我在.net中有一个代码,用于登录客户端并在服务器端进行验证。
我必须将我的代码转换为 asp classic。
在客户端的.net代码中,我通过javascript使用capicom进行签名。
我的代码:
<script type="text/javascript">
// Some needed constants
CAPICOM_CURRENT_USER_STORE = 2;
CAPICOM_STORE_OPEN_READ_ONLY = 0;
CAPICOM_AUTHENTICATED_ATTRIBUTE_SIGNING_TIME = 0;
CAPICOM_ENCODE_BASE64 = 0;
function Authenticate() {
try {
var challenge = document.getElementById("<%=hid_Challenge.ClientID %>");
var response = document.getElementById("<%=hid_Response.ClientID %>");
// Open windows certificate store
var store = new ActiveXObject("CAPICOM.Store");
store.Open(CAPICOM_CURRENT_USER_STORE, "My", CAPICOM_STORE_OPEN_READ_ONLY);
// Show personal certificates which are installed for this user
var certificates = store.Certificates.Select("KeyA3 Sample PKI Authentication", "Please select a certificate to authenticate.");
// Proceed if any certificate is selected
if (certificates.Count > 0) {
var signer = new ActiveXObject("CAPICOM.Signer");
signer.Certificate = certificates.Item(1);
var timeAttrib = new ActiveXObject("CAPICOM.Attribute");
timeAttrib.Name = CAPICOM_AUTHENTICATED_ATTRIBUTE_SIGNING_TIME;
var date = new Date('<%=DateTime.Now.ToString("F", new System.Globalization.CultureInfo("en-US")) %>');
timeAttrib.Value = date.getVarDate();
signer.AuthenticatedAttributes.Add(timeAttrib);
var signedData = new ActiveXObject("CAPICOM.SignedData");
signedData.Content = challenge.value;
response.value = signedData.Sign(signer, true, CAPICOM_ENCODE_BASE64);
return true;
}
return false;
}
catch (e) {
alert(e.description);
return false;
}
}
</script>
还有
我检查此代码中的签名数据:
Byte[] signedData;
ContentInfo content;
SignedCms signed;
if (hid_Response.Value == null)
throw new ArgumentNullException("Response");
signedData = Encoding.Unicode.GetBytes(Session["Challenge"].ToString());
content = new ContentInfo(signedData);
signed = new SignedCms(content, true);
signed.Decode(Convert.FromBase64String(hid_Response.Value));
// Set the parameter to 'true' if you want the certificate not be checked.
signed.CheckSignature(true);
// Do further authentication and user mapping here.
// For example you could check some certificate parameters against your database.
// Here we only show the certificate information. Nothing checked here.
lbl_Message1.Text = "Authenticated successfully.";
lbl_Message1.Visible = true;
Dictionary<String, String> certProps = new Dictionary<String, String>();
certProps.Add("Subject", signed.Certificates[0].Subject);
certProps.Add("Issuer", signed.Certificates[0].Issuer);
certProps.Add("Valid From", signed.Certificates[0].NotBefore.ToString());
certProps.Add("Valid To", signed.Certificates[0].NotAfter.ToString());
certProps.Add("Friendly Name", signed.Certificates[0].FriendlyName);
certProps.Add("Version", signed.Certificates[0].Version.ToString());
certProps.Add("Serial Number", signed.Certificates[0].SerialNumber);
certProps.Add("Thumbprint", signed.Certificates[0].Thumbprint);
gvCertificate.DataSource = certProps;
gvCertificate.DataBind();
gvCertificate.Visible = true;
但是我必须在 asp classic 中运行此代码
我成功地通过 JavaScript 在客户端签署了我的数据。
我想通过 VBSCRIPT 或 JAVASCRIPT 验证服务器端的数据。
有什么办法吗?
谢谢
最佳答案
我找到了答案。
这会很有帮助。
Dim verification
Set verification = Server.CreateObject("CAPICOM.SignedData")
verification.Verify signed_Data, false, 0
For Each Certificate In verification.Certificates
subject = Certificate.SubjectName
Next
If Err.Number <> 0 Then
result = Err.Description & Hex(Err.Number)
Else
result = "Signature is OK"
End If
关于javascript - 在服务器端使用CAPICOM,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/21509767/