private EnumProvisionStatus.Status ProvisionStage1() { var response = new APICall().ProvisionApi.GetIntermediateCert(DtoGobalSettings.ClientIdentity.Name); if (response == null) { return(EnumProvisionStatus.Status.Error); } if (response.ProvisionStatus != EnumProvisionStatus.Status.IntermediateInstalled) { Logger.Error(response.Message); return(response.ProvisionStatus); } var bytes = Convert.FromBase64String(response.Certificate); var intermediateCert = new X509Certificate2(bytes); if (!ServiceCertificate.ValidateCert(intermediateCert)) { return(EnumProvisionStatus.Status.Error); } if (ServiceCertificate.StoreLocalMachine(intermediateCert, StoreName.CertificateAuthority)) { var settingProvisionStatus = _serviceSetting.GetSetting("provision_status"); settingProvisionStatus.Value = Convert.ToInt16(EnumProvisionStatus.Status.IntermediateInstalled).ToString(); _serviceSetting.UpdateSettingValue(settingProvisionStatus); var intermediateThumbprint = _serviceSetting.GetSetting("intermediate_thumbprint"); intermediateThumbprint.Value = intermediateCert.Thumbprint; _serviceSetting.UpdateSettingValue(intermediateThumbprint); return(EnumProvisionStatus.Status.IntermediateInstalled); } return(EnumProvisionStatus.Status.Error); }
private EnumProvisionStatus.Status ProvisionStage2() { var intermediateThumbprint = _serviceSetting.GetSetting("intermediate_thumbprint"); if (string.IsNullOrEmpty(intermediateThumbprint.Value)) { //assume stage 1 didn't finish return(EnumProvisionStatus.Status.NotStarted); } var intermediate = ServiceCertificate.GetCertificateFromStore(intermediateThumbprint.Value, StoreName.CertificateAuthority); if (intermediate == null) { return(EnumProvisionStatus.Status.NotStarted); } var key = GenerateSymmKey(); var provisionRequest = new DtoProvisionRequest(); provisionRequest.Name = DtoGobalSettings.ClientIdentity.Name; provisionRequest.AdGuid = new ServiceAD().GetADGuid(provisionRequest.Name); provisionRequest.SymmKey = EncryptDataWithIntermediate(intermediate.PublicKey.Key, key); provisionRequest.InstallationId = DtoGobalSettings.ClientIdentity.InstallationId; //include some hardware details Logger.Debug("Gathering Hardware Details"); var inventoryCollection = new DtoInventoryCollection(); new ComputerSystem().Search(inventoryCollection); new Bios().Search(inventoryCollection); new Processor().Search(inventoryCollection); new Nic().Search(inventoryCollection); try { var m = Convert.ToInt64(inventoryCollection.ComputerSystem.TotalPhysicalMemory); provisionRequest.Memory = Convert.ToInt32(m / 1024 / 1024); } catch { provisionRequest.Memory = 0; } try { provisionRequest.Processor = inventoryCollection.Processor.Name; } catch { provisionRequest.Processor = string.Empty; } try { provisionRequest.SerialNumber = inventoryCollection.Bios.SerialNumber; } catch { provisionRequest.SerialNumber = string.Empty; } try { provisionRequest.Model = inventoryCollection.ComputerSystem.Model; } catch { provisionRequest.Model = string.Empty; } try { foreach (var nic in inventoryCollection.NetworkAdapters) { provisionRequest.Macs.Add(nic.Mac); } } catch { //do nothing } inventoryCollection = null; var response = new APICall().ProvisionApi.ProvisionClient(provisionRequest); if (response == null) { return(EnumProvisionStatus.Status.Error); } if (response.ProvisionStatus == EnumProvisionStatus.Status.Reset) { Logger.Info("Client Reset Approved. Starting Reset Process."); return(EnumProvisionStatus.Status.Reset); } if (response.ProvisionStatus == EnumProvisionStatus.Status.FullReset) { Logger.Info("Client Full Reset Requested. Starting Full Reset Process."); return(EnumProvisionStatus.Status.FullReset); } if (response.ProvisionStatus == EnumProvisionStatus.Status.PendingReset) { Logger.Info("Client Is Pending Reset Approval."); return(EnumProvisionStatus.Status.PendingReset); } if (response.ProvisionStatus == EnumProvisionStatus.Status.PendingProvisionApproval) { Logger.Info("Client Is Pending Provisioning Approval"); return(EnumProvisionStatus.Status.PendingProvisionApproval); } if (response.ProvisionStatus == EnumProvisionStatus.Status.PendingPreProvision) { Logger.Info("Client Has Not Been Pre-Provisioned And The Current Security Policy Requires It."); return(EnumProvisionStatus.Status.PendingPreProvision); } if (response.ProvisionStatus != EnumProvisionStatus.Status.PendingConfirmation) { return(EnumProvisionStatus.Status.Error); } var byteCert = Convert.FromBase64String(response.Certificate); var base64Cert = new ServiceSymmetricEncryption().Decrypt(key, byteCert); var deviceCert = new X509Certificate2(Convert.FromBase64String(base64Cert)); if (ServiceCertificate.StoreLocalMachine(deviceCert, StoreName.My)) { var deviceThumbprint = _serviceSetting.GetSetting("device_thumbprint"); deviceThumbprint.Value = deviceCert.Thumbprint; _serviceSetting.UpdateSettingValue(deviceThumbprint); var computerIdentifier = _serviceSetting.GetSetting("computer_identifier"); computerIdentifier.Value = response.ComputerIdentifier; DtoGobalSettings.ClientIdentity.Guid = response.ComputerIdentifier; _serviceSetting.UpdateSettingValue(computerIdentifier); var entropy = _serviceSetting.GetSetting("entropy"); var entropyBytes = ServiceDP.CreateRandomEntropy(); entropy.Value = Convert.ToBase64String(entropyBytes); _serviceSetting.UpdateSettingValue(entropy); var encryptedKey = ServiceDP.EncryptData(key, true, entropyBytes); var keySetting = _serviceSetting.GetSetting("encryption_key"); keySetting.Value = Convert.ToBase64String(encryptedKey); _serviceSetting.UpdateSettingValue(keySetting); var settingProvisionStatus = _serviceSetting.GetSetting("provision_status"); settingProvisionStatus.Value = Convert.ToInt16(response.ProvisionStatus).ToString(); _serviceSetting.UpdateSettingValue(settingProvisionStatus); } return(EnumProvisionStatus.Status.PendingConfirmation); }