auto approval, it is implemented in the OpcVault service string reqId = OpcVaultClientHelper.GetServiceIdFromNodeId(requestId, NamespaceIndex); _opcVaultServiceClient.ApproveCertificateRequest(reqId, isRejected); } catch (HttpOperationException httpEx) { throw new ServiceResultException(httpEx, StatusCodes.BadUserAccessDenied); } }
public NodeId StartSigningRequest( NodeId applicationId, string certificateGroupId, string certificateTypeId, byte[] certificateRequest, string authorityId) { string appId = OpcVaultClientHelper.GetServiceIdFromNodeId(applicationId, NamespaceIndex); if (string.IsNullOrEmpty(appId)) { throw new ServiceResultException(StatusCodes.BadNotFound, "The ApplicationId is invalid."); } if (String.IsNullOrWhiteSpace(certificateTypeId)) { throw new ServiceResultException(StatusCodes.BadInvalidArgument, "The CertificateTypeId does not refer to a supported CertificateType."); } if (String.IsNullOrWhiteSpace(certificateGroupId)) { throw new ServiceResultException(StatusCodes.BadInvalidArgument, "The CertificateGroupId does not refer to a supported CertificateGroup."); } try { var model = new CreateSigningRequestApiModel( appId, certificateGroupId, certificateTypeId, Convert.ToBase64String(certificateRequest) ); string requestId = _opcVaultServiceClient.CreateSigningRequest(model); return(OpcVaultClientHelper.GetNodeIdFromServiceId(requestId, NamespaceIndex)); } catch (HttpOperationException httpEx) { // TODO: return matching ServiceResultException //throw new ServiceResultException(StatusCodes.BadNotFound); //throw new ServiceResultException(StatusCodes.BadInvalidArgument); //throw new ServiceResultException(StatusCodes.BadUserAccessDenied); //throw new ServiceResultException(StatusCodes.BadRequestNotAllowed); //throw new ServiceResultException(StatusCodes.BadCertificateUriInvalid); throw new ServiceResultException(httpEx, StatusCodes.BadNotSupported); } }