private EnumProvisionStatus.Status ProvisionStage1() { var response = new APICall().ProvisionApi.GetIntermediateCert(DtoGobalSettings.ClientIdentity.Name); if (response == null) { return(EnumProvisionStatus.Status.Error); } if (response.ProvisionStatus != EnumProvisionStatus.Status.IntermediateInstalled) { Logger.Error(response.Message); return(response.ProvisionStatus); } var bytes = Convert.FromBase64String(response.Certificate); var intermediateCert = new X509Certificate2(bytes); if (!ServiceCertificate.ValidateCert(intermediateCert)) { return(EnumProvisionStatus.Status.Error); } if (ServiceCertificate.StoreLocalMachine(intermediateCert, StoreName.CertificateAuthority)) { var settingProvisionStatus = _serviceSetting.GetSetting("provision_status"); settingProvisionStatus.Value = Convert.ToInt16(EnumProvisionStatus.Status.IntermediateInstalled).ToString(); _serviceSetting.UpdateSettingValue(settingProvisionStatus); var intermediateThumbprint = _serviceSetting.GetSetting("intermediate_thumbprint"); intermediateThumbprint.Value = intermediateCert.Thumbprint; _serviceSetting.UpdateSettingValue(intermediateThumbprint); return(EnumProvisionStatus.Status.IntermediateInstalled); } return(EnumProvisionStatus.Status.Error); }
public bool VerifyProvisionStatus() { Logger.Info("Verifying Client Provision Status"); var provisionStatusString = _serviceSetting.GetSetting("provision_status"); EnumProvisionStatus.Status provisionStatus; if (string.IsNullOrEmpty(provisionStatusString.Value)) { provisionStatus = EnumProvisionStatus.Status.NotStarted; } else { provisionStatus = (EnumProvisionStatus.Status)Convert.ToInt16(provisionStatusString.Value); } switch (provisionStatus) { case EnumProvisionStatus.Status.NotStarted: //Computer is not provisioned, verify the CA exists var caThumbprint = _serviceSetting.GetSetting("ca_thumbprint"); var ca = ServiceCertificate.GetCertificateFromStore(caThumbprint.Value, StoreName.Root); if (ca == null) { Logger.Error("Certificate Authority Could Not Be Found. Application Cannot Continue."); //Provisioning can never complete without the correct CA, don't return anything, just exit. Task.Delay(10 * 1000).Wait(); Environment.Exit(1); } break; case EnumProvisionStatus.Status.PendingConfirmation: case EnumProvisionStatus.Status.Provisioned: var deviceThumbprint = _serviceSetting.GetSetting("device_thumbprint"); var deviceCert = ServiceCertificate.GetCertificateFromStore(deviceThumbprint.Value, StoreName.My); if (deviceCert == null) { Logger.Error("Device Certificate Could Not Be Found. Restarting Provisioning Process."); return(false); } if (!ServiceCertificate.ValidateCert(deviceCert)) { return(false); } var clientIdentity = deviceCert.Subject; var expectedId = _serviceSetting.GetSetting("computer_identifier"); Logger.Debug("Current Expected Identity: " + expectedId.Value); Logger.Debug("Current Identity: " + clientIdentity); if (!clientIdentity.Contains(expectedId.Value)) { Logger.Error("The Current Identity Doesn't Match The Expected Identity"); return(false); } break; default: var intermediateThumbprint = _serviceSetting.GetSetting("intermediate_thumbprint"); var intermediate = ServiceCertificate.GetCertificateFromStore(intermediateThumbprint.Value, StoreName.CertificateAuthority); if (intermediate == null) { Logger.Error("Intermediate Certificate Could Not Be Found. Restarting Provisioning Process."); return(false); } if (!ServiceCertificate.ValidateCert(intermediate)) { return(false); } break; } Logger.Info("Verification Complete"); return(true); }