本文共 3733 字,大约阅读时间需要 12 分钟。
本文主要通过简单实例,展示javascript调用微软CertEnroll及相关控件,实现对CSP数字证书的申请操作。
1. CSP读取及列表展示
...var providerList = document.getElementById("cspprovider");var certEnrollFactory = document.getElementById("oCertEnrollFactory");var csps = certEnrollFactory.CreateObject("X509Enrollment.CCspInformations");var csp = certEnrollFactory.CreateObject("X509Enrollment.CCspInformation");var providerName = "";var index = 0; csps.AddAvailableCsps();while (csps.Count > index) { csp = csps.ItemByIndex(index); providerName = csp.Name; option = new Option(providerName, index, false, true); providerList.add(option); providerName = ""; index++;}...
2. 生成P10
...var pkcs10 = "";var dn =;var csp = ;var keysize = ;var certEnrollFactory = document.getElementById("oCertEnrollFactory");var csp = certEnrollFactory.CreateObject("X509Enrollment.CCspInformation");var csps = certEnrollFactory.CreateObject("X509Enrollment.CCspInformations");var privateKey = certEnrollFactory.CreateObject("X509Enrollment.CX509PrivateKey");var request = certEnrollFactory.CreateObject("X509Enrollment.CX509CertificateRequestPkcs10")var objectIds = certEnrollFactory.CreateObject("X509Enrollment.CObjectIds");var objectId = certEnrollFactory.CreateObject("X509Enrollment.CObjectId");var x509ExtensionEnhancedKeyUsage = certEnrollFactory.CreateObject("X509Enrollment.CX509ExtensionEnhancedKeyUsage");var extensionTemplate = certEnrollFactory.CreateObject("X509Enrollment.CX509ExtensionTemplateName");var distinguishedName = certEnrollFactory.CreateObject("X509Enrollment.CX500DistinguishedName");var enroll = certEnrollFactory.CreateObject("X509Enrollment.CX509Enrollment");csp.InitializeFromName(csp);csps.Add(objCSP);privateKey.Length = parseInt(keysize, 10);privateKey.KeySpec = 2;privateKey.ExportPolicy = 1;privateKey.ProviderName = objCSP.Name;privateKey.ProviderType = objCSP.Type;privateKey.KeyUsage = 16777215;privateKey.MachineContext = 0;privateKey.CspInformations = csps;request.InitializeFromPrivateKey(1, privateKey, "");objectId.InitializeFromValue("1.3.6.1.5.5.7.3.2");extensionTemplate.InitializeEncode("1.3.6.1.5.5.7.3.2,1.3.6.1.4.1.311.20.2.2,1.3.6.1.4.1.311.10.3.12,1.3.6.1.5.5.7.3.4");request.X509Extensions.Add(extensionTemplate);distinguishedName.Encode(dn, 0);request.Subject = distinguishedName;enroll.InitializeFromRequest(request);pkcs10 = enroll.CreateRequest(1);pkcs10 = pkcs10.replace(/\r\n/g, "");...
3. 安装证书
... var certEnrollFactory = document.getElementById("oCertEnrollFactory");var enroll = certEnrollFactory.CreateObject("X509Enrollment.CX509Enrollment");enroll.Initialize(1)enroll.InstallResponse(4, pkcs7, 0x7, "")...
4. 证书读取
...var certSN =;var commonName = ;var myStore = new ActiveXObject("CAPICOM.Store");var certificate; myStore.Open(2, "My", 0);var filteredCertificates = myStore.Certificates.Find(1, commonName);for (i = 1; i <= filteredCertificates.Count; i++) { certificate = filteredCertificates.Item(i); if (certificate.SerialNumber == certSN) { break; }}...
5. 数字证书选择与签名
...var plainText = "HELLO";var signedData = "";var signedData = new ActiveXObject("CAPICOM.SignedData");var timeAttribute = new ActiveXObject("CAPICOM.Attribute");var signer = new ActiveXObject("CAPICOM.Signer");var myStore = new ActiveXObject("CAPICOM.Store"); myStore.Open(2, "My", 0);var today = new Date();var filteredCertificates = myStore.Certificates;var selectedCertificate = filteredCertificates.Select();signedData.Content = plainText;signer.Certificate = selectedCertificate;signer.Options = 2;timeAttribute.Name = 0;timeAttribute.Value = today.getVarDate();signer.AuthenticatedAttributes.Add(timeAttribute);signedData = signedData.Sign(signer, false, 0);...
转载地址:http://xwucn.baihongyu.com/