From c6afea99b15198bd681817ce37689a6e76d8fc46 Mon Sep 17 00:00:00 2001 From: Xavier Callait <113396487+XavierJCallait@users.noreply.github.com> Date: Tue, 30 Jul 2024 14:40:47 -0700 Subject: [PATCH 1/6] Added Sid inputs --- .../DotNetCertAuthSample.csproj | 2 +- .../Managers/CertificateManager.cs | 15 +++++++++++++-- .../Models/CreateDCCertificate.cs | 7 +++++++ 3 files changed, 21 insertions(+), 3 deletions(-) diff --git a/DotNetCertAuthSample/DotNetCertAuthSample/DotNetCertAuthSample.csproj b/DotNetCertAuthSample/DotNetCertAuthSample/DotNetCertAuthSample.csproj index fa81ca6..0d2d4a1 100644 --- a/DotNetCertAuthSample/DotNetCertAuthSample/DotNetCertAuthSample.csproj +++ b/DotNetCertAuthSample/DotNetCertAuthSample/DotNetCertAuthSample.csproj @@ -2,7 +2,7 @@ Exe - net8.0-windows + net8.0 enable enable EZCACertManager diff --git a/DotNetCertAuthSample/DotNetCertAuthSample/Managers/CertificateManager.cs b/DotNetCertAuthSample/DotNetCertAuthSample/Managers/CertificateManager.cs index 8dc4da0..0d8d5c6 100644 --- a/DotNetCertAuthSample/DotNetCertAuthSample/Managers/CertificateManager.cs +++ b/DotNetCertAuthSample/DotNetCertAuthSample/Managers/CertificateManager.cs @@ -111,6 +111,10 @@ private async Task RenewAsync(RenewArgModel values) { throw new ArgumentException("Key length must be 2048 or 4096"); } + if (string.IsNullOrWhiteSpace(values.sid)) + { + throw new ArgumentException("Please enter a valid SID"); + } X509Certificate2 cert = WindowsCertStoreService.GetCertFromWinStoreBySubject( values.Domain.Replace("CN=", "").Trim(), values.LocalCertStore, @@ -262,6 +266,10 @@ private async Task CreateDCCertAsync(CreateDCCertificate values) { values.EKUs = EZCAConstants.DomainControllerDefaultEKUs; } + if (string.IsNullOrWhiteSpace(values.sid)) + { + throw new ArgumentException("Please enter a valid SID"); + } IEZCAClient ezcaClient = new EZCAClientClass( new HttpClient(), _logger, @@ -285,6 +293,8 @@ private async Task CreateDCCertAsync(CreateDCCertificate values) values.EKUs, values.KeyLength, values.DCGUID, + values.sid + values.DCGUID, values.KeyProvider ); } @@ -436,6 +446,8 @@ private async Task CreateCertificateAsync( List ekus, int keyLength, string dcGUID = "", + string sid = "" + string dcGUID = "", string keyProvider = "Microsoft Enhanced Cryptographic Provider v1.0" ) { @@ -467,8 +479,7 @@ private async Task CreateCertificateAsync( subjectAltNames, keyLength, localStore, - ekus, - keyProvider + ekus ); string csr = certRequest.RawData[EncodingType.XCN_CRYPT_STRING_BASE64REQUESTHEADER]; X509Certificate2? windowsCert; diff --git a/DotNetCertAuthSample/DotNetCertAuthSample/Models/CreateDCCertificate.cs b/DotNetCertAuthSample/DotNetCertAuthSample/Models/CreateDCCertificate.cs index 6b87f4f..31c435c 100644 --- a/DotNetCertAuthSample/DotNetCertAuthSample/Models/CreateDCCertificate.cs +++ b/DotNetCertAuthSample/DotNetCertAuthSample/Models/CreateDCCertificate.cs @@ -79,6 +79,13 @@ public class CreateDCCertificate [Option('k', "KeyLength", HelpText = "Certificate Key Length", Default = 4096)] public int KeyLength { get; set; } = 4096; + + [Option( + "sid", + Required = true, + HelpText = "SID for the certificate to be created" + )] + public string sid { get; set; } = ""; [Option( 'p', "KeyProvider", From 770fdc487bc5d70ef8204f948fc76b905b43c457 Mon Sep 17 00:00:00 2001 From: Xavier Callait <113396487+XavierJCallait@users.noreply.github.com> Date: Wed, 31 Jul 2024 18:21:22 -0700 Subject: [PATCH 2/6] Input sid for DC certificate and Renew --- .../DotNetCertAuthSample/Managers/CertificateManager.cs | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/DotNetCertAuthSample/DotNetCertAuthSample/Managers/CertificateManager.cs b/DotNetCertAuthSample/DotNetCertAuthSample/Managers/CertificateManager.cs index 0d8d5c6..6ddad16 100644 --- a/DotNetCertAuthSample/DotNetCertAuthSample/Managers/CertificateManager.cs +++ b/DotNetCertAuthSample/DotNetCertAuthSample/Managers/CertificateManager.cs @@ -210,6 +210,7 @@ private async Task CreateCertAsync(GenerateArgModel values) false, ekus, values.KeyLength, + "" "", values.KeyProvider ); @@ -447,8 +448,6 @@ private async Task CreateCertificateAsync( int keyLength, string dcGUID = "", string sid = "" - string dcGUID = "", - string keyProvider = "Microsoft Enhanced Cryptographic Provider v1.0" ) { if (_logger == null) @@ -494,7 +493,8 @@ private async Task CreateCertificateAsync( domain, validity, ekus, - dcGUID + dcGUID, + sid ); } else @@ -505,7 +505,8 @@ private async Task CreateCertificateAsync( selectedCA, csr, domain, - validity + validity, + sid ); } From b97f194d1bfbf2a17c864bdec0046fcab418a04e Mon Sep 17 00:00:00 2001 From: Xavier Callait <113396487+XavierJCallait@users.noreply.github.com> Date: Wed, 31 Jul 2024 18:27:57 -0700 Subject: [PATCH 3/6] Resolving merge conflict --- .../DotNetCertAuthSample/Managers/CertificateManager.cs | 9 ++------- .../DotNetCertAuthSample/Models/CreateDCCertificate.cs | 1 + .../DotNetCertAuthSample/Models/GenerateArgModel.cs | 1 + .../DotNetCertAuthSample/Models/RenewArgModel.cs | 1 + 4 files changed, 5 insertions(+), 7 deletions(-) diff --git a/DotNetCertAuthSample/DotNetCertAuthSample/Managers/CertificateManager.cs b/DotNetCertAuthSample/DotNetCertAuthSample/Managers/CertificateManager.cs index 6ddad16..fa7b1de 100644 --- a/DotNetCertAuthSample/DotNetCertAuthSample/Managers/CertificateManager.cs +++ b/DotNetCertAuthSample/DotNetCertAuthSample/Managers/CertificateManager.cs @@ -111,10 +111,6 @@ private async Task RenewAsync(RenewArgModel values) { throw new ArgumentException("Key length must be 2048 or 4096"); } - if (string.IsNullOrWhiteSpace(values.sid)) - { - throw new ArgumentException("Please enter a valid SID"); - } X509Certificate2 cert = WindowsCertStoreService.GetCertFromWinStoreBySubject( values.Domain.Replace("CN=", "").Trim(), values.LocalCertStore, @@ -294,7 +290,7 @@ private async Task CreateDCCertAsync(CreateDCCertificate values) values.EKUs, values.KeyLength, values.DCGUID, - values.sid + values.sid, values.DCGUID, values.KeyProvider ); @@ -505,8 +501,7 @@ private async Task CreateCertificateAsync( selectedCA, csr, domain, - validity, - sid + validity ); } diff --git a/DotNetCertAuthSample/DotNetCertAuthSample/Models/CreateDCCertificate.cs b/DotNetCertAuthSample/DotNetCertAuthSample/Models/CreateDCCertificate.cs index 31c435c..67107ac 100644 --- a/DotNetCertAuthSample/DotNetCertAuthSample/Models/CreateDCCertificate.cs +++ b/DotNetCertAuthSample/DotNetCertAuthSample/Models/CreateDCCertificate.cs @@ -86,6 +86,7 @@ public class CreateDCCertificate HelpText = "SID for the certificate to be created" )] public string sid { get; set; } = ""; + [Option( 'p', "KeyProvider", diff --git a/DotNetCertAuthSample/DotNetCertAuthSample/Models/GenerateArgModel.cs b/DotNetCertAuthSample/DotNetCertAuthSample/Models/GenerateArgModel.cs index 5c40205..d53517d 100644 --- a/DotNetCertAuthSample/DotNetCertAuthSample/Models/GenerateArgModel.cs +++ b/DotNetCertAuthSample/DotNetCertAuthSample/Models/GenerateArgModel.cs @@ -77,6 +77,7 @@ public class GenerateArgModel [Option('k', "KeyLength", HelpText = "Certificate Key Length", Default = 4096)] public int KeyLength { get; set; } = 4096; + [Option( 'p', "KeyProvider", diff --git a/DotNetCertAuthSample/DotNetCertAuthSample/Models/RenewArgModel.cs b/DotNetCertAuthSample/DotNetCertAuthSample/Models/RenewArgModel.cs index 3ec0df2..35e61b1 100644 --- a/DotNetCertAuthSample/DotNetCertAuthSample/Models/RenewArgModel.cs +++ b/DotNetCertAuthSample/DotNetCertAuthSample/Models/RenewArgModel.cs @@ -64,6 +64,7 @@ public class RenewArgModel )] public string issuer { get; set; } = ""; [Option('k', "KeyLength", HelpText = "Certificate Key Length", Default = 4096)] + public int KeyLength { get; set; } = 4096; [Option( 'p', From cbe0507b649b5397a27ae27b156f5200a0ce190c Mon Sep 17 00:00:00 2001 From: Xavier Callait <113396487+XavierJCallait@users.noreply.github.com> Date: Wed, 31 Jul 2024 18:31:03 -0700 Subject: [PATCH 4/6] Solved error in function inputs --- .../Managers/CertificateManager.cs | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/DotNetCertAuthSample/DotNetCertAuthSample/Managers/CertificateManager.cs b/DotNetCertAuthSample/DotNetCertAuthSample/Managers/CertificateManager.cs index fa7b1de..5f7911f 100644 --- a/DotNetCertAuthSample/DotNetCertAuthSample/Managers/CertificateManager.cs +++ b/DotNetCertAuthSample/DotNetCertAuthSample/Managers/CertificateManager.cs @@ -206,9 +206,9 @@ private async Task CreateCertAsync(GenerateArgModel values) false, ekus, values.KeyLength, - "" "", - values.KeyProvider + values.KeyProvider, + "" ); if (values.RDPCert) { @@ -290,9 +290,8 @@ private async Task CreateDCCertAsync(CreateDCCertificate values) values.EKUs, values.KeyLength, values.DCGUID, - values.sid, - values.DCGUID, - values.KeyProvider + values.KeyProvider, + values.sid ); } catch (Exception ex) @@ -443,6 +442,7 @@ private async Task CreateCertificateAsync( List ekus, int keyLength, string dcGUID = "", + string keyProvider = "Microsoft Enhanced Cryptographic Provider v1.0", string sid = "" ) { From 2f3f4ad2e958c07e1d3061d492b6c665aa92d9dd Mon Sep 17 00:00:00 2001 From: Xavier Callait <113396487+XavierJCallait@users.noreply.github.com> Date: Wed, 31 Jul 2024 18:39:44 -0700 Subject: [PATCH 5/6] Removed unnecessary changes --- .../DotNetCertAuthSample/DotNetCertAuthSample.csproj | 2 +- .../DotNetCertAuthSample/Managers/CertificateManager.cs | 3 ++- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/DotNetCertAuthSample/DotNetCertAuthSample/DotNetCertAuthSample.csproj b/DotNetCertAuthSample/DotNetCertAuthSample/DotNetCertAuthSample.csproj index 0d2d4a1..fa81ca6 100644 --- a/DotNetCertAuthSample/DotNetCertAuthSample/DotNetCertAuthSample.csproj +++ b/DotNetCertAuthSample/DotNetCertAuthSample/DotNetCertAuthSample.csproj @@ -2,7 +2,7 @@ Exe - net8.0 + net8.0-windows enable enable EZCACertManager diff --git a/DotNetCertAuthSample/DotNetCertAuthSample/Managers/CertificateManager.cs b/DotNetCertAuthSample/DotNetCertAuthSample/Managers/CertificateManager.cs index 5f7911f..d85232a 100644 --- a/DotNetCertAuthSample/DotNetCertAuthSample/Managers/CertificateManager.cs +++ b/DotNetCertAuthSample/DotNetCertAuthSample/Managers/CertificateManager.cs @@ -474,7 +474,8 @@ private async Task CreateCertificateAsync( subjectAltNames, keyLength, localStore, - ekus + ekus, + keyProvider ); string csr = certRequest.RawData[EncodingType.XCN_CRYPT_STRING_BASE64REQUESTHEADER]; X509Certificate2? windowsCert; From 0ff7cdfc985942807e26f5cd2e8f6447fd64b8da Mon Sep 17 00:00:00 2001 From: Xavier Callait <113396487+XavierJCallait@users.noreply.github.com> Date: Thu, 1 Aug 2024 11:12:12 -0700 Subject: [PATCH 6/6] Made SID optional input --- .../DotNetCertAuthSample/Managers/CertificateManager.cs | 4 ---- .../DotNetCertAuthSample/Models/CreateDCCertificate.cs | 6 +----- 2 files changed, 1 insertion(+), 9 deletions(-) diff --git a/DotNetCertAuthSample/DotNetCertAuthSample/Managers/CertificateManager.cs b/DotNetCertAuthSample/DotNetCertAuthSample/Managers/CertificateManager.cs index d85232a..40cbe32 100644 --- a/DotNetCertAuthSample/DotNetCertAuthSample/Managers/CertificateManager.cs +++ b/DotNetCertAuthSample/DotNetCertAuthSample/Managers/CertificateManager.cs @@ -263,10 +263,6 @@ private async Task CreateDCCertAsync(CreateDCCertificate values) { values.EKUs = EZCAConstants.DomainControllerDefaultEKUs; } - if (string.IsNullOrWhiteSpace(values.sid)) - { - throw new ArgumentException("Please enter a valid SID"); - } IEZCAClient ezcaClient = new EZCAClientClass( new HttpClient(), _logger, diff --git a/DotNetCertAuthSample/DotNetCertAuthSample/Models/CreateDCCertificate.cs b/DotNetCertAuthSample/DotNetCertAuthSample/Models/CreateDCCertificate.cs index 67107ac..01d9e9a 100644 --- a/DotNetCertAuthSample/DotNetCertAuthSample/Models/CreateDCCertificate.cs +++ b/DotNetCertAuthSample/DotNetCertAuthSample/Models/CreateDCCertificate.cs @@ -80,11 +80,7 @@ public class CreateDCCertificate [Option('k', "KeyLength", HelpText = "Certificate Key Length", Default = 4096)] public int KeyLength { get; set; } = 4096; - [Option( - "sid", - Required = true, - HelpText = "SID for the certificate to be created" - )] + [Option("sid", Required = false, HelpText = "SID for the certificate to be created")] public string sid { get; set; } = ""; [Option(