我有WinXP客户端。我的目标是使用C#中的XEnroll库创建证书请求。我找到了工作代码,因此客户端可以创建请求,但我获得了没有密钥和数据加密的证书。我看到,可以使用CERTENROLLLib创建此类请求,但我必须使用XEnroll。
那么,我怎样才能做到这样,使用XEnroll:
// Key Usage Extension
objExtensionKeyUsage.InitializeEncode(
X509KeyUsageFlags.XCN_CERT_DIGITAL_SIGNATURE_KEY_USAGE |
X509KeyUsageFlags.XCN_CERT_NON_REPUDIATION_KEY_USAGE |
X509KeyUsageFlags.XCN_CERT_KEY_ENCIPHERMENT_KEY_USAGE |
X509KeyUsageFlags.XCN_CERT_DATA_ENCIPHERMENT_KEY_USAGE
);
objPkcs10.X509Extensions.Add((CX509Extension)objExtensionKeyUsage);
这是我的代码:
string distNAme = "CN=" +
userName +
",OU=UserUnit" +
",O=CRYPTO-PRO" +
",L=MOSCOW" +
",S=WA" +
",C=RU";
string usage = "1.3.6.1.5.5.7.3.2";
var enroll = new CEnrollClass();
enroll.ProviderType = 75;
enroll.ProviderName = "Crypto-Pro GOST R 34.10-2001 Cryptographic Service Provider";
string request = enroll.createPKCS10(distNAme, usage);
var dialog = new System.Windows.Forms.SaveFileDialog();
if (dialog.ShowDialog() == System.Windows.Forms.DialogResult.OK)
{
System.IO.File.WriteAllText(dialog.FileName, request);
}
感谢。