Domů Procházet Nápověda
Přihlásit se
SoftwareDesign
/
EVCB_OCPP.OCPPServer.16J
8
0
Rozštěpit 0
Soubory Úkoly 0 Pull Requesty 0 Wiki
Větev: Docker_cert
Větve Značky
EVCB_OCPP.OCPPS...
/
EVCB_OCPP.WSServer
/
Service
/
CertificateService.cs

CertificateService.cs 4.8 KB
Trvalý odkaz Historie Surový

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142 
  1. using Microsoft.Extensions.Configuration;
    2. 

  2. using Microsoft.Extensions.Logging;
    3. 

  3. using System;
    4. 

  4. using System.Collections.Generic;
    5. 

  5. using System.Linq;
    6. 

  6. using System.Net.Http.Json;
    7. 

  7. using System.Runtime;
    8. 

  8. using System.Runtime.ConstrainedExecution;
    9. 

  9. using System.Security.Cryptography;
    10. 

  10. using System.Security.Cryptography.X509Certificates;
    11. 

  11. using System.Text;
    12. 

  12. using System.Text.RegularExpressions;
    13. 

  13. using System.Threading.Tasks;
    14. 

  14. 

  15. namespace EVCB_OCPP.WSServer.Service
    16. 

  16. {
    17. 

  17.     public class CertificateService
    18. 

  18.     {
    19. 

  19. 

  20.         public CertificateService(
    21. 

  21.             ServerMessageService messageService,
    22. 

  22.             IConfiguration configuration,
    23. 

  23.             ILogger<CertificateService> logger)
    24. 

  24.         {
    25. 

  25.             _serverUrl = configuration["CertificateServerUrl"];
    26. 

  26.             _cpon = configuration["ChargingPointOperator"];
    27. 

  27.             this.messageService = messageService;
    28. 

  28.             this.logger = logger;
    29. 

  29.         }
    30. 

  30.         private readonly string _serverUrl;
    31. 

  31.         private readonly string _cpon;
    32. 

  32.         private readonly ServerMessageService messageService;
    33. 

  33.         private readonly ILogger<CertificateService> logger;
    34. 

  34. 

  35.         public async Task SignCertificate(string chargeBoxId, string csr)
    36. 

  36.         {
    37. 

  37.             HttpClient client = new HttpClient();
    38. 

  38.             client.BaseAddress = new Uri(_serverUrl);
    39. 

  39.             var signResult = await client.PostAsJsonAsync("cert/csr", new { csr = csr });
    40. 

  40.             if (!signResult.IsSuccessStatusCode)
    41. 

  41.             {
    42. 

  42.                 logger.LogWarning("{chargeBoxId} csr failed {csr}", chargeBoxId, csr);
    43. 

  43.                 return;
    44. 

  44.             }
    45. 

  45.             var crt = await signResult.Content.ReadAsStringAsync();
    46. 

  46.             await messageService.SendCertificateSignedRequest(chargeBoxId, crt);
    47. 

  47.             client.Dispose();
    48. 

  48.         }
    49. 

  49. 

  50.         public Task<int> CheckClientCertificate(string chargeboxId, X509Certificate2 cert)
    51. 

  51.         {
    52. 

  52.             return CheckClientCertificate(chargeboxId, cert.ExportCertificatePem());
    53. 

  53.         }
    54. 

  54. 

  55.         public async Task<int> CheckClientCertificate(string chargeboxId, string certString)
    56. 

  56.         {
    57. 

  57.             var subject = GetCertificateSubject(certString);
    58. 

  58.             logger.LogInformation("{chargeboxId} with cert subject {subject}", chargeboxId, subject);
    59. 

  59.             if (string.IsNullOrEmpty(subject))
    60. 

  60.             {
    61. 

  61.                 return -1;
    62. 

  62.             }
    63. 

  63. 

  64.             var crtInfo = SubjectToDictionary(subject);
    65. 

  65.             if (crtInfo == null ||
    66. 

  66.                 //!crtInfo.ContainsKey("O") ||
    67. 

  67.                 //crtInfo["O"] != _cpon ||
    68. 

  68.                 !crtInfo.ContainsKey("CN") ||
    69. 

  69.                 crtInfo["CN"] != chargeboxId)
    70. 

  70.             {
    71. 

  71.                 return -1;
    72. 

  72.             }
    73. 

  73. 

  74.             int certServerResult = await CheckClientCertificateRca(certString);
    75. 

  75.             logger.LogInformation("{chargeboxId} with cert authenticate {subject}", chargeboxId, certServerResult);
    76. 

  76.             return certServerResult;
    77. 

  77.         }
    78. 

  78. 

  79.         public async Task<int> CheckClientCertificateRca(string certString)
    80. 

  80.         {
    81. 

  81.             using HttpClient client = new HttpClient();
    82. 

  82.             client.BaseAddress = new Uri(_serverUrl);
    83. 

  83.             var result = await client.PutAsJsonAsync("cert/crt", new { crt = certString });
    84. 

  84.             if (!result.IsSuccessStatusCode)
    85. 

  85.             {
    86. 

  86.                 return -1;
    87. 

  87.             }
    88. 

  88.             var resultContentString = await result.Content.ReadAsStringAsync();
    89. 

  89.             return Convert.ToInt32(resultContentString);
    90. 

  90.         }
    91. 

  91. 

  92.         public Dictionary<string, string> SubjectToDictionary(string subject)
    93. 

  93.         {
    94. 

  94.             try
    95. 

  95.             {
    96. 

  96.                 MatchCollection regexResult = Regex.Matches(subject, "([a-zA-Z]*)=([a-zA-Z0-9]*)");
    97. 

  97.                 if (regexResult.Count == 0)
    98. 

  98.                 {
    99. 

  99.                     return null;
    100. 

  100.                 }
    101. 

  101.                 return regexResult.Where(x => x.Success == true && x.Groups.Count == 3).ToDictionary(x => x.Groups[1].Value, x => x.Groups[2].Value);
    102. 

  102.             }
    103. 

  103.             catch (Exception e)
    104. 

  104.             {
    105. 

  105.                 logger.LogCritical(e.Message);
    106. 

  106.                 logger.LogCritical(e.StackTrace);
    107. 

  107.                 return null;
    108. 

  108.             }
    109. 

  109.         }
    110. 

  110. 

  111.         public string GetCertificateSubject(string crt)
    112. 

  112.         {
    113. 

  113. 

  114.             try
    115. 

  115.             {
    116. 

  116.                 byte[] bytes = Encoding.ASCII.GetBytes(crt);
    117. 

  117.                 var clientCertificate = new X509Certificate2(bytes);
    118. 

  118. 

  119.                 return clientCertificate.Subject;
    120. 

  120.             }
    121. 

  121.             catch
    122. 

  122.             {
    123. 

  123.                 return null;
    124. 

  124.             }
    125. 

  125.         }
    126. 

  126. 

  127.         public string GetCertificateRequestSubject(string csrString)
    128. 

  128.         {
    129. 

  129. 

  130.             try
    131. 

  131.             {
    132. 

  132.                 var csr = CertificateRequest.LoadSigningRequestPem(csrString, HashAlgorithmName.SHA512);
    133. 

  133.                 var test = csr.SubjectName.Name;
    134. 

  134.                 return test;
    135. 

  135.             }
    136. 

  136.             catch
    137. 

  137.             {
    138. 

  138.                 return null;
    139. 

  139.             }
    140. 

  140.         }
    141. 

  141.     }
    142. 

  142. }
    143.