我正在ASP.NET MVC中开发一个Web应用程序,一旦他们在计算机上安装了safenet eToken 5110设备,就需要用户登录。我可以设法检测令牌的现有情况,并获取有关令牌的信息,例如标签。 以下是访问我的令牌的代码
string pkcs11LibraryPath = Properties.Settings.Default.Pkcs11File;
using (Pkcs11 pkcs11 = new Pkcs11(pkcs11LibraryPath, AppType.SingleThreaded))
{
LibraryInfo libraryInfo = pkcs11.GetInfo();
var slots = pkcs11.GetSlotList(SlotsType.WithTokenPresent);
if (slots.Count == 0)
{
return "NoToken";
}
var slot = slots[0];
var token = slot.GetTokenInfo();
if (token.Label != username)
{
return "NoAuthorization";
}
}
The above code works well in case of detecting token and also check the label of the token attached to a specific user.
下面的代码展示了我如何尝试获取私钥和公钥但始终计入零
using (var session = slot.OpenSession(SessionType.ReadOnly))
{
session.Login(CKU.CKU_USER, "*********");
List<ObjectAttribute> publicKeyAttributes = new List<ObjectAttribute>();
publicKeyAttributes.Add(new ObjectAttribute(CKA.CKA_CLASS, CKO.CKO_PUBLIC_KEY));
publicKeyAttributes.Add(new ObjectAttribute(CKA.CKA_KEY_TYPE, CKK.CKK_RSA));
publicKeyAttributes.Add(new ObjectAttribute(CKA.CKA_LABEL, username));
List<ObjectHandle> foundPublicKeys = session.FindAllObjects(publicKeyAttributes);
if (foundPublicKeys == null || foundPublicKeys.Count != 1)
throw new Exception("Unable to find/identify public key");
ObjectHandle publicKeyHandle = foundPublicKeys[0];
List<ObjectAttribute> privateKeyAttributes = new List<ObjectAttribute>();
privateKeyAttributes.Add(new ObjectAttribute(CKA.CKA_CLASS, CKO.CKO_PRIVATE_KEY));
privateKeyAttributes.Add(new ObjectAttribute(CKA.CKA_KEY_TYPE, CKK.CKK_VENDOR_DEFINED));
privateKeyAttributes.Add(new ObjectAttribute(CKA.CKA_LABEL, token.Label));
privateKeyAttributes.Add(new ObjectAttribute(CKA.CKA_DECRYPT, true));
privateKeyAttributes.Add(new ObjectAttribute(CKA.CKA_SIGN, true));
// Find all objects that match provided attributes
List<ObjectHandle> foundPrivateKeys = session.FindAllObjects(privateKeyAttributes);
if (foundPrivateKeys == null || foundPrivateKeys.Count != 1)
throw new Exception("Unable to find/identify private key");
// Keep public key handle
ObjectHandle privateKeyHandle = foundPrivateKeys[0];
enter code here
// Logout from session
session.Logout();
}
我担心的是在令牌上安装证书,以便我可以验证它是否是我们的CA颁发的证书。 任何帮助都很有帮助