Fatal编程技术网
  • csharp/
  • C# 如何通过C注册TPM虚拟智能卡的证书#

C# 如何通过C注册TPM虚拟智能卡的证书#

c#

C# 如何通过C注册TPM虚拟智能卡的证书#,c#,tpm,C#,Tpm,我已经安装了服务器并创建了TMP模板。还可以在属于同一网络的不同机器上创建TPM虚拟智能卡。我可以手动注册新证书(certmgr控制台),但我需要通过代码注册。有没有办法用C#来处理 如果我的问题不清楚,很抱歉,但我找到了解决方案并将其发布在这里 我发现两个链接非常有用: objPrivateKey.ContainerName = "TestContainer"; objPrivateKey.ProviderName = "Microsoft Base Smart Card Crypto P

我已经安装了服务器并创建了TMP模板。还可以在属于同一网络的不同机器上创建TPM虚拟智能卡。我可以手动注册新证书(certmgr控制台),但我需要通过代码注册。有没有办法用C#来处理

如果我的问题不清楚,很抱歉,但我找到了解决方案并将其发布在这里

我发现两个链接非常有用:

objPrivateKey.ContainerName = "TestContainer";
objPrivateKey.ProviderName = "Microsoft Base Smart Card Crypto Provider";
objPrivateKey.ProviderType = X509ProviderType.XCN_PROV_RSA_FULL;
objPrivateKey.Length = 2048;
objPrivateKey.Pin = "12345678";
objPrivateKey.KeySpec = X509KeySpec.XCN_AT_KEYEXCHANGE;
objPrivateKey.KeyUsage = X509PrivateKeyUsageFlags.XCN_NCRYPT_ALLOW_ALL_USAGES;
objPrivateKey.MachineContext = false;
objPrivateKey.CspInformations = objCSPs;
objPrivateKey.Create();

//  Initialize the PKCS#10 certificate request object based on the private key.
//  Using the context, indicate that this is a user certificate request and don't
//  provide a template name
objPkcs10.InitializeFromPrivateKey(
    X509CertificateEnrollmentContext.ContextUser,
    objPrivateKey,
    ""
);

// Key Usage Extension 
objExtensionKeyUsage.InitializeEncode(
    CERTENROLLLib.X509KeyUsageFlags.XCN_CERT_DIGITAL_SIGNATURE_KEY_USAGE |
    CERTENROLLLib.X509KeyUsageFlags.XCN_CERT_NON_REPUDIATION_KEY_USAGE |
    CERTENROLLLib.X509KeyUsageFlags.XCN_CERT_KEY_ENCIPHERMENT_KEY_USAGE |
    CERTENROLLLib.X509KeyUsageFlags.XCN_CERT_DATA_ENCIPHERMENT_KEY_USAGE
);

objPkcs10.X509Extensions.Add((CX509Extension)objExtensionKeyUsage);

// Enhanced Key Usage Extension
objObjectId.InitializeFromValue(oid.Text);
objObjectIds.Add(objObjectId);
objX509ExtensionEnhancedKeyUsage.InitializeEncode(objObjectIds);
objPkcs10.X509Extensions.Add((CX509Extension)objX509ExtensionEnhancedKeyUsage);

// Template Extension
objExtensionTemplate.InitializeEncode(templateName.Text);
objPkcs10.X509Extensions.Add((CX509Extension)objExtensionTemplate);

//  Encode the name in using the Distinguished Name object
objDN.Encode(
    "CN=AlejaCMa",
    X500NameFlags.XCN_CERT_NAME_STR_NONE
);

//  Assing the subject name by using the Distinguished Name object initialized above
objPkcs10.Subject = objDN;

// Create enrollment request
objEnroll.InitializeFromRequest(objPkcs10);
strRequest = objEnroll.CreateRequest(EncodingType.XCN_CRYPT_STRING_BASE64);