public static extern IntPtr CertCreateSelfSignCertificate( IntPtr hProv, ref CERT_NAME_BLOB pSubjectIssuerBlob, uint dwFlagsm, ref CRYPT_KEY_PROV_INFO pKeyProvInfo, IntPtr pSignatureAlgorithm, IntPtr pStartTime, IntPtr pEndTime, IntPtr other) ;
public static extern IntPtr CertCreateSelfSignCertificate( IntPtr hProv, ref CERT_NAME_BLOB pSubjectIssuerBlob, uint dwFlagsm, ref CRYPT_KEY_PROV_INFO pKeyProvInfo, IntPtr pSignatureAlgorithm, IntPtr pStartTime, IntPtr pEndTime, IntPtr other);
private static IntPtr CreateUnsignedCertCntxt( string keycontainer, string provider, uint KEYSPEC, uint cspflags, string DN) { IntPtr zero = IntPtr.Zero; byte[] numArray = (byte[])null; uint pcbEncoded = 0; if (provider != "Microsoft Base Cryptographic Provider v1.0" && provider != "Microsoft Strong Cryptographic Provider" && provider != "Microsoft Enhanced Cryptographic Provider v1.0" || (keycontainer == "" || KEYSPEC != 2U && KEYSPEC != 1U) || (cspflags != 0U && cspflags != 32U || DN == "")) { return(IntPtr.Zero); } if (Win32.CertStrToName(1U, DN, 3U, IntPtr.Zero, (byte[])null, ref pcbEncoded, IntPtr.Zero)) { numArray = new byte[pcbEncoded]; Win32.CertStrToName(1U, DN, 3U, IntPtr.Zero, numArray, ref pcbEncoded, IntPtr.Zero); } CERT_NAME_BLOB pSubjectIssuerBlob = new CERT_NAME_BLOB(); pSubjectIssuerBlob.pbData = Marshal.AllocHGlobal(numArray.Length); Marshal.Copy(numArray, 0, pSubjectIssuerBlob.pbData, numArray.Length); pSubjectIssuerBlob.cbData = numArray.Length; var x = new CRYPT_KEY_PROV_INFO() { pwszContainerName = keycontainer, pwszProvName = provider, dwProvType = 1U, dwFlags = cspflags, cProvParam = 0U, rgProvParam = IntPtr.Zero, dwKeySpec = KEYSPEC }; IntPtr selfSignCertificate = Win32.CertCreateSelfSignCertificate(IntPtr.Zero, ref pSubjectIssuerBlob, 1U, ref x, IntPtr.Zero, IntPtr.Zero, IntPtr.Zero, IntPtr.Zero); if (selfSignCertificate == IntPtr.Zero) { opensslkey.showWin32Error(Marshal.GetLastWin32Error()); } Marshal.FreeHGlobal(pSubjectIssuerBlob.pbData); return(selfSignCertificate); }
private static IntPtr CreateUnsignedCertCntxt(String keycontainer, String provider, uint KEYSPEC, uint cspflags, String DN) { const uint AT_KEYEXCHANGE = 0x00000001; const uint AT_SIGNATURE = 0x00000002; const uint CRYPT_MACHINE_KEYSET = 0x00000020; const uint PROV_RSA_FULL = 0x00000001; const String MS_DEF_PROV = "Microsoft Base Cryptographic Provider v1.0"; const String MS_STRONG_PROV = "Microsoft Strong Cryptographic Provider"; const String MS_ENHANCED_PROV = "Microsoft Enhanced Cryptographic Provider v1.0"; const uint CERT_CREATE_SELFSIGN_NO_SIGN = 1 ; const uint X509_ASN_ENCODING = 0x00000001; const uint CERT_X500_NAME_STR = 3; IntPtr hCertCntxt = IntPtr.Zero; byte[] encodedName = null; uint cbName = 0; if( provider != MS_DEF_PROV && provider != MS_STRONG_PROV && provider != MS_ENHANCED_PROV) return IntPtr.Zero; if(keycontainer == "") return IntPtr.Zero; if( KEYSPEC != AT_SIGNATURE && KEYSPEC != AT_KEYEXCHANGE) return IntPtr.Zero; if(cspflags != 0 && cspflags != CRYPT_MACHINE_KEYSET) //only 0 (Current User) keyset is currently used. return IntPtr.Zero; if (DN == "") return IntPtr.Zero; if(Win32.CertStrToName(X509_ASN_ENCODING, DN, CERT_X500_NAME_STR, IntPtr.Zero, null, ref cbName, IntPtr.Zero)) { encodedName = new byte[cbName] ; Win32.CertStrToName(X509_ASN_ENCODING, DN, CERT_X500_NAME_STR, IntPtr.Zero, encodedName, ref cbName, IntPtr.Zero); } CERT_NAME_BLOB subjectblob = new CERT_NAME_BLOB(); subjectblob.pbData = Marshal.AllocHGlobal(encodedName.Length); Marshal.Copy(encodedName, 0, subjectblob.pbData, encodedName.Length); subjectblob.cbData = encodedName.Length; CRYPT_KEY_PROV_INFO pInfo = new CRYPT_KEY_PROV_INFO(); pInfo.pwszContainerName = keycontainer; pInfo.pwszProvName = provider; pInfo.dwProvType = PROV_RSA_FULL; pInfo.dwFlags = cspflags; pInfo.cProvParam = 0; pInfo.rgProvParam = IntPtr.Zero; pInfo.dwKeySpec = KEYSPEC; hCertCntxt = Win32.CertCreateSelfSignCertificate(IntPtr.Zero, ref subjectblob, CERT_CREATE_SELFSIGN_NO_SIGN, ref pInfo, IntPtr.Zero, IntPtr.Zero, IntPtr.Zero, IntPtr.Zero); if(hCertCntxt == IntPtr.Zero) showWin32Error(Marshal.GetLastWin32Error()); Marshal.FreeHGlobal(subjectblob.pbData); return hCertCntxt ; }
private bool GetRecipientPVKProps(String searchstr) { IntPtr hSysStore = IntPtr.Zero; IntPtr hCertCntxt = IntPtr.Zero; IntPtr pProvInfo = IntPtr.Zero; uint provinfosize = 0; string searchstore = "MY"; //only include MY store bool gotpvkprops = false; uint openflags = CERT_SYSTEM_STORE_CURRENT_USER | CERT_STORE_READONLY_FLAG | CERT_STORE_OPEN_EXISTING_FLAG; hSysStore = Win32.CertOpenStore("System", ENCODING_TYPE, IntPtr.Zero, openflags, searchstore); if (hSysStore == IntPtr.Zero) { Console.WriteLine("Failed to open system store {0}", searchstore); return(false); } //--- only accept the first matching certificate ---- hCertCntxt = Win32.CertFindCertificateInStore( hSysStore, ENCODING_TYPE, 0, CERT_FIND_SUBJECT_STR, searchstr, IntPtr.Zero); if (hCertCntxt == IntPtr.Zero) { Win32.CertCloseStore(hSysStore, 0); return(gotpvkprops); } if (!Win32.CertGetCertificateContextProperty(hCertCntxt, CERT_KEY_PROV_INFO_PROP_ID, IntPtr.Zero, ref provinfosize)) { if (hCertCntxt != IntPtr.Zero) { Win32.CertFreeCertificateContext(hCertCntxt); } Win32.CertCloseStore(hSysStore, 0); return(gotpvkprops); } pProvInfo = Marshal.AllocHGlobal((int)provinfosize); if (Win32.CertGetCertificateContextProperty(hCertCntxt, CERT_KEY_PROV_INFO_PROP_ID, pProvInfo, ref provinfosize)) { CRYPT_KEY_PROV_INFO ckinfo = (CRYPT_KEY_PROV_INFO)Marshal.PtrToStructure(pProvInfo, typeof(CRYPT_KEY_PROV_INFO)); Marshal.FreeHGlobal(pProvInfo); this.recipcert = new X509Certificate(hCertCntxt); this.keycontainer = ckinfo.ContainerName; this.RSAkeytype = (int)ckinfo.KeySpec; gotpvkprops = true; // only way for valid return } else { Marshal.FreeHGlobal(pProvInfo); } //------- Clean Up ----------- if (hCertCntxt != IntPtr.Zero) { Win32.CertFreeCertificateContext(hCertCntxt); } if (hSysStore != IntPtr.Zero) { Win32.CertCloseStore(hSysStore, 0); } return(gotpvkprops); }