| ||||
| ||||
| Вот такой VBS скрипт подписывет данные: Set Signer = CreateObject("CAPICOM.Signer") Set MyCert = CreateObject("CAPICOM.Certificate") Set SignedData = CreateObject("CAPICOM.SignedData") SignedData.Content = "test message" Set myStore = CreateObject("CAPICOM.Store") myStore.Open CAPICOM_CURRENT_USER_STORE , CAPICOM_MY_STORE ’Подписанный объект Message = SignedData.Sign (Signer ,True) WScript.Echo "Sign : " WScript.Echo Message А тот же код, перенесенный на ASP страницу говорит, что число сертификатов в хранилище равно 0. Если попробавть импортировать сертификат в память, то при выполнении скрипта получаем ошибку, что на этом ключе нельзя подписывать данные. | ||||
| Ответы: | ||||
| ||||
| У вас есть объеке Signer и Store, которые совсем не пользуются. Посмотрите такой тест (http://pages.istar.ca/~neutron/): <html><HEAD> <TITLE>CAPCIOM 2 ClientSign Demo</TITLE> <META NAME="ROBOTS" CONTENT="NOINDEX"> <SCRIPT LANGUAGE="JavaScript"> var isNav = (navigator.appName=="Netscape") var isWin32 = (navigator.platform=="Win32") if(isNav || !isWin32) window.location.replace("../../../notwinie.html"); function CheckText(datain){ var data = datain if(data==""){ alert("No data available") return false } if(data.length > 7000){ alert("Too much data (max. ~ 7 kb)"); return false } alert("--- Data to be signed --- \n\n" + data) ; return true } </script> <script language="VBScript"> Option Explicit Const CAPICOMdnld = "http://www.microsoft.com/downloads/release.asp?ReleaseID=39546" Const msgtitle = "ClientSignDemo" Const CAPICOM_VERIFY_SIGNATURE_AND_CERTIFICATE = 1 Const CAPICOM_ENCODE_BASE64 = 0 Const CAPICOM_LOCAL_MACHINE_STORE = 1 Const CAPICOM_STORE_OPEN_READ_ONLY = 0 Const info = "Signature and Certificate verification " Dim Signer, SignedData, Certificate Dim datatosign, Message, pkcs7message, contWin Dim verifyStatus : verifyStatus = False Dim filetosign Function isCapicomAvailable() Dim oStore On Error Resume Next Set oStore = CreateObject("CAPICOM.Store") oStore.Open CAPICOM_LOCAL_MACHINE_STORE, "Root", CAPICOM_STORE_OPEN_READ_ONLY If Err.Number <> 0 Then isCapicomAvailable = False Exit Function End If isCapicomAvailable = True Set oStore = Nothing On Error GoTo 0 End Function Sub btnSign_onclick() If NOT isCapicomAvailable Then MsgBox "CAPICOM is not installed." & vbCrLf & _ "Install capicom first via: " & vbCrLf & _ CAPICOMdnld, vbCritical, msgtitle Exit Sub End If If signwhat(0).checked Then datatosign = texttosign.value ElseIf signwhat(1).checked Then datatosign = document.body.innerHTML ElseIf signwhat(2).checked Then datatosign = document.all.tags("html")(0).outerHTML ElseIf signwhat(3).checked Then filetosign = document.applets(0).selectFileDialog() datatosign = document.applets(0).ReadFileAsString(filetosign) Else datatosign = texttosign.value End If If NOT CheckText(datatosign) Then ’validate data and size limit Exit Sub End If Set SignedData = CreateObject("CAPICOM.SignedData") SignedData.Content = datatosign On Error Resume Next ’Try to sign data-string with *attached* content and BASE64 endoced pkcs7 Message = SignedData.Sign(Nothing, False, CAPICOM_ENCODE_BASE64) If Err.Number <> 0 Then MsgBox "Sign Error: " & Err.Description & " " & Hex(Err.Number), _ vbCritical, msgtitle Else btnSign.style.display = "none" ’hide sign button and textarea data describe.style.display = "none" texttosign.style.display = "none" radios.style.display = "none" btnVerify.style.display = "" ’show verification buttons btnVerify.style.display = "" btnContent.style.display = "" btnCertificates.style.display = "" pkcs7.innerText = Message pkcs7.style.display = "" End If Set SignedData = Nothing On Error GoTo 0 End Sub Sub btnVerify_onclick() ’always verifies If isSigVerified Then MsgBox info & " succeeded", vbInformation, msgtitle Else MsgBox info & " failed: ", vbCritical, msgtitle End If End Sub Sub btnContent_onclick() If NOT verifyStatus Then ’check if possibly clicked first isSigVerified End If If verifyStatus Then pkcs7message = pkcs7.innerText Set SignedData = CreateObject("CAPICOM.SignedData") SignedData.Verify pkcs7message, False, CAPICOM_VERIFY_SIGNATURE_AND_CERTIFICATE showContent SignedData.Content Set SignedData = nothing Else MsgBox info & " failed: ", vbCritical, msgtitle End If End Sub Sub btnCertificates_onclick() If NOT verifyStatus Then isSigVerified End If If verifyStatus Then pkcs7message = pkcs7.innerText Set SignedData = CreateObject("CAPICOM.SignedData") SignedData.Verify pkcs7message, False, CAPICOM_VERIFY_SIGNATURE_AND_CERTIFICATE For Each Certificate In SignedData.Certificates Certificate.Display Next Set SignedData = nothing Else MsgBox info & " failed: ", vbCritical, msgtitle End If End Sub Function isSigVerified() pkcs7message = pkcs7.innerText Set SignedData = CreateObject("CAPICOM.SignedData") On Error Resume Next SignedData.Verify pkcs7message, False, CAPICOM_VERIFY_SIGNATURE_AND_CERTIFICATE If Err.Number <>0 Then verifyStatus = False Else verifyStatus = True End If isSigVerified = verifyStatus On Error Goto 0 End Function Sub showContent(content) Set contWin = window.open("","ContentWin","width=640,height=400,toolbar=no,location=no,directories=no,status=no,menubar=no,scrollbars=yes,copyhistory=no,resizable=yes") contWin.document.writeln "<html><head>" contWin.document.writeln "<title>Content</title>" contWin.document.writeln "<XMP>" & content & "<" & "/XMP>" contWin.document.writeln "</body></html>" End Sub </script> </head> <body bgcolor="#CCCCCC"> <h2 align=center><font color=blue>CAPICOM 2 ClientSign Demo</font></h2> <div align=right>M. Gallant 07/06/2002</div> <hr size=1><br> <span ID="describe"> This page demonstrates signing of content within a web page using an X509 code-signing certificate, if available. It also demonstrates using a signed Java applet to enable file signing. When the data is successfully signed using <b>SignedData.Sign()</b>, the base64-encoded pkcs7 data, including the content, is displayed with 3 buttons to verify the signature and certificate, display the content and the certificate(s) embedded in the pkcs7 data: </span><p> <center> <TEXTAREA ID="texttosign" cols=60 rows=10> Sign this text, the body html, the entire page contents, or select a file. </TEXTAREA> <P> <div ID=radios><button style="color:blue; background-color:yellow" id="btnSign" >Sign Text:</button> <INPUT type=radio name="signwhat" CHECKED>TextArea <INPUT type=radio name="signwhat">Body Contents <INPUT type=radio name="signwhat">Entire Page <INPUT type=radio name="signwhat">Select File </div> <applet code="FileAccessUtil.class" width=2 height=2> <PARAM NAME="cabbase" VALUE=fileaccessutil.cab> </applet> <!-- This is displayed only after successful signature process --> <table><tr><td> <button style="display: none" ID="btnVerify">Verify Signature and Certs</button> <button style="display: none" ID="btnContent">Show Content</button> <button style="display: none" ID="btnCertificates">Show Certs</button> <br> <pre style="display: none; font-size: xx-small" ID="pkcs7">Placeholder for pkcs7 signed data</pre> </td></tr></table></center><br> <a href="../../../java.html" TARGET="_parent"><img src="../../../pics/javascibut.gif" border=0></a> </BODY> </HTML> | ||||
anton