public static extern IntPtr CertCreateSelfSignCertificate( IntPtr hProv, ref CERT_NAME_BLOB pSubjectIssuerBlob, uint dwFlagsm, ref CRYPT_KEY_PROV_INFO pKeyProvInfo, IntPtr pSignatureAlgorithm, IntPtr pStartTime, IntPtr pEndTime, IntPtr other);
////------ Since we are using an RSA with nonpersisted keycontainer, must pass it in to ensure it isn't colledted ----- //private static byte[] GetPkcs12(RSA rsa, String keycontainer, String cspprovider, uint KEYSPEC, uint cspflags, string pass) // { // byte[] pfxblob = null; // IntPtr hCertCntxt = IntPtr.Zero; // String DN = "CN=Opensslkey Unsigned Certificate"; // hCertCntxt = CreateUnsignedCertCntxt(keycontainer, cspprovider, KEYSPEC, cspflags, DN) ; // if(hCertCntxt == IntPtr.Zero){ // Console.WriteLine("Couldn't create an unsigned-cert\n") ; // return null; // } // try{ // X509Certificate cert = new X509Certificate(hCertCntxt) ; //create certificate object from cert context. // X509Certificate2UI.DisplayCertificate(new X509Certificate2(cert)) ; // display it, showing linked private key // SecureString pswd = GetSecPswd(pass) ; // pfxblob = cert.Export(X509ContentType.Pkcs12, pswd); // } // catch(Exception exc) // { // Console.WriteLine( "BAD RESULT" + exc.Message); // pfxblob = null; // } //rsa.Clear() ; //if(hCertCntxt != IntPtr.Zero) // Win32.CertFreeCertificateContext(hCertCntxt) ; // return pfxblob; //} private static IntPtr CreateUnsignedCertCntxt(String keycontainer, String provider, uint KEYSPEC, uint cspflags, String DN) { const uint AT_KEYEXCHANGE = 0x00000001; const uint AT_SIGNATURE = 0x00000002; const uint CRYPT_MACHINE_KEYSET = 0x00000020; const uint PROV_RSA_FULL = 0x00000001; const String MS_DEF_PROV = "Microsoft Base Cryptographic Provider v1.0"; const String MS_STRONG_PROV = "Microsoft Strong Cryptographic Provider"; const String MS_ENHANCED_PROV = "Microsoft Enhanced Cryptographic Provider v1.0"; const uint CERT_CREATE_SELFSIGN_NO_SIGN = 1; const uint X509_ASN_ENCODING = 0x00000001; const uint CERT_X500_NAME_STR = 3; IntPtr hCertCntxt = IntPtr.Zero; byte[] encodedName = null; uint cbName = 0; if (provider != MS_DEF_PROV && provider != MS_STRONG_PROV && provider != MS_ENHANCED_PROV) { return(IntPtr.Zero); } if (keycontainer == "") { return(IntPtr.Zero); } if (KEYSPEC != AT_SIGNATURE && KEYSPEC != AT_KEYEXCHANGE) { return(IntPtr.Zero); } if (cspflags != 0 && cspflags != CRYPT_MACHINE_KEYSET) //only 0 (Current User) keyset is currently used. { return(IntPtr.Zero); } if (DN == "") { return(IntPtr.Zero); } if (Win32.CertStrToName(X509_ASN_ENCODING, DN, CERT_X500_NAME_STR, IntPtr.Zero, null, ref cbName, IntPtr.Zero)) { encodedName = new byte[cbName]; Win32.CertStrToName(X509_ASN_ENCODING, DN, CERT_X500_NAME_STR, IntPtr.Zero, encodedName, ref cbName, IntPtr.Zero); } CERT_NAME_BLOB subjectblob = new CERT_NAME_BLOB(); subjectblob.pbData = Marshal.AllocHGlobal(encodedName.Length); Marshal.Copy(encodedName, 0, subjectblob.pbData, encodedName.Length); subjectblob.cbData = encodedName.Length; CRYPT_KEY_PROV_INFO pInfo = new CRYPT_KEY_PROV_INFO(); pInfo.pwszContainerName = keycontainer; pInfo.pwszProvName = provider; pInfo.dwProvType = PROV_RSA_FULL; pInfo.dwFlags = cspflags; pInfo.cProvParam = 0; pInfo.rgProvParam = IntPtr.Zero; pInfo.dwKeySpec = KEYSPEC; hCertCntxt = Win32.CertCreateSelfSignCertificate(IntPtr.Zero, ref subjectblob, CERT_CREATE_SELFSIGN_NO_SIGN, ref pInfo, IntPtr.Zero, IntPtr.Zero, IntPtr.Zero, IntPtr.Zero); if (hCertCntxt == IntPtr.Zero) { showWin32Error(Marshal.GetLastWin32Error()); } Marshal.FreeHGlobal(subjectblob.pbData); return(hCertCntxt); }