Controller for certificate renewal (Windows Store apps)

Shows code that implements a System.Web.Mvc controller for renewing certificates.

Banking app web service for certificate renewal

The Windows Store app for banking requires a web service that provides certificate checking and renewal endpoints.

The following code example shows how to implement a System.Web.Mvc controller that checks and renews certificates.


using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Mvc;
using System.Security.Cryptography.X509Certificates;
using CERTCLILib;

namespace BankServer.Controllers
{
    public class RenewalController : Controller
    {
        internal abstract class Constants
        {
            // Constants for property IDs
            public const int CR_PROP_CAXCHGCERT = 15;
            //constants for data types and indexed status
            public const int PROPTYPE_BINARY = 0x3;
            //Constants for binary flags
            public const int CV_OUT_BASE64 = 0x1;
            public const int CR_DISP_ERROR = 0x1;
            public const int CR_DISP_DENIED = 0x2;
            public const int CR_DISP_ISSUED = 0x3;
            public const int CR_DISP_UNDER_SUBMISSION = 0x5;
            public const int CR_IN_BASE64HEADER = 0;
            public const int CR_IN_BASE64 = 0x1;
            public const int CR_IN_BINARY = 0x2;
            public const int CR_IN_ENCODEANY = 0xff;
            public const int CR_IN_FORMATANY = 0x00;
            public const int CR_IN_ROBO = 0x00200000;
            public const int CR_IN_PKCS10 = 0x100;
            public const int CR_IN_PKCS7 = 0x300;
            public const int CR_IN_CMC = 0x400;
            public const int CR_IN_FORMATMASK = 0xff00;

            public const int CR_IN_CLIENTIDNONE = 0x00400000;
            public const int CR_IN_CONNECTONLY = 0x00800000;

            public const int CR_OUT_BASE64HEADER = 0x0;
            public const int CR_OUT_BASE64 = 0x1;
            public const int FR_PROP_FULLRESPONSE = 1;  // Binary

            // Constant strings for  all logging, and hardcoded strings
            public const string TOKEN_TYPE_TEXT = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3";
            public const string SOAP_ENVELOPE_NS_TEXT = "http://www.w3.org/2003/05/soap-envelope";
        }

        [HttpPost]
        public JsonResult CheckCert()
        {
            var result = new JsonResult();
            DateTime currentDate = DateTime.Now;
            long twoMonthsTicks = 51840000000000;

            HttpClientCertificate clientCert = Request.ClientCertificate;
            if (clientCert != null && clientCert.Certificate != null &&
		clientCert.Certificate.Length > 0)
            {
                X509Certificate2 mycert =
		  new X509Certificate2(clientCert.Certificate);
                if (mycert.NotAfter.Ticks  < currentDate.Ticks + twoMonthsTicks)
                {
                    result.Data = new { renew = true, 
					hasCert = true,
					pfx = false, // Server policy
					user = mycert.SubjectName.Name
		    };
                }
                else 
                {
                    result.Data = new { renew = false, hasCert = true };
                }
            } else {
                result.Data = new { renew = false, hasCert = false };
            }
            return result;
        }

        [HttpPost]
        public JsonResult RenewP10(string request)
        {
            const string CAConfig = "Devt-StandAloneCA.enrolldev.nttest.microsoft.com\\enrolldev-Devt-StandAlone-CA";

            ICertRequest CertRequest = new CCertRequest();

            CertRequest.Submit(Constants.CR_IN_ENCODEANY,
                               request,
                               "",
                               CAConfig);

            string certificate = 
	      CertRequest.GetCertificate(Constants.CR_OUT_BASE64);

            var result = new JsonResult();
            result.Data = new { certificate = certificate };
            return result;
        }
    }
}


Related topics

System.Security.Cryptography.X509Certificates
System.Web.Mvc
CertificateEnrollmentManager
PasswordVault
Working with certificates
Creating a Windows Store app for banking
Create a Windows Store app for banking: resources

 

 

Build date: 6/11/2013

Show:
© 2014 Microsoft