27.6.4 验证签名后台页面(verifySign.aspx.cs)
2008-04-29 14:44
288 查看
验证签名后台页面主要功能是验证客户端提交的签名,并解析XLML。
verifySign.aspx.cs的主要代码如下:
using System;
using System.Data;
using System.Configuration;
using System.Collections;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using System.Xml;
using System.IO;
public partial class verifySign : System.Web.UI.Page
{
public string strUserSignedData;
public string strSrc;
CAPICOM.SignedDataClass oSignData = new CAPICOM.SignedDataClass();
public string sData1;
public string sData2;
public string sData3;
public string sData4;
public string sData5;
public string sData6;
public string sData7;
public string sData8;
protected void Page_Load(object sender, EventArgs e)
{
strUserSignedData = Request.Form["SignedData"].ToString();
try
{
oSignData.Verify(strUserSignedData, false, 0);//验证数据签名
}
catch (Exception ex)
{
Response.Redirect("err.aspx?errmsg=验证客户端签名错误:" + ex.Message);
return;
}
strSrc = oSignData.Content;//获取业务数据原文
Response.Write("<center><h1><br>您提交的数据经过了数字签名并验证通过。<br></h1></center>");
//解析业务数据原文
try
{
StringReader xmlio = new StringReader(strSrc);
XmlReader reader = XmlReader.Create(xmlio);
reader.Read();
reader.ReadStartElement("MSG");
string sDataType1 = reader.GetAttribute("Type");
reader.ReadStartElement("data1");
sData1 = reader.ReadString();
reader.ReadEndElement();
string sDataType2 = reader.GetAttribute("Type");
reader.ReadStartElement("data2");
sData2 = reader.ReadString();
reader.ReadEndElement();
string sDataType3 = reader.GetAttribute("Type");
reader.ReadStartElement("data3");
sData3 = reader.ReadString();
reader.ReadEndElement();
string sDataType4 = reader.GetAttribute("Type");
reader.ReadStartElement("data4");
sData4 = reader.ReadString();
reader.ReadEndElement();
string sDataType5 = reader.GetAttribute("Type");
reader.ReadStartElement("data5");
sData5 = reader.ReadString();
reader.ReadEndElement();
string sDataType6 = reader.GetAttribute("Type");
reader.ReadStartElement("data6");
string sData6 = reader.ReadString();
reader.ReadEndElement();
string sDataType7 = reader.GetAttribute("Type");
reader.ReadStartElement("data7");
sData7 = reader.ReadString();
reader.ReadEndElement();
string sDataType8 = reader.GetAttribute("Type");
reader.ReadStartElement("data8");
sData8 = reader.ReadString();
reader.ReadEndElement();
reader.Close();
}
catch (Exception ex)
{
Response.Write("从XML原文解析业务数据失败:" + ex.Message);
}
//以下代码把业务数据和签名数据保存到数据库,作为日后证据。
//忽略
//
}
}
客户端JS脚本的主要代码如下:
function SelectSignCert(strSerialNumber,strSubject)
{
var oStore = new ActiveXObject("CAPICOM.Store");
var oSignerCert;
oStore.Open(CAPICOM_CURRENT_USER_STORE,CAPICOM_MY_STORE,CAPICOM_STORE_OPEN_READ_ONLY | CAPICOM_STORE_OPEN_EXISTING_ONLY);
oStoreCerts = oStore.Certificates.Find(CAPICOM_CERTIFICATE_FIND_KEY_USAGE, CAPICOM_DIGITAL_SIGNATURE_KEY_USAGE, true);
for(var i=1;i<=oStoreCerts.Count;i++) //遍历个人证书
{
try
{
var oCert=oStoreCerts.Item(i);
var cerName=oCert.GetInfo(CAPICOM_CERT_INFO_SUBJECT_SIMPLE_NAME);
if( (cerName==strSubject) && (strSerialNumber==oCert.SerialNumber))
{
return oCert;
}
}
catch(e)
{
alert("SelectSignCert catch"+e);
//window.alert(e);
return null;
}
}//end for
}
function SignData(SignerCert,DataToSign)
{
var SignedResult="";
try
{
var oSignedData = new ActiveXObject("CAPICOM.SignedData");
var oSigner = new ActiveXObject("CAPICOM.Signer");
}
catch(e)
{
window.alert(e);
return SignedResult;
}
try
{
var oSignerCert = eval(SignerCert);
oSigner.Certificate = oSignerCert;
oSignedData.Content = DataToSign;//需要签名的数据
SignedResult = oSignedData.Sign(oSigner);
return SignedResult;
}
catch(e)
{
window.alert(e);
return SignedResult;
}
}
详细的代码请参考附属光盘,目录:Code/第五篇 电子商务网站应用-ASP/订单签名。订单提交即签名页面的运行效果如图所示。处理订单即验证签名页面运行效果如图所示。
verifySign.aspx.cs的主要代码如下:
using System;
using System.Data;
using System.Configuration;
using System.Collections;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using System.Xml;
using System.IO;
public partial class verifySign : System.Web.UI.Page
{
public string strUserSignedData;
public string strSrc;
CAPICOM.SignedDataClass oSignData = new CAPICOM.SignedDataClass();
public string sData1;
public string sData2;
public string sData3;
public string sData4;
public string sData5;
public string sData6;
public string sData7;
public string sData8;
protected void Page_Load(object sender, EventArgs e)
{
strUserSignedData = Request.Form["SignedData"].ToString();
try
{
oSignData.Verify(strUserSignedData, false, 0);//验证数据签名
}
catch (Exception ex)
{
Response.Redirect("err.aspx?errmsg=验证客户端签名错误:" + ex.Message);
return;
}
strSrc = oSignData.Content;//获取业务数据原文
Response.Write("<center><h1><br>您提交的数据经过了数字签名并验证通过。<br></h1></center>");
//解析业务数据原文
try
{
StringReader xmlio = new StringReader(strSrc);
XmlReader reader = XmlReader.Create(xmlio);
reader.Read();
reader.ReadStartElement("MSG");
string sDataType1 = reader.GetAttribute("Type");
reader.ReadStartElement("data1");
sData1 = reader.ReadString();
reader.ReadEndElement();
string sDataType2 = reader.GetAttribute("Type");
reader.ReadStartElement("data2");
sData2 = reader.ReadString();
reader.ReadEndElement();
string sDataType3 = reader.GetAttribute("Type");
reader.ReadStartElement("data3");
sData3 = reader.ReadString();
reader.ReadEndElement();
string sDataType4 = reader.GetAttribute("Type");
reader.ReadStartElement("data4");
sData4 = reader.ReadString();
reader.ReadEndElement();
string sDataType5 = reader.GetAttribute("Type");
reader.ReadStartElement("data5");
sData5 = reader.ReadString();
reader.ReadEndElement();
string sDataType6 = reader.GetAttribute("Type");
reader.ReadStartElement("data6");
string sData6 = reader.ReadString();
reader.ReadEndElement();
string sDataType7 = reader.GetAttribute("Type");
reader.ReadStartElement("data7");
sData7 = reader.ReadString();
reader.ReadEndElement();
string sDataType8 = reader.GetAttribute("Type");
reader.ReadStartElement("data8");
sData8 = reader.ReadString();
reader.ReadEndElement();
reader.Close();
}
catch (Exception ex)
{
Response.Write("从XML原文解析业务数据失败:" + ex.Message);
}
//以下代码把业务数据和签名数据保存到数据库,作为日后证据。
//忽略
//
}
}
客户端JS脚本的主要代码如下:
function SelectSignCert(strSerialNumber,strSubject)
{
var oStore = new ActiveXObject("CAPICOM.Store");
var oSignerCert;
oStore.Open(CAPICOM_CURRENT_USER_STORE,CAPICOM_MY_STORE,CAPICOM_STORE_OPEN_READ_ONLY | CAPICOM_STORE_OPEN_EXISTING_ONLY);
oStoreCerts = oStore.Certificates.Find(CAPICOM_CERTIFICATE_FIND_KEY_USAGE, CAPICOM_DIGITAL_SIGNATURE_KEY_USAGE, true);
for(var i=1;i<=oStoreCerts.Count;i++) //遍历个人证书
{
try
{
var oCert=oStoreCerts.Item(i);
var cerName=oCert.GetInfo(CAPICOM_CERT_INFO_SUBJECT_SIMPLE_NAME);
if( (cerName==strSubject) && (strSerialNumber==oCert.SerialNumber))
{
return oCert;
}
}
catch(e)
{
alert("SelectSignCert catch"+e);
//window.alert(e);
return null;
}
}//end for
}
function SignData(SignerCert,DataToSign)
{
var SignedResult="";
try
{
var oSignedData = new ActiveXObject("CAPICOM.SignedData");
var oSigner = new ActiveXObject("CAPICOM.Signer");
}
catch(e)
{
window.alert(e);
return SignedResult;
}
try
{
var oSignerCert = eval(SignerCert);
oSigner.Certificate = oSignerCert;
oSignedData.Content = DataToSign;//需要签名的数据
SignedResult = oSignedData.Sign(oSigner);
return SignedResult;
}
catch(e)
{
window.alert(e);
return SignedResult;
}
}
详细的代码请参考附属光盘,目录:Code/第五篇 电子商务网站应用-ASP/订单签名。订单提交即签名页面的运行效果如图所示。处理订单即验证签名页面运行效果如图所示。
相关文章推荐
- 27.6.2 签名页面后台(Sign.aspx.cs)
- 27.6.3 签证签名页面前台(verifySign.aspx)
- ASP.NET 后台.cs文件执行.aspx页面的javascript方法
- 在C#代码(后台aspx.cs)页面中实现js的alert功能
- 在aspx页面中调用aspx.cs后台方法
- 在页面上使用javascript调用aspx.cs后台方法
- 在后台(aspx.cs)页面实现页面跳转
- 27.6.1 签名页面前台(Sign.aspx)
- asp.net中aspx页面中调用后台cs中的方法
- aspx页面前端使用js 调用aspx.cs后台的方法,不回传
- 在aspx页面里调用cs后台文件里的方法,返回结果到aspx页面
- 基于Ajax的数据验证——(4)ajaxVerify.aspx.cs
- aspx页面js向aspx.cs后台传值的方法
- web控件在.aspx页面中在.aspx.cs后台代码Page_Load()中都设置了相同的属性,哪个优先级高?
- 用正则表达式在注册页面(js/aspx.cs)的验证
- (转)Python rsa 签名与验证 sign and verify
- 如何在aspx页面中得到aspx.cs后台代码中的值
- 在aspx页面中调用aspx.cs后台方法
- .net 中 前台aspx页面调用后台.cs文件中的变量
- 在页面上使用javascript调用aspx.cs后台方法