예제 #1
0
        /// <summary>
        /// Create a certificate
        /// </summary>
        /// <param name="request">A request to generate certificate</param>
        /// <returns>Returns a pointer to the signed certificate</returns>
        internal static unsafe IntPtr CreateSelfSignedCertificatePtr(CertificateGenerationRequest request)
        {
            if (request == null)
            {
                throw new ArgumentNullException("request");
            }

            if (string.IsNullOrWhiteSpace(request.Subject))
            {
                throw new ArgumentException("request.Subject is null");
            }

            NativeMethods.CERT_NAME_BLOB pSubjectIssuerBlob = new NativeMethods.CERT_NAME_BLOB(0, null);

            IntPtr extensionsPtr = IntPtr.Zero;

            var subjectName = request.Subject;
            var extensions  = request.Extensions;

            var parameters = request.Parameters;

            if (parameters == null)
            {
                parameters = new CspParameters()
                {
                    ProviderName     = MS_ENH_RSA_AES_PROV,
                    ProviderType     = PROV_RSA_AES,
                    KeyContainerName = Guid.NewGuid().ToString(),
                    KeyNumber        = (int)KeyNumber.Exchange,
                    Flags            = CspProviderFlags.UseMachineKeyStore
                }
            }
            ;

            var keySize = request.KeySize;

            if (keySize <= 0)
            {
                keySize = MINIMUM_SELF_SIGNED_CERTIFICATE_KEYSIZE;
            }

            var expirationLength = request.ExpirationLength;

            if (expirationLength <= TimeSpan.MinValue)
            {
                expirationLength = TimeSpan.FromDays(365);
            }

            var durationInMinutes = expirationLength.TotalMinutes;

            var signatureAlgo = request.SignatureAlgorithm;

            if (string.IsNullOrWhiteSpace(signatureAlgo))
            {
                signatureAlgo = NativeMethods.OID_RSA_SHA256RSA;
            }

            string container = Guid.NewGuid().ToString();

            try
            {
                uint pcbEncoded = 0;

                if (!NativeMethods.CertStrToName(NativeMethods.X509_ASN_ENCODING, subjectName, NativeMethods.CERT_X500_NAME_STR, IntPtr.Zero, null, ref pcbEncoded, IntPtr.Zero) && pcbEncoded <= 0)
                {
                    throw new Win32Exception(Marshal.GetLastWin32Error());
                }

                byte[] pbEncoded = new byte[pcbEncoded];

                if (!NativeMethods.CertStrToName(NativeMethods.X509_ASN_ENCODING, subjectName, NativeMethods.CERT_X500_NAME_STR, IntPtr.Zero, pbEncoded, ref pcbEncoded, IntPtr.Zero))
                {
                    throw new Win32Exception(Marshal.GetLastWin32Error());
                }

                using (new RSACryptoServiceProvider(keySize, parameters))
                {
                    pSubjectIssuerBlob.CopyData(pbEncoded);

                    NativeMethods.CRYPT_KEY_PROV_INFO pKeyProvInfo = new NativeMethods.CRYPT_KEY_PROV_INFO
                    {
                        pwszProvName      = parameters.ProviderName,
                        pwszContainerName = parameters.KeyContainerName,
                        dwProvType        = (uint)parameters.ProviderType,
                        dwFlags           = 0x20, //(uint)parameters.Flags,
                        dwKeySpec         = (uint)parameters.KeyNumber
                    };

                    NativeMethods.CRYPT_ALGORITHM_IDENTIFIER pSignatureAlgorithm = new NativeMethods.CRYPT_ALGORITHM_IDENTIFIER
                    {
                        pszObjId = signatureAlgo
                    };

                    pSignatureAlgorithm.parameters.cbData = 0;
                    pSignatureAlgorithm.parameters.pbData = IntPtr.Zero;

                    NativeMethods.SYSTEM_TIME pStartTime = new NativeMethods.SYSTEM_TIME(DateTime.UtcNow);
                    NativeMethods.SYSTEM_TIME pEndTime   = new NativeMethods.SYSTEM_TIME(DateTime.UtcNow.AddMinutes((double)durationInMinutes));

                    extensionsPtr = CertUtil.ConvertExtensions(extensions)[0];

                    IntPtr handle = NativeMethods.CertCreateSelfSignCertificate(IntPtr.Zero, ref pSubjectIssuerBlob, 0, ref pKeyProvInfo, ref pSignatureAlgorithm, ref pStartTime, ref pEndTime, extensionsPtr);

                    if (handle == IntPtr.Zero)
                    {
                        throw new Win32Exception(Marshal.GetLastWin32Error());
                    }

                    return(handle);
                }
            }
            finally
            {
                if (IntPtr.Zero != extensionsPtr)
                {
                    Marshal.FreeHGlobal(extensionsPtr);
                    extensionsPtr = IntPtr.Zero;
                }

                pSubjectIssuerBlob.Dispose();
            }
        }
    }
예제 #2
0
        /// <summary>
        /// Create a self signed certificate
        /// </summary>
        /// <param name="request">A request to generate certificate</param>
        /// <returns>Returns a self signed certificate</returns>
        public static X509Certificate2 CreateSelfSignedCertificate(CertificateGenerationRequest request)
        {
            var ptr = CreateSelfSignedCertificatePtr(request);

            return(new X509Certificate2(ptr));
        }