Code cleanup.

jjrdk · Jun 7, 2022 · 14279e6 · 14279e6
1 parent 4230041
commit 14279e6
Show file tree

Hide file tree

Showing 6 changed files with 18 additions and 12 deletions.
diff --git a/src/opencertserver.ca.utils/CertificateConstants.cs b/src/opencertserver.ca.utils/CertificateConstants.cs
@@ -0,0 +1,7 @@
+namespace OpenCertServer.Ca.Utils;
+
+public static class CertificateConstants
+{
+    public const string RsaOid = "1.2.840.113549.1.1.1";
+    public const string EcdsaOid = "1.2.840.10045.2.1";
+}
diff --git a/src/opencertserver.ca.utils/X509CertificatesExtensions.cs b/src/opencertserver.ca.utils/X509CertificatesExtensions.cs
@@ -8,7 +8,7 @@
     using System.Text;
     using System.Threading;
     using System.Threading.Tasks;
-
+    
     public static class X509CertificatesExtensions
     {
         public static string ToPem(this X509Certificate2 cert)

diff --git a/src/opencertserver.ca/CertificateAuthority.cs b/src/opencertserver.ca/CertificateAuthority.cs
@@ -92,12 +92,12 @@ public SignCertificateResponse SignCertificateRequest(
             _logger.LogInformation("Creating certificate for {subjectName}", request.SubjectName.Name);
             var cert = request.PublicKey.Oid.Value switch
             {
-                "1.2.840.113549.1.1.1" => request.Create(
+                CertificateConstants.RsaOid => request.Create(
                        _rsaCertificate,
                        DateTimeOffset.UtcNow.Date,
                        DateTimeOffset.UtcNow.Date.Add(_certificateValidity),
                        BitConverter.GetBytes(DateTime.UtcNow.Ticks)),
-                "1.2.840.10045.2.1" => request.Create(
+                CertificateConstants.EcdsaOid => request.Create(
                     _ecdsaCertificate,
                     DateTimeOffset.UtcNow.Date,
                     DateTimeOffset.UtcNow.Date.Add(_certificateValidity),

diff --git a/src/opencertserver.est.client/EstClient.cs b/src/opencertserver.est.client/EstClient.cs
@@ -67,11 +67,11 @@ public async Task<X509Certificate2> ReEnroll(
 
             var certRequest = oidValue switch
             {
-                "1.2.840.10045.2.1" => CreateCertificateRequest(
+                CertificateConstants.EcdsaOid => CreateCertificateRequest(
                     certificate.SubjectName,
                     certificate.GetECDsaPrivateKey()!,
                     usageFlags),
-                "1.2.840.113549.1.1.1" => CreateCertificateRequest(certificate.SubjectName,
+                CertificateConstants.RsaOid => CreateCertificateRequest(certificate.SubjectName,
                     certificate.GetRSAPrivateKey()!,
                     usageFlags),
                 _ => throw new NotSupportedException($"{oidValue} is not supported")

diff --git a/src/opencertserver.est.server/CertificateServerExtensions.cs b/src/opencertserver.est.server/CertificateServerExtensions.cs
@@ -2,6 +2,7 @@ namespace OpenCertServer.Est.Server
 {
     using System;
     using System.Security.Cryptography.X509Certificates;
+    using Ca.Utils;
     using Handlers;
     using Microsoft.AspNetCore.Authorization;
     using Microsoft.AspNetCore.Builder;
@@ -14,9 +15,6 @@ namespace OpenCertServer.Est.Server
     /// </summary>
     public static class CertificateServerExtensions
     {
-        private const string RsaOid = "1.2.840.113549.1.1.1";
-        private const string EcdsaOid = "1.2.840.10045.2.1";
-
         public static IServiceCollection AddEstServer(
             this IServiceCollection services,
             X500DistinguishedName distinguishedName,
@@ -43,12 +41,12 @@ public static IServiceCollection AddEstServer(
             X509Certificate2 ecdsaCertificate,
             Func<X509Chain, bool>? chainValidation = null)
         {
-            if (rsaCertificate.PublicKey.Oid.Value != RsaOid)
+            if (rsaCertificate.PublicKey.Oid.Value != CertificateConstants.RsaOid)
             {
                 throw new ArgumentException("Must be an RSA key certificate");
             }
 
-            if (ecdsaCertificate.PublicKey.Oid.Value != EcdsaOid)
+            if (ecdsaCertificate.PublicKey.Oid.Value != CertificateConstants.EcdsaOid)
             {
                 throw new ArgumentException("Must be an ECDSA key certificate");
             }

diff --git a/src/opencertserver.est.server/Handlers/SimpleReEnrollHandler.cs b/src/opencertserver.est.server/Handlers/SimpleReEnrollHandler.cs
@@ -6,6 +6,7 @@
     using System.Security.Cryptography;
     using System.Security.Cryptography.X509Certificates;
     using System.Threading.Tasks;
+    using Ca.Utils;
     using Microsoft.AspNetCore.Http;
     using Microsoft.Extensions.Primitives;
     using OpenCertServer.Ca;
@@ -51,11 +52,11 @@ public async Task Handle(HttpContext ctx)
 
             var request = cert.PublicKey.Oid.Value switch
             {
-                "1.2.840.10045.2.1" => new CertificateRequest(
+                CertificateConstants.EcdsaOid => new CertificateRequest(
                     cert.SubjectName,
                     cert.GetECDsaPublicKey()!,
                     HashAlgorithmName.SHA256),
-                "1.2.840.113549.1.1.1" => new CertificateRequest(
+                CertificateConstants.RsaOid => new CertificateRequest(
                     cert.SubjectName,
                     cert.GetRSAPublicKey()!,
                     HashAlgorithmName.SHA256,