/// <summary>
/// Certificate constructor to intialize objects and values required to create a certificate
/// </summary>
public Certificate()
{
try
{
// Create objects required
objCertRequest = new CX509CertificateRequestCertificate();
objCSP = new CCspInformation();
objCSPs = new CCspInformations();
objDN = new CX500DistinguishedName();
objEnroll = new CX509Enrollment();
objObjectId = new CObjectId();
objPrivateKey = (IX509PrivateKey)Activator.CreateInstance(Type.GetTypeFromProgID("X509Enrollment.CX509PrivateKey"));
// Friendly name
this.FriendlyName = "";
// Set default values. Refer to https://msdn.microsoft.com/en-us/library/windows/desktop/aa374846(v=vs.85).aspx
this.CryptographicProviderName = "Microsoft Enhanced Cryptographic Provider v1.0";
this.KeySize = 2048;
// Use key for encryption
this.KeySpec = X509KeySpec.XCN_AT_KEYEXCHANGE;
// The key can be used for decryption
this.KeyUsage = X509PrivateKeyUsageFlags.XCN_NCRYPT_ALLOW_DECRYPT_FLAG;
// Create for user and not machine
this.MachineContext = false;
// Default to expire in 1 year
this.ExpirationLengthInDays = 365;
// Let th private key be exported in plain text
this.ExportPolicy = X509PrivateKeyExportFlags.XCN_NCRYPT_ALLOW_PLAINTEXT_EXPORT_FLAG;
// This is intended for a computer
this.EnrollmentContextMachine = X509CertificateEnrollmentContext.ContextUser;
// Use a hasing algorithm
this.ObjectIdGroupId = ObjectIdGroupId. XCN_CRYPT_HASH_ALG_OID_GROUP_ID;
this.ObjectIdPublicKeyFlags = ObjectIdPublicKeyFlags.XCN_CRYPT_OID_INFO_PUBKEY_ANY;
this.AlgorithmFlags = AlgorithmFlags.AlgorithmFlagsNone;
// Use SHA-2 with 512 bits
this.AlgorithmName = "SHA512";
this.EncodingType = EncodingType.XCN_CRYPT_STRING_BASE64;
// Allow untrusted certificate to be installed
this.InstallResponseRestrictionFlags = InstallResponseRestrictionFlags.AllowUntrustedCertificate;
// No password set
this.Password = null;
// Enable key to be exported, keep the machine set, and persist the key set
// https://msdn.microsoft.com/en-us/library/system.security.cryptography.x509certificates.x509keystorageflags(v=vs.110).aspx
this.ExportableFlags = X509KeyStorageFlags.Exportable | X509KeyStorageFlags.MachineKeySet | X509KeyStorageFlags.PersistKeySet;
}
catch (Exception ex)
{
throw ex;
}
}
/// <summary>
/// Certificate constructor to intialize objects and values required to create a certificate
/// </summary>
public Certificate()
{
try
{
// Create objects required
objCertRequest = new CX509CertificateRequestCertificate();
objCSP = new CCspInformation();
objCSPs = new CCspInformations();
objDN = new CX500DistinguishedName();
objEnroll = new CX509Enrollment();
objObjectId = new CObjectId();
objPrivateKey = (IX509PrivateKey)Activator.CreateInstance(Type.GetTypeFromProgID("X509Enrollment.CX509PrivateKey"));
// Friendly name
this.FriendlyName = "";
// Set default values. Refer to https://msdn.microsoft.com/en-us/library/windows/desktop/aa374846(v=vs.85).aspx
this.CryptographicProviderName = "Microsoft Enhanced Cryptographic Provider v1.0";
this.KeySize = 2048;
// Use key for encryption
this.KeySpec = X509KeySpec.XCN_AT_KEYEXCHANGE;
// The key can be used for decryption
this.KeyUsage = X509PrivateKeyUsageFlags.XCN_NCRYPT_ALLOW_DECRYPT_FLAG;
// Create for user and not machine
this.MachineContext = false;
// Default to expire in 1 year
this.ExpirationLengthInDays = 365;
// Let th private key be exported in plain text
this.ExportPolicy = X509PrivateKeyExportFlags.XCN_NCRYPT_ALLOW_PLAINTEXT_EXPORT_FLAG;
// This is intended for a computer
this.EnrollmentContextMachine = X509CertificateEnrollmentContext.ContextUser;
// Use a hasing algorithm
this.ObjectIdGroupId = ObjectIdGroupId.XCN_CRYPT_HASH_ALG_OID_GROUP_ID;
this.ObjectIdPublicKeyFlags = ObjectIdPublicKeyFlags.XCN_CRYPT_OID_INFO_PUBKEY_ANY;
this.AlgorithmFlags = AlgorithmFlags.AlgorithmFlagsNone;
// Use SHA-2 with 512 bits
this.AlgorithmName = "SHA512";
this.EncodingType = EncodingType.XCN_CRYPT_STRING_BASE64;
// Allow untrusted certificate to be installed
this.InstallResponseRestrictionFlags = InstallResponseRestrictionFlags.AllowUntrustedCertificate;
// No password set
this.Password = null;
// Enable key to be exported, keep the machine set, and persist the key set
// https://msdn.microsoft.com/en-us/library/system.security.cryptography.x509certificates.x509keystorageflags(v=vs.110).aspx
this.ExportableFlags = X509KeyStorageFlags.Exportable | X509KeyStorageFlags.MachineKeySet | X509KeyStorageFlags.PersistKeySet;
}
catch (Exception ex)
{
throw ex;
}
}
