■ 인증서 요청 코드 생성하기

------------------------------------------------------------------------------------------------------------------------


TestProject.zip


Program.cs

 

 

using System;

using System.Security.Cryptography.X509Certificates;

 

using CERTENROLLLib;

 

namespace TestProject

{

    /// <summary>

    /// 프로그램

    /// </summary>

    class Program

    {

        //////////////////////////////////////////////////////////////////////////////////////////////////// Method

        ////////////////////////////////////////////////////////////////////////////////////////// Static

        //////////////////////////////////////////////////////////////////////////////// Private

 

        #region 프로그램 시작하기 - Main()

 

        /// <summary>

        /// 프로그램 시작하기

        /// </summary>

        private static void Main()

        {

            Console.Title = "인증서 요청 코드 생성하기";

 

            string result = Generate("CN=the10", StoreLocation.CurrentUser, "Microsoft RSA SChannel Cryptographic Provider", 1024);

 

            Console.WriteLine(result);

        }

 

        #endregion

 

        #region 생성하기 - Generate(subject, storeLocation, providerName, keyLength)

 

        /// <summary>

        /// 생성하기

        /// </summary>

        /// <param name="subject">제목</param>

        /// <param name="storeLocation">저장 위치</param>

        /// <param name="providerName">제공자명</param>

        /// <param name="keyLength">키 길이</param>

        /// <returns>인증서 요청 코드</returns>

        private static string Generate(string subject, StoreLocation storeLocation, string providerName, int keyLength)

        {

            CX509CertificateRequestPkcs10 cX509CertificateRequestPkcs10 = new CX509CertificateRequestPkcs10();

 

            CX509PrivateKey cX509PrivateKey = new CX509PrivateKey();

 

            CCspInformation cCspInformation = new CCspInformation();

 

            CCspInformations cCspInformations = new CCspInformations();

 

            CX500DistinguishedName cX500DistinguishedName = new CX500DistinguishedName();

 

            CX509Enrollment cX509Enrollment = new CX509Enrollment();

 

            CObjectIds cObjectIds = new CObjectIds();

 

            CObjectId cObjectId1 = new CObjectId();

            CObjectId cObjectId2 = new CObjectId();

 

            CX509ExtensionKeyUsage cX509ExtensionKeyUsage = new CX509ExtensionKeyUsage();

 

            CX509ExtensionEnhancedKeyUsage cX509ExtensionEnhancedKeyUsage = new CX509ExtensionEnhancedKeyUsage();

 

            string result = null;

 

            cCspInformations.AddAvailableCsps();

 

            cX509PrivateKey.ProviderName = providerName;

            cX509PrivateKey.Length       = keyLength;

            cX509PrivateKey.KeySpec      = X509KeySpec.XCN_AT_KEYEXCHANGE;

            cX509PrivateKey.KeyUsage     = X509PrivateKeyUsageFlags.XCN_NCRYPT_ALLOW_ALL_USAGES;

 

            if(storeLocation == StoreLocation.LocalMachine)

            {

                cX509PrivateKey.MachineContext = true;

            }

            else

            {

                cX509PrivateKey.MachineContext = false;

            }

 

            cX509PrivateKey.ExportPolicy    = X509PrivateKeyExportFlags.XCN_NCRYPT_ALLOW_EXPORT_FLAG;

            cX509PrivateKey.CspInformations = cCspInformations;

 

            cX509PrivateKey.Create();

 

            if(storeLocation == StoreLocation.LocalMachine)

            {

                cX509CertificateRequestPkcs10.InitializeFromPrivateKey

                (

                    X509CertificateEnrollmentContext.ContextMachine,

                    cX509PrivateKey,

                    string.Empty

                );

            }

            else

            {

                cX509CertificateRequestPkcs10.InitializeFromPrivateKey

                (

                    X509CertificateEnrollmentContext.ContextUser,

                    cX509PrivateKey,

                    string.Empty

                );

            }

 

            CObjectId hashCObjectId = new CObjectId();

 

            hashCObjectId.InitializeFromAlgorithmName

            (

                ObjectIdGroupId.XCN_CRYPT_HASH_ALG_OID_GROUP_ID,

                ObjectIdPublicKeyFlags.XCN_CRYPT_OID_INFO_PUBKEY_ANY,

                AlgorithmFlags.AlgorithmFlagsNone,

                "SHA256"

            );

 

            cX509CertificateRequestPkcs10.HashAlgorithm = hashCObjectId;

 

            cX509ExtensionKeyUsage.InitializeEncode

            (

                CERTENROLLLib.X509KeyUsageFlags.XCN_CERT_DIGITAL_SIGNATURE_KEY_USAGE |

                CERTENROLLLib.X509KeyUsageFlags.XCN_CERT_KEY_ENCIPHERMENT_KEY_USAGE

            );

 

            cX509CertificateRequestPkcs10.X509Extensions.Add((CX509Extension)cX509ExtensionKeyUsage);

 

            cObjectId1.InitializeFromValue("1.3.6.1.5.5.7.3.1");

            cObjectId2.InitializeFromValue("1.3.6.1.5.5.7.3.2");

 

            cObjectIds.Add(cObjectId1);

            cObjectIds.Add(cObjectId2);

 

            cX509ExtensionEnhancedKeyUsage.InitializeEncode(cObjectIds);

 

            cX509CertificateRequestPkcs10.X509Extensions.Add((CX509Extension)cX509ExtensionEnhancedKeyUsage);

 

            cX500DistinguishedName.Encode(subject, X500NameFlags.XCN_CERT_NAME_STR_SEMICOLON_FLAG);

 

            cX509CertificateRequestPkcs10.Subject = cX500DistinguishedName;

 

            cX509CertificateRequestPkcs10.SuppressDefaults = true;

 

            cX509Enrollment.InitializeFromRequest(cX509CertificateRequestPkcs10);

 

            result = cX509Enrollment.CreateRequest(EncodingType.XCN_CRYPT_STRING_BASE64);

 

            result = "-----BEGIN CERTIFICATE REQUEST-----\r\n" + result + "-----END CERTIFICATE REQUEST-----";

 

            return result;

        }

 

        #endregion

    }

}

 

------------------------------------------------------------------------------------------------------------------------

※ "CertEnroll 1.0 Type Library" COM 참조를 추가한다.

Posted by 사용자 icodebroker
TAG

댓글을 달아 주세요