📄 casystem.cs
字号:
using System;
using System.Collections;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Web;
using System.Web.SessionState;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.HtmlControls;
using System.IO;
using System.Configuration;
using JCAPICOMLib;
using JITOCSPAPICOMLib;
using JITTSAAPICOMLib;
using System.Security;
using System.Security.Cryptography;
using System.Text;
//using JITCERTTOOLKITSLib;
namespace ENet.CA
{
/// <summary>
/// Summary description for CABusiness.
/// </summary>
public class CASystem: System.Web.UI.Page
{
#region Define
protected string uue;
protected HttpClientCertificate cer;
private string certmem="";
private string cacert = "";
private int lHandle=0;
private int Ret=0;
private int lStatus=0;
protected JITOCSPAPICOMLib._JIT_OCSP_CertStatus objOCSPCertStatus=null;
protected CApiEngine objEngine=null;
protected CApiCRLCOM objCRL=null;
protected CApiCertificate objServerEncCert=null; //服务器端证书
protected CApiCertificate objClientSignCert=null; //客户端证书
protected JITTSAAPICOMLib._JIT_TSA_Session objTSASession;
protected JITTSAAPICOMLib._JIT_TSA_SystemEnv objTSASystemEnv;
protected JCAPICOMLib.ICApiBinCOM objBin;
public static string strServerCertFile="";
public static string strWorkpath="";
public static string filename="";
public static string strCRLFile="";
public static string strRootCertChainFile="";
public static string strServerCertPass="11111111";
public static ushort iTSAport=49155;
public static string strCheckModel="0";
#endregion
public CASystem()
{
//
// TODO: Add constructor logic here
//
}
#region Public Function
public int CheckCert(string ClientCert,int ISPost)
{
int ret=0;
try
{
certmem=ClientCert;
int ISEngineNew = ISPost;
if(ISEngineNew!=0)
{
InitData(); //初始化信息
if(strCheckModel=="0")
{
ret=this.OCSPModel();
}
else
{
ret=this.CRLModel();
}
}
else
{
ret=2; //客户证书已经验证过
}
}
catch
{
// ret=false;
ret=-100;
}
return ret;
}
private int OCSPModel()
{
int ret=0;
try
{
ret=GetRootCert(); //获取CA根证书
if(ret==0)
{
ret=ValidateOCSP(); //OCSP验证证书
if(ret==0)
{
ret=GetUserState();
if(ret==0)
{
objEngine=Global.objAllEngine;
ret=0;//;InitEngine(); //初始化引擎
if(ret==0)
{
//ret=InitCRLSet(); //初始化CRL配置
if(ret==0)
{
//ret=InitCRL(); //初始化CRL
if(ret==0)
{
//ret=ValidateCRLVerify(); //验证CRL有效性
if(ret==0)
{
ret=InitServerCert(); //初始化服务器证书
if(ret==0)
{
ret=InitClientCert(); //初始化客户端证书
if(ret==0)
{
//ret=CRLVerifyCert(); //CRL验证客户端证书
if(ret==0)
{
ret=RootVerifyCert(); //根证书验证客户端签名证书
if(ret==0)
{
SetToSession();
ret=1; //客户证书验证成功
}
}
}
}
}
}
}
}
}
}
}
}
catch
{}
return ret;
}
private int CRLModel()
{
int ret=0;
try
{
ret=GetRootCert(); //获取CA根证书
if(ret==0)
{
//ret=ValidateOCSP(); //OCSP验证证书
if(ret==0)
{
//ret=GetUserState();
if(ret==0)
{
objEngine=Global.objAllEngine;
ret=0;//InitEngine(); //初始化引擎
if(ret==0)
{
ret=InitCRLSet(); //初始化CRL配置
if(ret==0)
{
ret=InitCRL(); //初始化CRL
if(ret==0)
{
ret=ValidateCRLVerify(); //验证CRL有效性
if(ret==0)
{
ret=InitServerCert(); //初始化服务器证书
if(ret==0)
{
ret=InitClientCert(); //初始化客户端证书
if(ret==0)
{
ret=CRLVerifyCert(); //CRL验证客户端证书
if(ret==0)
{
ret=RootVerifyCert(); //根证书验证客户端签名证书
if(ret==0)
{
SetToSession();
ret=1; //客户证书验证成功
}
}
}
}
}
}
}
}
}
}
}
}
catch
{}
return ret;
}
/// <summary>
/// 获取服务器端证书
/// </summary>
public string GetServerCert()
{
string readcert2="";
object readcert=null;
try
{
string filename=ConfigurationSettings.AppSettings["serverfile"];
StreamReader tf=File.OpenText(filename);
cacert = cacert +tf.ReadToEnd();
tf.Close();
InitServerCert();
objServerEncCert.GetCert(1,ref readcert);
readcert2=Convert.ToString(readcert);
int nErrorCode = objServerEncCert.ErrorCode;
if( 0 != nErrorCode)
{
readcert2="-120"; //获取服务器端证书失败
}
}
catch
{}
return readcert2;
}
/// <summary>
/// CA验证时间戳
/// </summary>
/// <param name="strTemp">字符串</param>
/// <param name="retHash">HASH值</param>
/// <param name="retTsa">请求时间戳结果</param>
/// <param name="retParse">解析的时间戳数据</param>
/// <returns></returns>
public int CAsjc(string strTemp,ref string retHash,ref string retTsa,ref string retParse)
{
int ret=0;
try
{
string readcer="";
string filename = ConfigurationSettings.AppSettings["FileTSA"]; //获取时间戳通信证书
string CAServerIP = ConfigurationSettings.AppSettings["CAServerIP"]; //TSA Server IP
string CDPath=ConfigurationSettings.AppSettings["CDPath"];
iTSAport=ushort.Parse(ConfigurationSettings.AppSettings["TSAport"]);
strTemp = strTemp.Replace( ".",((char)(10)).ToString());
int nVerifyStringLen = strTemp.Length;
int lencert = 0;
object oretTsa=null;
objTSASession = new JITTSAAPICOMLib._JIT_TSA_SessionClass();
objTSASystemEnv = new JITTSAAPICOMLib._JIT_TSA_SystemEnvClass();
objTSASystemEnv.SetOption(iTSAport,60,CAServerIP,CDPath);
if(File.Exists(filename))
{
StreamReader tf=File.OpenText(filename);
readcer = readcer +tf.ReadToEnd();
lencert = readcer.Length;
tf.Close();
}
else
{
ret= -1; //文件不存在
}
//打开引擎
int hSession = Convert.ToInt32(objTSASession.OpenSession().ToString());
if( 0 == hSession )
{
ret= -2; //"打开引擎失败
}
retHash =objTSASession.Hash(hSession,strTemp,Convert.ToUInt32(nVerifyStringLen),544).ToString();
if( 0 != retHash.Length)
{
//HASH值 = retHash
}
else
{
ret= -3; //获取HASH值失败
}
oretTsa=objTSASession.RequestTimeStamp(hSession,retHash,Convert.ToUInt32(retHash.Length));
retTsa = oretTsa.ToString();
if (0 !=retTsa.Length )
{
//请求时间戳结果 = retTsa
}
else
{
ret= -4; //请求时间戳结果失败
}
int iRet = Convert.ToInt32(objTSASession.VerifyTimeStamp(hSession,retTsa,Convert.ToUInt32(retTsa.Length),retHash,Convert.ToUInt32(retHash.Length),readcer,Convert.ToUInt32(lencert)).ToString());
if( 0 == iRet && Convert.ToUInt32(objTSASession.GetLastErr(hSession)) ==0 )
{
//验证时间戳成功
}
else
{
ret= -5; //验证时间戳失败!
}
retParse = objTSASession.ParseTimeStamp(hSession,retTsa,Convert.ToUInt32(retTsa.Length)).ToString();
if( 0 != retParse.Length)
{
//解析的时间戳数据 = retParse
}
else
{
ret= -6; //解析时间戳失败
}
objTSASession.CloseSession(hSession);
ret= 0;
}
catch
{
ret= -7;
}
return ret;
}
/// <summary>
/// 解析时间戳获得的结果转为时间字符串
/// </summary>
public string TimeTSAtoTime(string TSATime)
{
string sTime=string.Empty;
string sCtime=string.Empty;
string[] TT=null;
string LastTime=string.Empty;
try
{
sTime=TSATime.Substring(0,TSATime.LastIndexOf("||"));
sCtime=sTime.Replace("||","|");
TT=sCtime.Split('|');
if(TT.Length>=6)
{
LastTime=TT[0].ToString()+"-"+TT[1].ToString()+"-"+TT[2].ToString()+" "+TT[3].ToString()+":"+TT[4].ToString()+":"+TT[5].ToString();
}
}
catch
{}
return LastTime;
}
/// <summary>
/// CA签名
/// </summary>
/// <param name="strTemp">加密后字符串</param>
/// <param name="certmem">客户端证书字符串</param>
/// <param name="EndCode">原始的字符串</param>
/// <returns></returns>
public int CAqm(string strTemp,string certmem,ref string EndCode)
{
int ret=0;
try
{
object qm=null;
int nErrorCode=0;
strTemp = strTemp.Replace( ".",((char)(10)).ToString());
int nVerifyStringLen = strTemp.Length;
// 验证客户端签名
objClientSignCert = new JCAPICOMLib.CApiCertificateClass();
objClientSignCert.CreateCertificateFromMem(certmem, certmem.Length);
objBin = new JCAPICOMLib.CApiBinCOMClass();
qm=objBin.VfyDecEvp(objClientSignCert,null,strTemp,nVerifyStringLen);
EndCode=Convert.ToString(qm);
nErrorCode = objBin.ErrorCode;
if (0 != nErrorCode)
{
ret=-1; //"验证客户端签名失败
}
else
{
ret=0; //签名成功
}
}
catch
{
ret=-9;
}
return ret;
}
/// <summary>
/// CA加密
/// </summary>
/// <param name="szVerifyStringSign">加密后字符串</param>
/// <param name="EncData">解密后字符串,密文</param>
/// <returns></returns>
public int CAjm(string szVerifyStringSign,ref string EncData)
{
int ret=0;
try
{
string strTemp="";
int nErrorCode=0;
int nVerifyStringLen =0;
object endcode=null;
InitServerCert();
// 接收客户端的数据
strTemp = szVerifyStringSign;
strTemp = strTemp.Replace( ".",((char)(10)).ToString());
nVerifyStringLen = strTemp.Length;
// 解密客户端的数据
objBin = new JCAPICOMLib.CApiBinCOMClass();
endcode=objBin.VfyDecEvp(null,objServerEncCert,strTemp,nVerifyStringLen);
EncData=Convert.ToString(endcode);
nErrorCode = objBin.ErrorCode;
if( 0 != nErrorCode)
{
ret=-1; //解密失败
}
else
{
ret=0; //解密成功!密文是: EncData
}
}
catch
{
ret=-9;
}
return ret;
}
/// <summary>
/// 扩展域内容
/// </summary>
public string GetExtendStringEx(string ExtnedString)
{
string ret="";
try
{
ret= objClientSignCert.GetExtendStringEx(ExtnedString).ToString();
}
catch
{}
return ret;
}
/// <summary>
/// 字符窜Hash运算
/// </summary>
/// <param name="Str"></param>
/// <returns></returns>
public string StringToHash(string Str)
{
string strData=Str.Trim();
byte[] arrData=null;
byte[] arrHash=null;
string strHash=string.Empty;
try
{
arrData=(new UnicodeEncoding()).GetBytes(strData);
arrHash = ((HashAlgorithm)CryptoConfig.CreateFromName("MD5")).ComputeHash(arrData);
strHash=BitConverter.ToString(arrHash);
}
catch
{}
return strHash;
}
#endregion
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -