From a7836114dd07f50e8c7a4b8c6f6e000cfc22e49f Mon Sep 17 00:00:00 2001 From: Iskander Yarmukhametov Date: Thu, 17 Feb 2022 16:14:03 +0300 Subject: [PATCH] CRL defaults to PEM format --- .../Controllers/CertificateController.cs | 3 ++- .../Service/CertificateAuthorityService.cs | 6 ++--- .../Service/CertificateConverterService.cs | 17 +++++++++---- .../Service/ICertificateConverter.cs | 9 ++++++- source/TestAuthorityCore/X509/CrlFile.cs | 24 +++++++++++++++++++ 5 files changed, 49 insertions(+), 10 deletions(-) create mode 100644 source/TestAuthorityCore/X509/CrlFile.cs diff --git a/source/TestAuthorityCore/Controllers/CertificateController.cs b/source/TestAuthorityCore/Controllers/CertificateController.cs index 47bc58b..eb8b427 100644 --- a/source/TestAuthorityCore/Controllers/CertificateController.cs +++ b/source/TestAuthorityCore/Controllers/CertificateController.cs @@ -49,7 +49,8 @@ public IActionResult GetRootCertificate() [HttpGet("/api/certificate/crl")] public IActionResult GetCrl() { - var result = service.GenerateCrl(); + var crl = service.GenerateCrl(); + var result = converter.ConvertToPem(crl); return File(result, MediaTypeNames.Application.Octet, "root.crl"); } diff --git a/source/TestAuthorityCore/Service/CertificateAuthorityService.cs b/source/TestAuthorityCore/Service/CertificateAuthorityService.cs index 7a62169..2490621 100644 --- a/source/TestAuthorityCore/Service/CertificateAuthorityService.cs +++ b/source/TestAuthorityCore/Service/CertificateAuthorityService.cs @@ -33,12 +33,12 @@ public CertificateAuthorityService(CertificateWithKey signerCertificate, RandomS /// Generate CRL file. /// /// Crl file as a byte array. - public byte[] GenerateCrl() + public CrlFile GenerateCrl() { SecureRandom random = randomService.GenerateRandom(); ICrlBuilder crlBuilder = crlBuilderFactory(random, signerCertificate); var crl = crlBuilder.Generate(); - return crl.GetEncoded(); + return new CrlFile(crl); } /// @@ -72,4 +72,4 @@ public CertificateWithKey GenerateSslCertificate(CertificateRequest request) return certificate; } } -} +} \ No newline at end of file diff --git a/source/TestAuthorityCore/Service/CertificateConverterService.cs b/source/TestAuthorityCore/Service/CertificateConverterService.cs index ccded9d..d60a3f3 100644 --- a/source/TestAuthorityCore/Service/CertificateConverterService.cs +++ b/source/TestAuthorityCore/Service/CertificateConverterService.cs @@ -31,7 +31,7 @@ public CertificateConverterService(RandomService randomService, RootCertificateS this.randomService = randomService; this.rootCertificateService = rootCertificateService; } - + /// /// Convert certificate to zip archive with certificate and key in PEM format. /// @@ -55,6 +55,13 @@ public byte[] ConvertToPfx(CertificateWithKey certificate, string password) return ConvertToPfxCore(certificate.Certificate, (RsaPrivateCrtKeyParameters)certificate.KeyPair?.Private, password); } + /// + public byte[] ConvertToPem(CrlFile crl) + { + var pem = ConvertToPemFormat(crl.Crl); + return Encoding.ASCII.GetBytes(pem); + } + private byte[] ConvertToPfxCore(X509Certificate2 x509, RsaPrivateCrtKeyParameters rsaParams, string pfxPassword) { var store = new Pkcs12Store(); @@ -103,21 +110,21 @@ private static string ConvertToPemFormat(object input) { var generator = new MiscPemGenerator(input); - string certificateString; + string outputString; using (var textWriter = new StringWriter()) { var writer = new PemWriter(textWriter); writer.WriteObject(generator); writer.Writer.Flush(); - certificateString = textWriter.ToString(); + outputString = textWriter.ToString(); } - if (string.IsNullOrWhiteSpace(certificateString)) + if (string.IsNullOrWhiteSpace(outputString)) { throw new InvalidOperationException(); } - return certificateString; + return outputString; } } } \ No newline at end of file diff --git a/source/TestAuthorityCore/Service/ICertificateConverter.cs b/source/TestAuthorityCore/Service/ICertificateConverter.cs index f2b0f07..fadc72e 100644 --- a/source/TestAuthorityCore/Service/ICertificateConverter.cs +++ b/source/TestAuthorityCore/Service/ICertificateConverter.cs @@ -22,5 +22,12 @@ public interface ICertificateConverter /// Pfx password. /// Pfx file as a byte array. byte[] ConvertToPfx(CertificateWithKey certificate, string password); + + /// + /// Convert CRL to pem format. + /// + /// . + /// Pem representation of Crl. + byte[] ConvertToPem(CrlFile crl); } -} +} \ No newline at end of file diff --git a/source/TestAuthorityCore/X509/CrlFile.cs b/source/TestAuthorityCore/X509/CrlFile.cs new file mode 100644 index 0000000..6fc0947 --- /dev/null +++ b/source/TestAuthorityCore/X509/CrlFile.cs @@ -0,0 +1,24 @@ +using Org.BouncyCastle.X509; + +namespace TestAuthorityCore.X509 +{ + /// + /// Crl wrapper. + /// + public class CrlFile + { + /// + /// ctor. + /// + /// . + public CrlFile(X509Crl crl) + { + Crl = crl; + } + + /// + /// Crl file. + /// + public X509Crl Crl { get; set; } + } +} \ No newline at end of file