ab#76170

Author: leefine02

RemoteFile/ManagementBase.cs

@@ -82,7 +82,7 @@ public JobResult ProcessJob(ManagementJobConfiguration config)
                         }
                         else
                         {
-                            certificateStore.CreateCertificateStore(certificateStoreSerializer, config, logger);
+                            certificateStore.CreateCertificateStore(certificateStoreSerializer, config.CertificateStoreDetails.Properties, config.CertificateStoreDetails.StorePath, logger);
                         }
                         logger.LogDebug($"END create Operation for {config.CertificateStoreDetails.StorePath} on {config.CertificateStoreDetails.ClientMachine}.");
                         break;

RemoteFile/ReenrollmentBase.cs

@@ -20,7 +20,7 @@
 
 namespace Keyfactor.Extensions.Orchestrator.RemoteFile
 {
-    public abstract class ReenrollmentBase : RemoteFileJobTypeBase
+    public abstract class ReenrollmentBase : RemoteFileJobTypeBase, IReenrollmentJobExtension
     {
         public string ExtensionName => "Keyfactor.Extensions.Orchestrator.RemoteFile";
 
@@ -41,7 +41,7 @@ internal enum SupportedKeyTypeEnum
         // 6) Modify ReenrollmentBase to implement IReenrollmentJobExtension 
         // 6) Update README.  Remember to explain the differences between ODKG and OOKG
 
-        public JobResult ProcessJobToDo(ReenrollmentJobConfiguration config, SubmitReenrollmentCSR submitReenrollment)
+        public JobResult ProcessJob(ReenrollmentJobConfiguration config, SubmitReenrollmentCSR submitReenrollment)
         {
             ILogger logger = LogHandler.GetClassLogger(this.GetType());
 
@@ -80,21 +80,35 @@ public JobResult ProcessJobToDo(ReenrollmentJobConfiguration config, SubmitReenr
                 }
                 else
                 {
-                    csr = certificateStore.GenerateCSR(SubjectText, config.Overwrite, config.Alias, KeyTypeEnum, KeySize, config.SANs, out privateKey));
+                    csr = certificateStore.GenerateCSR(SubjectText, config.Overwrite, config.Alias, KeyTypeEnum, KeySize, config.SANs, out privateKey);
                 }
 
                 X509Certificate2 cert = submitReenrollment.Invoke(csr);
-                cert.
+
                 if (cert == null)
                     throw new RemoteFileException("Enrollment of CSR failed.  Please check Keyfactor Command logs for more information on potential enrollment errors.");
 
-                //AsymmetricAlgorithm alg = KeyTypeEnum == SupportedKeyTypeEnum.RSA ? RSA.Create() : ECDsa.Create();
-                //alg.ImportEncryptedPkcs8PrivateKey(string.Empty, Keyfactor.PKI.PEM.PemUtilities.PEMToDER(pemPrivateKey), out _);
-                //cert = KeyTypeEnum == SupportedKeyTypeEnum.RSA ? cert.CopyWithPrivateKey((RSA)alg) : cert.CopyWithPrivateKey((ECDsa)alg);
+                switch (privateKey)
+                {
+                    case RSA rsa:
+                        cert = cert.CopyWithPrivateKey(rsa);
+                        break;
+
+                    case ECDsa ecdsa:
+                        cert = cert.CopyWithPrivateKey(ecdsa);
+                        break;
+
+                    case DSA dsa:
+                        cert = cert.CopyWithPrivateKey(dsa);
+                        break;
+
+                    default:
+                        throw new NotSupportedException($"Unsupported key type: {privateKey?.GetType().Name}");
+                }
 
                 // save certificate
                 certificateStore.LoadCertificateStore(certificateStoreSerializer, false);
-                certificateStore.AddCertificate(alias ?? cert.Thumbprint, Convert.ToBase64String(cert.Export(X509ContentType.Pfx)), overwrite, null, RemoveRootCertificate);
+                certificateStore.AddCertificate(config.Alias ?? cert.Thumbprint, Convert.ToBase64String(cert.Export(X509ContentType.Pfx)), config.Overwrite, null, RemoveRootCertificate);
                 certificateStore.SaveCertificateStore(certificateStoreSerializer.SerializeRemoteCertificateStore(certificateStore.GetCertificateStore(), storePathFile.Path, storePathFile.File, StorePassword, certificateStore.RemoteHandler));
 
                 logger.LogDebug($"END add Operation for {config.CertificateStoreDetails.StorePath} on {config.CertificateStoreDetails.ClientMachine}.");

RemoteFile/RemoteCertificateStore.cs

@@ -347,10 +347,10 @@ internal static PathFile SplitStorePathFile(string pathFileName)
             }
         }
 
-        internal string GenerateCSROnDevice(string subjectText, bool overwrite, string alias, SupportedKeyTypeEnum keyType, int keySize, Dictionary<string, string[]> sans, out AsymmetricAlgorithm pemPrivateKey)
+        internal string GenerateCSROnDevice(string subjectText, bool overwrite, string alias, SupportedKeyTypeEnum keyType, int keySize, Dictionary<string, string[]> sans, out AsymmetricAlgorithm privateKey)
         {
             string csr = string.Empty;
-            pemPrivateKey = string.Empty;
+            privateKey = RSA.Create();
 
             return csr;
         }

RemoteFile/manifest.json

@@ -13,6 +13,10 @@
         "assemblypath": "RemoteFile.dll",
         "TypeFullName": "Keyfactor.Extensions.Orchestrator.RemoteFile.Discovery"
       },
+      "CertStores.RFPkcs12.Reenrollment": {
+        "assemblypath": "RemoteFile.dll",
+        "TypeFullName": "Keyfactor.Extensions.Orchestrator.RemoteFile.Reenrollment"
+      },
       "CertStores.RFPEM.Inventory": {
         "assemblypath": "RemoteFile.dll",
         "TypeFullName": "Keyfactor.Extensions.Orchestrator.RemoteFile.PEM.Inventory"
@@ -25,6 +29,10 @@
         "assemblypath": "RemoteFile.dll",
         "TypeFullName": "Keyfactor.Extensions.Orchestrator.RemoteFile.Discovery"
       },
+      "CertStores.RFPEM.Reenrollment": {
+        "assemblypath": "RemoteFile.dll",
+        "TypeFullName": "Keyfactor.Extensions.Orchestrator.RemoteFile.Reenrollment"
+      },
       "CertStores.RFJKS.Inventory": {
         "assemblypath": "RemoteFile.dll",
         "TypeFullName": "Keyfactor.Extensions.Orchestrator.RemoteFile.JKS.Inventory"
@@ -37,6 +45,10 @@
         "assemblypath": "RemoteFile.dll",
         "TypeFullName": "Keyfactor.Extensions.Orchestrator.RemoteFile.Discovery"
       },
+      "CertStores.RFJKS.Reenrollment": {
+        "assemblypath": "RemoteFile.dll",
+        "TypeFullName": "Keyfactor.Extensions.Orchestrator.RemoteFile.Reenrollment"
+      },
       "CertStores.RFKDB.Inventory": {
         "assemblypath": "RemoteFile.dll",
         "TypeFullName": "Keyfactor.Extensions.Orchestrator.RemoteFile.KDB.Inventory"
@@ -61,6 +73,10 @@
         "assemblypath": "RemoteFile.dll",
         "TypeFullName": "Keyfactor.Extensions.Orchestrator.RemoteFile.Discovery"
       },
+      "CertStores.RFDER.Reenrollment": {
+        "assemblypath": "RemoteFile.dll",
+        "TypeFullName": "Keyfactor.Extensions.Orchestrator.RemoteFile.Reenrollment"
+      },
       "CertStores.RFORA.Inventory": {
         "assemblypath": "RemoteFile.dll",
         "TypeFullName": "Keyfactor.Extensions.Orchestrator.RemoteFile.OraWlt.Inventory"