با سلام
ممنون میشم کمک کنید
من در حال کار روی امضای دیجیتال هستم.
که احراز هویت بصورت دو طرفه می باشد
ابتدا سمت کاربر داده امضا می شود
در کد زیر:
<script type="text/javascript"> // Some needed constants CAPICOM_CURRENT_USER_STORE = 2; CAPICOM_STORE_OPEN_READ_ONLY = 0; CAPICOM_AUTHENTICATED_ATTRIBUTE_SIGNING_TIME = 0; CAPICOM_ENCODE_BASE64 = 0; function Authenticate() { try { var challenge = document.getElementById("<%=hid_Challenge.ClientID %>"); var response = document.getElementById("<%=hid_Response.ClientID %>"); // Open windows certificate store var store = new ActiveXObject("CAPICOM.Store"); store.Open(CAPICOM_CURRENT_USER_STORE, "My", CAPICOM_STORE_OPEN_READ_ONLY); // Show personal certificates which are installed for this user var certificates = store.Certificates.Select("KeyA3 Sample PKI Authentication", "Please select a certificate to authenticate."); // Proceed if any certificate is selected if (certificates.Count > 0) { var signer = new ActiveXObject("CAPICOM.Signer"); signer.Certificate = certificates.Item(1); var timeAttrib = new ActiveXObject("CAPICOM.Attribute"); timeAttrib.Name = CAPICOM_AUTHENTICATED_ATTRIBUTE_SIGNING_TIME; var date = new Date('<%=DateTime.Now.ToString("F", new System.Globalization.CultureInfo("en-US")) %>'); timeAttrib.Value = date.getVarDate(); signer.AuthenticatedAttributes.Add(timeAttrib); var signedData = new ActiveXObject("CAPICOM.SignedData"); signedData.Content = challenge.value; response.value = signedData.Sign(signer, true, CAPICOM_ENCODE_BASE64); return true; } return false; } catch (e) { alert(e.description); return false; } } </script>
و در کد زیر که سمت سرور است امضا چک میشود:
Byte[] signedData; ContentInfo content; SignedCms signed; if (hid_Response.Value == null) throw new ArgumentNullException("Response"); signedData = Encoding.Unicode.GetBytes(Session["Challenge"].ToString()); content = new ContentInfo(signedData); signed = new SignedCms(content, true); signed.Decode(Convert.FromBase64String(hid_Respons e.Value)); // Set the parameter to 'true' if you want the certificate not be checked. signed.CheckSignature(true); // Do further authentication and user mapping here. // For example you could check some certificate parameters against your database. // Here we only show the certificate information. Nothing checked here. lbl_Message1.Text = "Authenticated successfully."; lbl_Message1.Visible = true; Dictionary<String, String> certProps = new Dictionary<String, String>(); certProps.Add("Subject", signed.Certificates[0].Subject); certProps.Add("Issuer", signed.Certificates[0].Issuer); certProps.Add("Valid From", signed.Certificates[0].NotBefore.ToString()); certProps.Add("Valid To", signed.Certificates[0].NotAfter.ToString()); certProps.Add("Friendly Name", signed.Certificates[0].FriendlyName); certProps.Add("Version", signed.Certificates[0].Version.ToString()); certProps.Add("Serial Number", signed.Certificates[0].SerialNumber); certProps.Add("Thumbprint", signed.Certificates[0].Thumbprint); gvCertificate.DataSource = certProps; gvCertificate.DataBind(); gvCertificate.Visible = true;
در حال حاض من مجبور هستم که کدم رو در asp classic اجرا کنم.
متاسفانه زیاد تسلط ندارم
و حتی توانایی جداسازی کد در سمت کاربر و سرور ندارم
کارم خیلی گیره
مرسی از لطفتون