/// <inheritdoc /> public void SetCertificateExtension(Int32 requestID, X509Extension extension) { if (extension == null) { throw new ArgumentNullException(nameof(extension)); } var certAdmin = new CCertAdminClass(); // BSTR is length-prefixed type, so allocate extra 4 bytes to store BSTR length IntPtr pbBstr = Marshal.AllocHGlobal(extension.RawData.Length + 4); // write length in front of actual BSTR value Marshal.WriteInt32(pbBstr, 0, extension.RawData.Length); // copy raw bytes right after length prefix Marshal.Copy(extension.RawData, 0, pbBstr + 4, extension.RawData.Length); // create an instance of VARIANT and configure it var variant = new OleAut.VARIANT { vt = OleAut.VT_BSTR, // the pointer to BSTR doesn't include prefix length, so skip 4 bytes pvRecord = pbBstr + 4 }; Int32 flags = extension.Critical ? 1 : 0; IntPtr pvarValue = Marshal.AllocHGlobal(Marshal.SizeOf(typeof(OleAut.VARIANT))); Marshal.StructureToPtr(variant, pvarValue, false); try { certAdmin.SetCertificateExtension(_configString, requestID, extension.Oid.Value, CertAdmConstants.ProptypeBinary, flags, pvarValue); } finally { Marshal.FreeHGlobal(pbBstr); Marshal.FreeHGlobal(pvarValue); CryptographyUtils.ReleaseCom(certAdmin); } }
/// <inheritdoc /> public Object GetConfigEntry(String entryName, String node = null) { if (entryName == null) { throw new ArgumentNullException(nameof(entryName)); } if (String.Empty.Equals(entryName)) { throw new ArgumentException("'entryName' parameter cannot be empty string."); } ICertAdmin2 certAdmin = new CCertAdminClass(); try { return(useActive ? certAdmin.GetConfigEntry($"{ComputerName}\\{ActiveConfig}", node ?? String.Empty, entryName) : certAdmin.GetConfigEntry(ComputerName, String.Empty, entryName)); } catch (Exception ex) { if (ex is FileNotFoundException) { return(null); } throw; } finally { CryptographyUtils.ReleaseCom(certAdmin); } }
/// <inheritdoc /> public Int32 DeleteLastUpdatedRequests(DateTime notAfter) { ICertAdmin2 certAdmin = new CCertAdminClass(); try { return(certAdmin.DeleteRow(_configString, (Int32)BulkRowRemovalOption.LastChanged, notAfter, (Int32)AdcsDbCRTable.Request, 0)); } finally { CryptographyUtils.ReleaseCom(certAdmin); } }
/// <inheritdoc /> public Int32 DeleteExpiredCRLs(DateTime notAfter) { ICertAdmin2 certAdmin = new CCertAdminClass(); try { return(certAdmin.DeleteRow(_configString, (Int32)BulkRowRemovalOption.Expired, notAfter, (Int32)AdcsDbCRTable.CRL, 0)); } finally { CryptographyUtils.ReleaseCom(certAdmin); } }
/// <inheritdoc /> public Int32 DeleteDatabaseRow(Int32 requestID, AdcsDbCRTable table = AdcsDbCRTable.Request) { ICertAdmin2 certAdmin = new CCertAdminClass(); try { return(certAdmin.DeleteRow(_configString, 0, new DateTime(), (Int32)table, requestID)); } finally { CryptographyUtils.ReleaseCom(certAdmin); } }
/// <inheritdoc /> public void RevokeRequest(String serialNumber, DateTime?revocationDate = null, AdcsCrlReason reason = AdcsCrlReason.Unspecified) { ICertAdmin2 certAdmin = new CCertAdminClass(); try { certAdmin.RevokeCertificate(_configString, serialNumber, (Int32)reason, revocationDate ?? DateTime.UtcNow); } finally { CryptographyUtils.ReleaseCom(certAdmin); } }
/// <inheritdoc /> public void DenyRequest(Int32 requestID) { ICertAdmin2 certAdmin = new CCertAdminClass(); try { certAdmin.DenyRequest(_configString, requestID); } finally { CryptographyUtils.ReleaseCom(certAdmin); } }
/// <inheritdoc /> public AdcsPropCertState ApproveRequest(Int32 requestID) { ICertAdmin2 certAdmin = new CCertAdminClass(); try { return((AdcsPropCertState)certAdmin.ResubmitRequest(_configString, requestID)); } finally { CryptographyUtils.ReleaseCom(certAdmin); } }
void publishCRL(AdcsCrlPublishType crlFlags, DateTime?nexUpdate = null) { ICertAdmin2 certAdmin = new CCertAdminClass(); try { certAdmin.PublishCRLs(_configString, nexUpdate ?? DateTime.UtcNow, (Int32)crlFlags); } finally { CryptographyUtils.ReleaseCom(certAdmin); } }
String readActiveConfig() { ICertAdmin2 certAdmin = new CCertAdminClass(); try { String active = (String)certAdmin.GetConfigEntry(ComputerName, String.Empty, "Active"); IsAccessible = true; return(active); } catch { IsAccessible = false; } finally { CryptographyUtils.ReleaseCom(certAdmin); } return(null); }
static void Main(string[] args) { CCertAdminClass admin = new CCertAdminClass(); CCertEncodeAltNameClass altNames = new CCertEncodeAltNameClass(); altNames.Reset(2); altNames.SetNameEntry(0, 3, "mail2.domain.com"); // 3 for CERT_ALT_NAME_DNS_NAME altNames.SetNameEntry(1, 3, "websso.sysfil.systest.sanpaoloimi.com"); BStrWrapper wrapper = new BStrWrapper(altNames.Encode()); admin.SetCertificateExtension("10.190.65.163\\EDETOCVM-CA", 23, "2.5.29.17", 3, 0, wrapper); // #define PROPTYPE_BINARY 0x00000003 // Binary data }
/// <inheritdoc /> public Int32 ImportCertificate(X509Certificate2 certificate) { if (certificate == null) { throw new ArgumentNullException(nameof(certificate)); } ICertAdmin2 certAdmin = new CCertAdminClass(); try { return(certAdmin.ImportCertificate( _configString, CryptographyUtils.EncodeDerString(certificate.RawData), (Int32)ImportForeignOption.AllowForeign)); } finally { CryptographyUtils.ReleaseCom(certAdmin); } }
/// <inheritdoc /> public AdcsPropCertState GetCertificateStatus(String serialNumber) { if (serialNumber == null) { throw new ArgumentNullException(nameof(serialNumber)); } if (String.IsNullOrWhiteSpace(serialNumber)) { throw new ArgumentException("'serialNumber' parameter cannot be empty string"); } ICertAdmin2 certAdmin = new CCertAdminClass(); try { return((AdcsPropCertState)certAdmin.IsValidCertificate(_configString, serialNumber)); } finally { CryptographyUtils.ReleaseCom(certAdmin); } }
/// <inheritdoc /> public void DeleteConfigEntry(String entryName, String node = null) { ICertAdmin2 certAdmin = new CCertAdminClass(); try { if (useActive) { certAdmin.SetConfigEntry($"{ComputerName}\\{ActiveConfig}", node ?? String.Empty, entryName, null); } else { certAdmin.SetConfigEntry(ComputerName, String.Empty, entryName, null); } } catch (Exception ex) { if (!(ex is FileNotFoundException)) { throw; } } finally { CryptographyUtils.ReleaseCom(certAdmin); } }
/// <inheritdoc /> public void SetConfigEntry(Object data, String entryName, String node = null) { if (data == null) { throw new ArgumentNullException(nameof(data)); } ICertAdmin2 certAdmin = new CCertAdminClass(); try { switch (data) { case String _: case Int32 _: if (useActive) { certAdmin.SetConfigEntry($"{ComputerName}\\{ActiveConfig}", node ?? String.Empty, entryName, data); } else { certAdmin.SetConfigEntry(ComputerName, String.Empty, entryName, data); } break; case Boolean b: if (useActive) { certAdmin.SetConfigEntry($"{ComputerName}\\{ActiveConfig}", node ?? String.Empty, entryName, b ? 1 : 0); } else { certAdmin.SetConfigEntry(ComputerName, String.Empty, entryName, b ? 1 : 0); } break; case IEnumerable <String> array: if (useActive) { certAdmin.SetConfigEntry($"{ComputerName}\\{ActiveConfig}", node ?? String.Empty, entryName, array.ToArray()); } else { certAdmin.SetConfigEntry(ComputerName, String.Empty, entryName, array.ToArray()); } break; case IEnumerable <Byte> array: if (useActive) { certAdmin.SetConfigEntry($"{ComputerName}\\{ActiveConfig}", node ?? String.Empty, entryName, array.ToArray()); } else { certAdmin.SetConfigEntry(ComputerName, String.Empty, entryName, array.ToArray()); } break; default: throw new ArgumentException(); } } finally { CryptographyUtils.ReleaseCom(certAdmin); } }