■ 인증서 요청 코드를 생성하는 방법을 보여준다.
▶ Program.cs
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 |
using System; using System.Security.Cryptography.X509Certificates; using CERTENROLLLib; namespace TestProject { /// <summary> /// 프로그램 /// </summary> class Program { //////////////////////////////////////////////////////////////////////////////////////////////////// Method ////////////////////////////////////////////////////////////////////////////////////////// Static //////////////////////////////////////////////////////////////////////////////// Private #region 프로그램 시작하기 - Main() /// <summary> /// 프로그램 시작하기 /// </summary> private static void Main() { Console.Title = "인증서 요청 코드 생성하기"; string result = Generate("CN=the10", StoreLocation.CurrentUser, "Microsoft RSA SChannel Cryptographic Provider", 1024); Console.WriteLine(result); } #endregion #region 생성하기 - Generate(subject, storeLocation, providerName, keyLength) /// <summary> /// 생성하기 /// </summary> /// <param name="subject">제목</param> /// <param name="storeLocation">저장 위치</param> /// <param name="providerName">제공자명</param> /// <param name="keyLength">키 길이</param> /// <returns>인증서 요청 코드</returns> private static string Generate(string subject, StoreLocation storeLocation, string providerName, int keyLength) { CX509CertificateRequestPkcs10 cX509CertificateRequestPkcs10 = new CX509CertificateRequestPkcs10(); CX509PrivateKey cX509PrivateKey = new CX509PrivateKey(); CCspInformation cCspInformation = new CCspInformation(); CCspInformations cCspInformations = new CCspInformations(); CX500DistinguishedName cX500DistinguishedName = new CX500DistinguishedName(); CX509Enrollment cX509Enrollment = new CX509Enrollment(); CObjectIds cObjectIds = new CObjectIds(); CObjectId cObjectId1 = new CObjectId(); CObjectId cObjectId2 = new CObjectId(); CX509ExtensionKeyUsage cX509ExtensionKeyUsage = new CX509ExtensionKeyUsage(); CX509ExtensionEnhancedKeyUsage cX509ExtensionEnhancedKeyUsage = new CX509ExtensionEnhancedKeyUsage(); string result = null; cCspInformations.AddAvailableCsps(); cX509PrivateKey.ProviderName = providerName; cX509PrivateKey.Length = keyLength; cX509PrivateKey.KeySpec = X509KeySpec.XCN_AT_KEYEXCHANGE; cX509PrivateKey.KeyUsage = X509PrivateKeyUsageFlags.XCN_NCRYPT_ALLOW_ALL_USAGES; if(storeLocation == StoreLocation.LocalMachine) { cX509PrivateKey.MachineContext = true; } else { cX509PrivateKey.MachineContext = false; } cX509PrivateKey.ExportPolicy = X509PrivateKeyExportFlags.XCN_NCRYPT_ALLOW_EXPORT_FLAG; cX509PrivateKey.CspInformations = cCspInformations; cX509PrivateKey.Create(); if(storeLocation == StoreLocation.LocalMachine) { cX509CertificateRequestPkcs10.InitializeFromPrivateKey ( X509CertificateEnrollmentContext.ContextMachine, cX509PrivateKey, string.Empty ); } else { cX509CertificateRequestPkcs10.InitializeFromPrivateKey ( X509CertificateEnrollmentContext.ContextUser, cX509PrivateKey, string.Empty ); } CObjectId hashCObjectId = new CObjectId(); hashCObjectId.InitializeFromAlgorithmName ( ObjectIdGroupId.XCN_CRYPT_HASH_ALG_OID_GROUP_ID, ObjectIdPublicKeyFlags.XCN_CRYPT_OID_INFO_PUBKEY_ANY, AlgorithmFlags.AlgorithmFlagsNone, "SHA256" ); cX509CertificateRequestPkcs10.HashAlgorithm = hashCObjectId; cX509ExtensionKeyUsage.InitializeEncode ( CERTENROLLLib.X509KeyUsageFlags.XCN_CERT_DIGITAL_SIGNATURE_KEY_USAGE | CERTENROLLLib.X509KeyUsageFlags.XCN_CERT_KEY_ENCIPHERMENT_KEY_USAGE ); cX509CertificateRequestPkcs10.X509Extensions.Add((CX509Extension)cX509ExtensionKeyUsage); cObjectId1.InitializeFromValue("1.3.6.1.5.5.7.3.1"); cObjectId2.InitializeFromValue("1.3.6.1.5.5.7.3.2"); cObjectIds.Add(cObjectId1); cObjectIds.Add(cObjectId2); cX509ExtensionEnhancedKeyUsage.InitializeEncode(cObjectIds); cX509CertificateRequestPkcs10.X509Extensions.Add((CX509Extension)cX509ExtensionEnhancedKeyUsage); cX500DistinguishedName.Encode(subject, X500NameFlags.XCN_CERT_NAME_STR_SEMICOLON_FLAG); cX509CertificateRequestPkcs10.Subject = cX500DistinguishedName; cX509CertificateRequestPkcs10.SuppressDefaults = true; cX509Enrollment.InitializeFromRequest(cX509CertificateRequestPkcs10); result = cX509Enrollment.CreateRequest(EncodingType.XCN_CRYPT_STRING_BASE64); result = "-----BEGIN CERTIFICATE REQUEST-----\r\n" + result + "-----END CERTIFICATE REQUEST-----"; return result; } #endregion } } |
※ "CertEnroll 1.0 Type Library" COM 참조를 추가한다.
