/// <summary>
/// Generates the root ca certificate.
/// </summary>
/// <param name="rootCertificateAuthority">The root certificate authority.</param>
private void GenerateRootCaCertificate(CertificateAuthorityConfiguration rootCertificateAuthority)
{
/* Create an RSA public/private key context, set a label for it, and generate a key into it */
var caKeyPair = crypt.CreateContext(crypt.UNUSED, crypt.ALGO_RSA);
crypt.SetAttributeString(caKeyPair, crypt.CTXINFO_LABEL, rootCertificateAuthority.KeyLabel);
crypt.SetAttribute(caKeyPair, crypt.CTXINFO_KEYSIZE, 2048 / 8);
crypt.GenerateKey(caKeyPair);
var caKeyStore = crypt.KeysetOpen(crypt.UNUSED, crypt.KEYSET_FILE,
rootCertificateAuthority.KeystoreFileName,
crypt.KEYOPT_CREATE);
crypt.AddPrivateKey(caKeyStore, caKeyPair, rootCertificateAuthority.PrivateKeyPassword);
crypt.KeysetClose(caKeyStore);
var certificate = crypt.CreateCert(crypt.UNUSED, crypt.CERTTYPE_CERTIFICATE);
crypt.SetAttribute(certificate, crypt.CERTINFO_SUBJECTPUBLICKEYINFO, caKeyPair);
crypt.SetAttributeString(certificate, crypt.CERTINFO_COUNTRYNAME,
rootCertificateAuthority.DistinguishedName.Country);
crypt.SetAttributeString(certificate, crypt.CERTINFO_STATEORPROVINCENAME,
rootCertificateAuthority.DistinguishedName.State);
crypt.SetAttributeString(certificate, crypt.CERTINFO_LOCALITYNAME,
rootCertificateAuthority.DistinguishedName.Locality);
crypt.SetAttributeString(certificate, crypt.CERTINFO_ORGANIZATIONNAME,
rootCertificateAuthority.DistinguishedName.Organization);
crypt.SetAttributeString(certificate, crypt.CERTINFO_ORGANIZATIONALUNITNAME,
rootCertificateAuthority.DistinguishedName.OrganizationalUnit);
crypt.SetAttributeString(certificate, crypt.CERTINFO_COMMONNAME,
rootCertificateAuthority.DistinguishedName.CommonName);
crypt.SetAttribute(certificate, crypt.CERTINFO_SELFSIGNED, 1);
crypt.SetAttribute(certificate, crypt.CERTINFO_CA, 1);
crypt.SetAttribute(certificate, crypt.ATTRIBUTE_CURRENT, crypt.CERTINFO_AUTHORITYINFO_CERTSTORE);
crypt.SetAttributeString(certificate, crypt.CERTINFO_UNIFORMRESOURCEIDENTIFIER,
rootCertificateAuthority.CertStoreUrl);
crypt.SetAttribute(certificate, crypt.ATTRIBUTE_CURRENT, crypt.CERTINFO_AUTHORITYINFO_OCSP);
crypt.SetAttributeString(certificate, crypt.CERTINFO_UNIFORMRESOURCEIDENTIFIER,
rootCertificateAuthority.OcspUrl);
crypt.SignCert(certificate, caKeyPair);
crypt.AddPublicKey(caKeyStore, certificate);
var dataSize = crypt.ExportCert(null, 0, crypt.CERTFORMAT_CERTIFICATE, certificate);
var exportedCert = new byte[dataSize];
crypt.ExportCert(exportedCert, dataSize, crypt.CERTFORMAT_CERTIFICATE, certificate);
File.WriteAllBytes(rootCertificateAuthority.CertificateFileName, exportedCert);
crypt.DestroyContext(caKeyPair);
crypt.DestroyCert(certificate);
}
/// <summary>
/// Installs the specified root certificate authority.
/// </summary>
/// <param name="rootCertificateAuthority">The root certificate authority.</param>
/// <param name="intermediateCertificateAuthorities">The intermediate certificate authorities.</param>
public void Install(CertificateAuthorityConfiguration rootCertificateAuthority,
List <CertificateConfiguration> intermediateCertificateAuthorities)
{
GenerateRootCaCertificate(rootCertificateAuthority);
InitializeCertificateStore(rootCertificateAuthority);
foreach (var configuration in intermediateCertificateAuthorities)
{
GenerateIntermediateCertificate(configuration);
}
}
/// <summary>
/// Initializes the certificate store.
/// </summary>
private void InitializeCertificateStore(CertificateAuthorityConfiguration rootCertificateAuthority)
{
if (!File.Exists(rootCertificateAuthority.CertificateStoreFilePath))
{
var file = File.Create(rootCertificateAuthority.CertificateStoreFilePath);
file.Close();
}
var certStore = crypt.KeysetOpen(crypt.UNUSED, crypt.KEYSET_ODBC_STORE, rootCertificateAuthority.CertificateStoreOdbcName, crypt.KEYOPT_CREATE);
crypt.KeysetClose(certStore);
}
private void InitializeCertificateStore(CertificateAuthorityConfiguration configuration)
{
// Don't need this section unless using SQLite
if (!File.Exists(configuration.CertificateStoreFilePath))
{
var file = File.Create(configuration.CertificateStoreFilePath);
file.Close();
}
var certStore = crypt.KeysetOpen(crypt.UNUSED, crypt.KEYSET_ODBC_STORE,
configuration.CertificateStoreOdbcName, crypt.KEYOPT_CREATE);
crypt.KeysetClose(certStore);
}
public void Install(CertificateAuthorityConfiguration rootCertificateAuthority,
List <CertificateConfiguration> intermediateCertificateAuthorities)
{
if (!Directory.Exists(ConfigurationData.BaseDirectory))
{
Directory.CreateDirectory(ConfigurationData.BaseDirectory);
}
GenerateRootCaCertificate(rootCertificateAuthority);
InitializeCertificateStore(rootCertificateAuthority);
foreach (var configuration in intermediateCertificateAuthorities)
{
GenerateIntermediateCertificate(configuration);
}
}
private void GenerateRootCaCertificate(CertificateAuthorityConfiguration configuration)
{
}
public void SubmitCertificateRequest(CertificateAuthorityConfiguration certificateAuthorityConfiguration,
string certificateRequestFileName)
{
}
public void IssueCertificate(CertificateAuthorityConfiguration certificateAuthorityConfiguration,
string certificateEmailAddress, string certificateFileName)
{
}
