//var CERT_SYSTEM_STORE_LOCAL_MACHINE = 0x20000;
var CERT_SYSTEM_STORE_LOCATION_SHIFT = 16;
var CERT_SYSTEM_STORE_LOCAL_MACHINE_ID = 2;
var CERT_SYSTEM_STORE_LOCAL_MACHINE = CERT_SYSTEM_STORE_LOCAL_MACHINE_ID << CERT_SYSTEM_STORE_LOCATION_SHIFT;
var AT_KEYEXCHANGE = 1;
var AT_SIGNATURE = 2;
var CRYPT_EXPORTABLE = 1;
var CRYPT_USER_PROTECTED = 2;
var XECR_PKCS10_V2_0 = 1;
var XECT_EXTENSION_V1 = 1;
var CERT_KEY_SIZE = 512; //2048;

//create xenroll object
var XEnroll = null; //new ActiveXObject("CEnroll.CEnroll.1");

function CertRequest(distinguished_name, cert_request_id)
{  

   XEnroll = new ActiveXObject("CEnroll.CEnroll.1");
   
  
   
   // set the cert template
   XEnroll.addCertTypeToRequest("User");
   
  
   
   // set SMIME capabilities
   XEnroll.EnableSMIMECapabilities = true;
   
  
   
   // set the CSP name
   //XEnroll.ProviderName = "Microsoft Enhanced Cryptographic Provider v1.0";
   XEnroll.ProviderName = "Microsoft Base Cryptographic Provider v1.0";
   
  
   
   // set the CSP Provider Type
   XEnroll.ProviderType = 1;
   
  
   
   // set the KeyUsage (for signature & encription)
   XEnroll.KeySpec = AT_KEYEXCHANGE;
   
  
   
   // set the key size (the upper 16 bits of GenKeyFlags)
   XEnroll.GenKeyFlags = CERT_KEY_SIZE<<16;
   
  
   
   // set 'Strong private key protection'
   //XEnroll.GenKeyFlags|=CRYPT_USER_PROTECTED;
   
   // mark the keys as exportable
   XEnroll.GenKeyFlags|=CRYPT_EXPORTABLE;
   
  
  try
  {
   
   // set the cert template, we know this is v1 template
   XEnroll.addCertTypeToRequestEx(XECT_EXTENSION_V1, "User", 0, false, 0);
   }
   catch( e )
   {
		//alert("Error: " + e.name + " " + e.description + " " + e.message);
   }
   
  
   // place the keys in the local machine store
   //XEnroll.MyStoreFlags = CERT_SYSTEM_STORE_LOCAL_MACHINE;
   
   //XEnroll.HashAlgorithm = "MD5";
   
   XEnroll.DeleteRequestCert = true;
   
   
   
   
   document.getElementById(cert_request_id).value = "";
   
   var sCertUsage = "User"; // this does not work on 
   
   try
   {
      //create certificate request   
      //var sPKCS = XEnroll.createPKCS10(distinguished_name, sCertUsage);       
      var sPKCS = XEnroll.CreateRequest(XECR_PKCS10_V2_0, distinguished_name, "")     
      document.getElementById(cert_request_id).value = sPKCS;
     
   }
   catch(e)
   {
       //alert("Error: " + e.name + " " + e.description + " " + e.message);
   }
}

function CertSave(cert_data_id, file_path, file_psw)
{
    //XEnroll.MyStoreFlags = CERT_SYSTEM_STORE_LOCAL_MACHINE;
    //XEnroll.SPCFileName = "";
    
    XEnroll = new ActiveXObject("CEnroll.CEnroll.1");
    
    XEnroll.DeleteRequestCert = true;
    
    if (document.getElementById(cert_data_id).value == "") return;
    
    try
    {
       //get certificate & put it into certificate store
       //XEnroll.acceptPKCS7(document.getElementById(cert_data_id).value);
       XEnroll.acceptResponse(document.getElementById(cert_data_id).value);
       
       if (file_path != "")
       {
          //copy certificate to a file
          XEnroll.createFilePFX(file_psw, file_path);
       }
    }
    catch(e)
    {
       //alert("Error: " + e.name + " " + e.description + " " + e.message);
    }
    
    

}