private static void ImportPrivateCert(string sPrivateCertPath, string sFilePassword, string m_sThumb, bool m_bIsExportable) { Hashtable hs = new Hashtable(); if (m_sIdentityUser == null) { ManagementObjectSearcher m_mgMISearcher = new ManagementObjectSearcher(new WqlObjectQuery("SELECT * FROM MSBTS_HostSetting")); m_mgMISearcher.Scope = new ManagementScope("root\\MicrosoftBizTalkServer"); m_mgMISearcher.Options.ReturnImmediately = true; ManagementBaseObject[] m_moHostInstances = new ManagementBaseObject[m_mgMISearcher.Get().Count]; m_mgMISearcher.Get().CopyTo(m_moHostInstances, 0); foreach (ManagementObject oHost in m_moHostInstances) { try { hs.Add(oHost.GetPropertyValue("LastUsedLogon").ToString().ToUpper(CultureInfo.InvariantCulture), null); } catch { } } } else { hs.Add(m_sIdentityUser, m_sIdentityPassword); } foreach (string sUser in hs.Keys) { string sPassword = null; if (hs[sUser] == null) { Console.Write("\r\nEnter password for identity " + sUser + ": "); sPassword = PwdConsole.ReadLine(); //Console.ReadLine(); } else { sPassword = hs[sUser].ToString(); } try { PrivateKeyManager.ImpersonateUser(sUser, sPassword); PrivateKeyManager.Import(sPrivateCertPath, sFilePassword, m_sThumb, PrivateKeyManager.CertificateStores.CERT_SYSTEM_STORE_CURRENT_USER, "MY", m_bIsExportable); Console.WriteLine("Completed importing private certificate to user identity " + sUser + "."); PrivateKeyManager.UndoImpersonation(); } catch { Console.WriteLine("Failed importing private key to user [" + sUser + "].\n\rCheck that you have entered a valid password."); } } }
static void Main(string[] argv) { Hashtable sParameters = new Hashtable(); //check that every parameter name has a value if (argv.Length >= 1 && (argv[0].ToUpper(CultureInfo.InvariantCulture) == "/H" || argv[0].ToUpper(CultureInfo.InvariantCulture) == "/?" || argv[0].ToUpper(CultureInfo.InvariantCulture) == "/HELP")) { DisplayUsage(); Environment.Exit(0); } else if (argv.Length % 2 == 1 || argv.Length == 0) { m_ErrorBag.Enqueue(ErrorType.MISSING_VALUE); } else { for (int i = 0; i < argv.Length; i++) { if (!argv[i].StartsWith("/", StringComparison.OrdinalIgnoreCase) || argv[i + 1].StartsWith("/", StringComparison.OrdinalIgnoreCase)) { m_ErrorBag.Enqueue(ErrorType.MISSING_VALUE); break; } try { sParameters.Add(argv[i++], argv[i]); } catch (ArgumentException) { m_ErrorBag.Enqueue(ErrorType.DUPLICATE_PARAMETER); } } } //check for validity of parameters if (m_ErrorBag.Count == 0) { foreach (string sParameter in sParameters.Keys) { switch (sParameter.ToUpper(CultureInfo.InvariantCulture).Substring(0, 5)) { case "/PRIV": //PRIVATEKEY m_KeyType = KeyType.PRIVATE; if (!File.Exists(sParameters[sParameter].ToString())) { m_ErrorBag.Enqueue(ErrorType.FILE_NOTEXIST); } else { m_sCertFile = sParameters[sParameter].ToString(); } break; case "/PUBL": //PUBLICKEY m_KeyType = KeyType.PUBLIC; if (!File.Exists(sParameters[sParameter].ToString())) { m_ErrorBag.Enqueue(ErrorType.FILE_NOTEXIST); } else { m_sCertFile = sParameters[sParameter].ToString(); } break; case "/INTE": m_KeyType = KeyType.INTER; if (!File.Exists(sParameters[sParameter].ToString())) { m_ErrorBag.Enqueue(ErrorType.FILE_NOTEXIST); } else { m_sCertFile = sParameters[sParameter].ToString(); } break; case "/ROOT": //ROOTKEY m_KeyType = KeyType.ROOT; if (!File.Exists(sParameters[sParameter].ToString())) { m_ErrorBag.Enqueue(ErrorType.FILE_NOTEXIST); } else { m_sCertFile = sParameters[sParameter].ToString(); } break; case "/FILE": //FILEPASSWORD m_sFilePassword = sParameters[sParameter].ToString(); break; case "/EXPO": //EXPORT if (sParameters[sParameter].ToString().ToUpper(CultureInfo.InvariantCulture) == "TRUE") { m_bIsExportable = true; } else if (sParameters[sParameter].ToString().ToUpper(CultureInfo.InvariantCulture) == "FALSE") { m_bIsExportable = false; } else { m_ErrorBag.Enqueue(ErrorType.INVALID_VALUE); } break; case "/USER": //USERIDENTITY m_sIdentityUser = sParameters[sParameter].ToString(); break; case "/PASS": //PASSWORD m_sIdentityPassword = sParameters[sParameter].ToString(); break; case "/THUM": //KEYTHUMBPRINT m_sThumb = sParameters[sParameter].ToString(); break; case "/USAG": switch (sParameters[sParameter].ToString().ToUpper(CultureInfo.InvariantCulture).Substring(0, 3)) { case "DEC": m_KeyUsage = KeyUsage.DECRYPT; break; case "SIG": m_KeyUsage = KeyUsage.SIGN; break; case "NON": m_KeyUsage = KeyUsage.NONE; break; case "BOT": m_KeyUsage = KeyUsage.BOTH; break; case "SSL": m_KeyUsage = KeyUsage.SSL; break; default: m_ErrorBag.Enqueue(ErrorType.INVALID_USAGE); break; } break; default: m_ErrorBag.Enqueue(ErrorType.UNKOWN_PARAMETER); break; } } } if (m_ErrorBag.Count == 0) { try { if (m_KeyType == KeyType.PRIVATE && m_sFilePassword == null) { Console.Write("Please enter the password for the certificate file: "); m_sFilePassword = PwdConsole.ReadLine(); //Console.ReadLine(); Console.WriteLine(); } if (m_sThumb == null) { m_sThumb = PromptForCertificate(m_sCertFile, m_sFilePassword, m_KeyType); } switch (m_KeyType) { case KeyType.PUBLIC: ImportPublicCert(m_sCertFile, m_sThumb); break; case KeyType.INTER: ImportIntermediateCert(m_sCertFile, m_sThumb); break; case KeyType.PRIVATE: if (m_KeyUsage == KeyUsage.NULL) { string sChoice = "5"; Console.Write("\r\nThis home certificate will be used for (default 5):\r\n[1] Signing [2]Decryption [3] Signing & Decryption [4] IIS SSL [5] None\r\nEnter your option here: "); sChoice = Console.ReadLine(); if (string.IsNullOrEmpty(sChoice.Trim())) { sChoice = "5"; } switch (sChoice.Substring(0, 1)) { case "1": m_KeyUsage = KeyUsage.SIGN; break; case "2": m_KeyUsage = KeyUsage.DECRYPT; break; case "3": m_KeyUsage = KeyUsage.BOTH; break; case "4": m_KeyUsage = KeyUsage.SSL; break; default: m_KeyUsage = KeyUsage.NONE; break; } } if (m_KeyUsage == KeyUsage.SSL) { PrivateKeyManager.Import(m_sCertFile, m_sFilePassword, m_sThumb, PrivateKeyManager.CertificateStores.CERT_SYSTEM_STORE_LOCAL_MACHINE, "MY", m_bIsExportable); SetSslCertificate(m_sThumb); Console.WriteLine("\r\nCompleted importing and configuring SSL certificate on IIS."); } else if (m_KeyUsage == KeyUsage.DECRYPT || m_KeyUsage == KeyUsage.SIGN || m_KeyUsage == KeyUsage.BOTH || m_KeyUsage == KeyUsage.NONE) { ImportPrivateCert(m_sCertFile, m_sFilePassword, m_sThumb, m_bIsExportable); Console.WriteLine(); if (m_KeyUsage == KeyUsage.DECRYPT || m_KeyUsage == KeyUsage.BOTH) { SetDecryptionCertificate(m_sThumb, m_sIdentityUser); } if (m_KeyUsage == KeyUsage.SIGN || m_KeyUsage == KeyUsage.BOTH) { SetSigningCertificate(m_sThumb); } } break; case KeyType.ROOT: ImportPublicRootCert(m_sCertFile); break; } } catch (Exception e) { if (e.Message == "FileOpenError") { m_ErrorBag.Enqueue(ErrorType.BAD_FILEPASSWORD); } else { m_ErrorBag.Enqueue(ErrorType.UNKOWN_PARAMETER); } } } bool bErrors = (m_ErrorBag.Count > 0); while (m_ErrorBag.Count > 0) { ErrorType error = (ErrorType)m_ErrorBag.Dequeue(); switch (error) { case ErrorType.FILE_NOTEXIST: Console.WriteLine("File does not exists. Please check the path."); break; case ErrorType.MISSING_FILENAME: Console.WriteLine("Certificate file not specified."); break; case ErrorType.MISSING_PARAMETER: Console.WriteLine("Missing parameter."); break; case ErrorType.MISSING_VALUE: Console.WriteLine("One or more parameter values are missing."); break; case ErrorType.UNKOWN_PARAMETER: Console.WriteLine("One or more unknown parameters are supplied."); break; case ErrorType.BAD_FILEPASSWORD: Console.WriteLine("Could not open certificate file. Check password."); break; case ErrorType.INVALID_USAGE: Console.WriteLine("Invalid usage was specified."); break; case ErrorType.INVALID_VALUE: Console.WriteLine("One or more parameters have invalid values."); break; case ErrorType.DUPLICATE_PARAMETER: Console.WriteLine("A parameter was repeated more than once."); break; } } if (bErrors) { DisplayUsage(); Environment.Exit(1); } else { Console.WriteLine("\r\nImport successfully completed!"); } }