在ASP.NET MVC Web应用程序中使用safenet eToken对用户进行身份验证

时间:2018-06-08 14:38:16

标签: c# asp.net certificate

我正在ASP.NET MVC中开发一个Web应用程序,一旦他们在计算机上安装了safenet eToken 5110设备,就需要用户登录。我可以设法检测令牌的现有情况,并获取有关令牌的信息,例如标签。 以下是访问我的令牌的代码

            string pkcs11LibraryPath = Properties.Settings.Default.Pkcs11File;

            using (Pkcs11 pkcs11 = new Pkcs11(pkcs11LibraryPath, AppType.SingleThreaded))
            {
                LibraryInfo libraryInfo = pkcs11.GetInfo();

                var slots = pkcs11.GetSlotList(SlotsType.WithTokenPresent);
                if (slots.Count == 0)
                {
                    return "NoToken";
                }

                var slot = slots[0];
                var token = slot.GetTokenInfo();

                if (token.Label != username)
                {
                    return "NoAuthorization";
                }

}

The above code works well in case of detecting token and also check the label of the token attached to a specific user.

下面的代码展示了我如何尝试获取私钥和​​公钥但始终计入零

using (var session = slot.OpenSession(SessionType.ReadOnly))
                {
                    session.Login(CKU.CKU_USER, "*********");

                    List<ObjectAttribute> publicKeyAttributes = new List<ObjectAttribute>();
                    publicKeyAttributes.Add(new ObjectAttribute(CKA.CKA_CLASS, CKO.CKO_PUBLIC_KEY));
                    publicKeyAttributes.Add(new ObjectAttribute(CKA.CKA_KEY_TYPE, CKK.CKK_RSA));
                    publicKeyAttributes.Add(new ObjectAttribute(CKA.CKA_LABEL, username));

                    List<ObjectHandle> foundPublicKeys = session.FindAllObjects(publicKeyAttributes);
                    if (foundPublicKeys == null || foundPublicKeys.Count != 1)
                        throw new Exception("Unable to find/identify public key");

                    ObjectHandle publicKeyHandle = foundPublicKeys[0];

                    List<ObjectAttribute> privateKeyAttributes = new List<ObjectAttribute>();
                    privateKeyAttributes.Add(new ObjectAttribute(CKA.CKA_CLASS, CKO.CKO_PRIVATE_KEY));
                    privateKeyAttributes.Add(new ObjectAttribute(CKA.CKA_KEY_TYPE, CKK.CKK_VENDOR_DEFINED));
                    privateKeyAttributes.Add(new ObjectAttribute(CKA.CKA_LABEL, token.Label));
                    privateKeyAttributes.Add(new ObjectAttribute(CKA.CKA_DECRYPT, true));
                    privateKeyAttributes.Add(new ObjectAttribute(CKA.CKA_SIGN, true));

                    // Find all objects that match provided attributes
                    List<ObjectHandle> foundPrivateKeys = session.FindAllObjects(privateKeyAttributes);
                    if (foundPrivateKeys == null || foundPrivateKeys.Count != 1)
                        throw new Exception("Unable to find/identify private key");

                    // Keep public key handle
                    ObjectHandle privateKeyHandle = foundPrivateKeys[0];
    enter code here

                    // Logout from session

                    session.Logout();
                }  

我担心的是在令牌上安装证书,以便我可以验证它是否是我们的CA颁发的证书。 任何帮助都很有帮助

0 个答案:

没有答案