亂馬客

整理在使用PKI將資料Hash及使用主機憑証做Hash的相關Function，其中有使用到WSE SP3。

Imports Microsoft.Web.Services2.Security.X509
Imports System.Security.Cryptography
Imports System.Security.Cryptography.X509Certificates
Imports BusinessHelper

''' <summary>
''' 處理Server憑証資訊
''' </summary>
''' <remarks></remarks>
Public Class X509Helper


    Public Shared CertificateFriendlyDisplayName As String = Toolkits.GetConfigSetting("CERT_NAME")

    ''' <summary>
    ''' 取得SHA1 Hash
    ''' </summary>
    ''' <param name="vstrValue"></param>
    ''' <returns></returns>
    ''' <remarks></remarks>
    Public Shared Function GetSHA1hash(ByVal vstrValue As String) As Byte()
        Dim byResult() As Byte = {}
        If String.IsNullOrEmpty(vstrValue) = False Then
            Dim btValue() As Byte = Text.UTF8Encoding.UTF8.GetBytes(vstrValue)
            Dim hash As New SHA1Managed()
            byResult = hash.ComputeHash(btValue)
        End If
        Return byResult
    End Function

    ''' <summary>
    ''' 取得SHA1 hash base64的值
    ''' </summary>
    ''' <param name="vstrValue"></param>
    ''' <returns></returns>
    ''' <remarks></remarks>
    Public Shared Function GetSHA1hashBase64(ByVal vstrValue As String) As String
        Dim strResult As String = String.Empty
        If String.IsNullOrEmpty(vstrValue) = False Then
            Dim btValue() As Byte = Text.UTF8Encoding.UTF8.GetBytes(vstrValue)
            Dim hash As New SHA1Managed()
            strResult = Convert.ToBase64String(hash.ComputeHash(btValue))
        End If
        Return strResult
    End Function

    ''' <summary>
    ''' 取得SHA1 hash base64的值
    ''' </summary>
    ''' <param name="vbyValue"></param>
    ''' <returns></returns>
    ''' <remarks></remarks>
    Public Shared Function GetSHA1hashBase64(ByVal vbyValue() As Byte) As String
        Dim strResult As String = String.Empty
        If vbyValue.Length > 0 Then
            Dim hash As New SHA1Managed()
            strResult = Convert.ToBase64String(hash.ComputeHash(vbyValue))
        End If
        Return strResult
    End Function

    ''' <summary>
    ''' 將字串用主機憑証做Hash後傳出Base64
    ''' </summary>
    ''' <param name="vstrValue"></param>
    ''' <returns></returns>
    ''' <remarks></remarks>
    Public Shared Function GetSHA1hashSignBase64(ByVal vstrValue As String) As String
        Dim strResult As String = String.Empty
        If String.IsNullOrEmpty(vstrValue) = False Then
            Dim key As Microsoft.Web.Services2.Security.Cryptography.RSACryptoServiceProvider = GetCryptoServiceProvider()
            If IsNothing(key) = False Then
                Dim btValue() As Byte = Text.UTF8Encoding.UTF8.GetBytes(vstrValue)
                Dim hash As New SHA1Managed()
                Dim byHash() As Byte = key.SignHash(hash.ComputeHash(btValue), CryptoConfig.MapNameToOID("SHA1"))
                strResult = Convert.ToBase64String(byHash)
            Else
                Throw New Exception("找不到主機憑証:" & CertificateFriendlyDisplayName)
            End If
        End If
        Return strResult
    End Function

    ''' <summary>
    ''' 將字串用主機憑証做Hash後傳出byte()
    ''' </summary>
    ''' <param name="vstrValue"></param>
    ''' <returns></returns>
    ''' <remarks></remarks>
    Public Shared Function GetSHA1hashSign(ByVal vstrValue As String) As Byte()
        Dim byResult() As Byte = {}
        If String.IsNullOrEmpty(vstrValue) = False Then
            Dim key As Microsoft.Web.Services2.Security.Cryptography.RSACryptoServiceProvider = GetCryptoServiceProvider()
            Dim btValue() As Byte = Text.UTF8Encoding.UTF8.GetBytes(vstrValue)
            Dim hash As New SHA1Managed()
            byResult = key.SignHash(hash.ComputeHash(btValue), CryptoConfig.MapNameToOID("SHA1"))
        End If
        Return byResult
    End Function

    ''' <summary>
    ''' 驗証內容與加簽過的內容是否相同
    ''' </summary>
    ''' <param name="vstrValue"></param>
    ''' <param name="vstrSignedValue"></param>
    ''' <returns></returns>
    ''' <remarks></remarks>
    Public Shared Function VerifySHA1hashBase64(ByVal vstrValue As String, ByVal vstrSignedValue As String) As Boolean
        Dim blnResult As Boolean = False
        If String.IsNullOrEmpty(vstrValue) = False Then
            Dim byNew() As Byte = GetSHA1hash(vstrValue)
            Dim bySigned() As Byte = Convert.FromBase64String(vstrSignedValue)
            Dim key As Microsoft.Web.Services2.Security.Cryptography.RSACryptoServiceProvider = GetCryptoServiceProvider()

            blnResult = key.VerifyHash(byNew, CryptoConfig.MapNameToOID("SHA1"), bySigned)
        End If
        Return blnResult
    End Function

    ''' <summary>
    ''' 取得RSACryptoServiceProvider
    ''' </summary>
    ''' <returns></returns>
    ''' <remarks></remarks>
    Public Shared Function GetCryptoServiceProvider() As Microsoft.Web.Services2.Security.Cryptography.RSACryptoServiceProvider
        Dim result As Microsoft.Web.Services2.Security.Cryptography.RSACryptoServiceProvider = Nothing
        If String.IsNullOrEmpty(CertificateFriendlyDisplayName) Then
            CertificateFriendlyDisplayName = "RM-OA"
        End If
        Dim store As X509.X509CertificateStore
        store = X509.X509CertificateStore.LocalMachineStore(X509.X509CertificateStore.MyStore)
        store.OpenRead()
        '找出憑證名稱
        Dim cert As X509.X509Certificate
        For Each cert In store.Certificates
            If String.Compare(cert.FriendlyDisplayName, CertificateFriendlyDisplayName, True) = 0 Then
                result = cert.Key
                Exit For
            End If
        Next
        If result Is Nothing Then
            Throw New Exception("找不到主機憑証[" & CertificateFriendlyDisplayName & "]")
        End If
        Return result
    End Function


End Class

 

Source:X509Helper.rar

Hi, 

亂馬客Blog已移到了 「亂馬客​ : Re:從零開始的軟體開發生活」

請大家繼續支持 ^_^