private static void ImportPrivateCert(string sPrivateCertPath, string sFilePassword, string m_sThumb, bool m_bIsExportable)
{
Hashtable hs = new Hashtable();
if (m_sIdentityUser == null)
{
ManagementObjectSearcher m_mgMISearcher = new ManagementObjectSearcher(new WqlObjectQuery("SELECT * FROM MSBTS_HostSetting"));
m_mgMISearcher.Scope = new ManagementScope("root\\MicrosoftBizTalkServer");
m_mgMISearcher.Options.ReturnImmediately = true;
ManagementBaseObject[] m_moHostInstances = new ManagementBaseObject[m_mgMISearcher.Get().Count];
m_mgMISearcher.Get().CopyTo(m_moHostInstances, 0);
foreach (ManagementObject oHost in m_moHostInstances)
{
try
{
hs.Add(oHost.GetPropertyValue("LastUsedLogon").ToString().ToUpper(CultureInfo.InvariantCulture), null);
}
catch { }
}
}
else
{
hs.Add(m_sIdentityUser, m_sIdentityPassword);
}
foreach (string sUser in hs.Keys)
{
string sPassword = null;
if (hs[sUser] == null)
{
Console.Write("\r\nEnter password for identity " + sUser + ": ");
sPassword = PwdConsole.ReadLine(); //Console.ReadLine();
}
else
{
sPassword = hs[sUser].ToString();
}
try
{
PrivateKeyManager.ImpersonateUser(sUser, sPassword);
PrivateKeyManager.Import(sPrivateCertPath,
sFilePassword,
m_sThumb,
PrivateKeyManager.CertificateStores.CERT_SYSTEM_STORE_CURRENT_USER, "MY", m_bIsExportable);
Console.WriteLine("Completed importing private certificate to user identity " + sUser + ".");
PrivateKeyManager.UndoImpersonation();
}
catch
{
Console.WriteLine("Failed importing private key to user [" + sUser + "].\n\rCheck that you have entered a valid password.");
}
}
}
static void Main(string[] argv)
{
Hashtable sParameters = new Hashtable();
//check that every parameter name has a value
if (argv.Length >= 1 && (argv[0].ToUpper(CultureInfo.InvariantCulture) == "/H" || argv[0].ToUpper(CultureInfo.InvariantCulture) == "/?" || argv[0].ToUpper(CultureInfo.InvariantCulture) == "/HELP"))
{
DisplayUsage();
Environment.Exit(0);
}
else if (argv.Length % 2 == 1 || argv.Length == 0)
{
m_ErrorBag.Enqueue(ErrorType.MISSING_VALUE);
}
else
{
for (int i = 0; i < argv.Length; i++)
{
if (!argv[i].StartsWith("/", StringComparison.OrdinalIgnoreCase) || argv[i + 1].StartsWith("/", StringComparison.OrdinalIgnoreCase))
{
m_ErrorBag.Enqueue(ErrorType.MISSING_VALUE);
break;
}
try
{
sParameters.Add(argv[i++], argv[i]);
}
catch (ArgumentException)
{
m_ErrorBag.Enqueue(ErrorType.DUPLICATE_PARAMETER);
}
}
}
//check for validity of parameters
if (m_ErrorBag.Count == 0)
{
foreach (string sParameter in sParameters.Keys)
{
switch (sParameter.ToUpper(CultureInfo.InvariantCulture).Substring(0, 5))
{
case "/PRIV":
//PRIVATEKEY
m_KeyType = KeyType.PRIVATE;
if (!File.Exists(sParameters[sParameter].ToString()))
{
m_ErrorBag.Enqueue(ErrorType.FILE_NOTEXIST);
}
else
{
m_sCertFile = sParameters[sParameter].ToString();
}
break;
case "/PUBL":
//PUBLICKEY
m_KeyType = KeyType.PUBLIC;
if (!File.Exists(sParameters[sParameter].ToString()))
{
m_ErrorBag.Enqueue(ErrorType.FILE_NOTEXIST);
}
else
{
m_sCertFile = sParameters[sParameter].ToString();
}
break;
case "/INTE":
m_KeyType = KeyType.INTER;
if (!File.Exists(sParameters[sParameter].ToString()))
{
m_ErrorBag.Enqueue(ErrorType.FILE_NOTEXIST);
}
else
{
m_sCertFile = sParameters[sParameter].ToString();
}
break;
case "/ROOT":
//ROOTKEY
m_KeyType = KeyType.ROOT;
if (!File.Exists(sParameters[sParameter].ToString()))
{
m_ErrorBag.Enqueue(ErrorType.FILE_NOTEXIST);
}
else
{
m_sCertFile = sParameters[sParameter].ToString();
}
break;
case "/FILE":
//FILEPASSWORD
m_sFilePassword = sParameters[sParameter].ToString();
break;
case "/EXPO":
//EXPORT
if (sParameters[sParameter].ToString().ToUpper(CultureInfo.InvariantCulture) == "TRUE")
{
m_bIsExportable = true;
}
else if (sParameters[sParameter].ToString().ToUpper(CultureInfo.InvariantCulture) == "FALSE")
{
m_bIsExportable = false;
}
else
{
m_ErrorBag.Enqueue(ErrorType.INVALID_VALUE);
}
break;
case "/USER":
//USERIDENTITY
m_sIdentityUser = sParameters[sParameter].ToString();
break;
case "/PASS":
//PASSWORD
m_sIdentityPassword = sParameters[sParameter].ToString();
break;
case "/THUM":
//KEYTHUMBPRINT
m_sThumb = sParameters[sParameter].ToString();
break;
case "/USAG":
switch (sParameters[sParameter].ToString().ToUpper(CultureInfo.InvariantCulture).Substring(0, 3))
{
case "DEC":
m_KeyUsage = KeyUsage.DECRYPT;
break;
case "SIG":
m_KeyUsage = KeyUsage.SIGN;
break;
case "NON":
m_KeyUsage = KeyUsage.NONE;
break;
case "BOT":
m_KeyUsage = KeyUsage.BOTH;
break;
case "SSL":
m_KeyUsage = KeyUsage.SSL;
break;
default:
m_ErrorBag.Enqueue(ErrorType.INVALID_USAGE);
break;
}
break;
default:
m_ErrorBag.Enqueue(ErrorType.UNKOWN_PARAMETER);
break;
}
}
}
if (m_ErrorBag.Count == 0)
{
try
{
if (m_KeyType == KeyType.PRIVATE && m_sFilePassword == null)
{
Console.Write("Please enter the password for the certificate file: ");
m_sFilePassword = PwdConsole.ReadLine(); //Console.ReadLine();
Console.WriteLine();
}
if (m_sThumb == null)
{
m_sThumb = PromptForCertificate(m_sCertFile, m_sFilePassword, m_KeyType);
}
switch (m_KeyType)
{
case KeyType.PUBLIC:
ImportPublicCert(m_sCertFile, m_sThumb);
break;
case KeyType.INTER:
ImportIntermediateCert(m_sCertFile, m_sThumb);
break;
case KeyType.PRIVATE:
if (m_KeyUsage == KeyUsage.NULL)
{
string sChoice = "5";
Console.Write("\r\nThis home certificate will be used for (default 5):\r\n[1] Signing [2]Decryption [3] Signing & Decryption [4] IIS SSL [5] None\r\nEnter your option here: ");
sChoice = Console.ReadLine();
if (string.IsNullOrEmpty(sChoice.Trim()))
{
sChoice = "5";
}
switch (sChoice.Substring(0, 1))
{
case "1":
m_KeyUsage = KeyUsage.SIGN;
break;
case "2":
m_KeyUsage = KeyUsage.DECRYPT;
break;
case "3":
m_KeyUsage = KeyUsage.BOTH;
break;
case "4":
m_KeyUsage = KeyUsage.SSL;
break;
default:
m_KeyUsage = KeyUsage.NONE;
break;
}
}
if (m_KeyUsage == KeyUsage.SSL)
{
PrivateKeyManager.Import(m_sCertFile, m_sFilePassword, m_sThumb, PrivateKeyManager.CertificateStores.CERT_SYSTEM_STORE_LOCAL_MACHINE, "MY", m_bIsExportable);
SetSslCertificate(m_sThumb);
Console.WriteLine("\r\nCompleted importing and configuring SSL certificate on IIS.");
}
else if (m_KeyUsage == KeyUsage.DECRYPT || m_KeyUsage == KeyUsage.SIGN || m_KeyUsage == KeyUsage.BOTH || m_KeyUsage == KeyUsage.NONE)
{
ImportPrivateCert(m_sCertFile, m_sFilePassword, m_sThumb, m_bIsExportable);
Console.WriteLine();
if (m_KeyUsage == KeyUsage.DECRYPT || m_KeyUsage == KeyUsage.BOTH)
{
SetDecryptionCertificate(m_sThumb, m_sIdentityUser);
}
if (m_KeyUsage == KeyUsage.SIGN || m_KeyUsage == KeyUsage.BOTH)
{
SetSigningCertificate(m_sThumb);
}
}
break;
case KeyType.ROOT:
ImportPublicRootCert(m_sCertFile);
break;
}
}
catch (Exception e)
{
if (e.Message == "FileOpenError")
{
m_ErrorBag.Enqueue(ErrorType.BAD_FILEPASSWORD);
}
else
{
m_ErrorBag.Enqueue(ErrorType.UNKOWN_PARAMETER);
}
}
}
bool bErrors = (m_ErrorBag.Count > 0);
while (m_ErrorBag.Count > 0)
{
ErrorType error = (ErrorType)m_ErrorBag.Dequeue();
switch (error)
{
case ErrorType.FILE_NOTEXIST:
Console.WriteLine("File does not exists. Please check the path.");
break;
case ErrorType.MISSING_FILENAME:
Console.WriteLine("Certificate file not specified.");
break;
case ErrorType.MISSING_PARAMETER:
Console.WriteLine("Missing parameter.");
break;
case ErrorType.MISSING_VALUE:
Console.WriteLine("One or more parameter values are missing.");
break;
case ErrorType.UNKOWN_PARAMETER:
Console.WriteLine("One or more unknown parameters are supplied.");
break;
case ErrorType.BAD_FILEPASSWORD:
Console.WriteLine("Could not open certificate file. Check password.");
break;
case ErrorType.INVALID_USAGE:
Console.WriteLine("Invalid usage was specified.");
break;
case ErrorType.INVALID_VALUE:
Console.WriteLine("One or more parameters have invalid values.");
break;
case ErrorType.DUPLICATE_PARAMETER:
Console.WriteLine("A parameter was repeated more than once.");
break;
}
}
if (bErrors)
{
DisplayUsage();
Environment.Exit(1);
}
else
{
Console.WriteLine("\r\nImport successfully completed!");
}
}
