2

设想

我正在尝试使用证书来签署文件。我第一次签名时,操作系统会提示用户设置 PIN 的对话框,但下一次不会。出于安全原因,我需要每次签名时,操作系统都会向用户询问 PIN。有谁知道该怎么做?

这是代码:

''// create ContentInfo
Dim content As New ContentInfo(bytesContenido)

''// create a signer
Dim signer As New CmsSigner(certificado)

''// SignedCms represents signed data
Dim signedMessage As New SignedCms(content)

''// sign the data
signedMessage.ComputeSignature(signer, False)

''// create and return PKCS #7 byte array
Return signedMessage.Encode()

在某些页面上,我发现使用CryptSetProvParam可以清洁别针,但到目前为止还没有工作。

该声明:

<DllImport("advapi32.dll", CharSet:=CharSet.Auto, SetLastError:=True)> _
Public Shared Function CryptSetProvParam(ByVal hProv As IntPtr, ByVal dwParam As Int32, ByVal pbData As Byte(), ByVal dwFlags As Int32) As Boolean

End Function

调用:

Public punteroContexto As New System.IntPtr     ''// Obtenido usando CryptAcquireContext
Public Const PP_SIGNATURE_PIN As UInt32 = 33

If (Not CryptSetProvParam(punteroContexto, PP_SIGNATURE_PIN, Nothing, 0)) Then
    Marshal.ThrowExceptionForHR(Marshal.GetLastWin32Error)
End If

错误:

指定的类型无效。(来自 HRESULT 的异常:0x8009000A)

还使用多线程进行测试(使用另一个线程仅用于签名)并且它不起作用。

非常感谢!

4

1 回答 1

3 
[DllImport("Advapi32.dll", SetLastError = true)]
public static extern bool CryptSetProvParam(IntPtr hProv, uint dwParam, IntPtr pvData, uint dwFlags);

[DllImport("advapi32.dll", CharSet = CharSet.Auto, SetLastError = true)]
public static extern bool CryptAcquireContext(ref IntPtr hProv,
    string pszContainer, string pszProvider, uint dwProvType, uint dwFlags);

[DllImport("advapi32.dll", CharSet = CharSet.Auto, SetLastError = true)]
public static extern void CryptReleaseContext(IntPtr hProv, uint dwFlags);

static public bool ClearPINCache2(RSACryptoServiceProvider key)
{
    const uint PP_KEYEXCHANGE_PIN = 32;
    const uint PP_SIGNATURE_PIN = 33;
    bool bretval = false;

    IntPtr hProv = IntPtr.Zero;

    if (CryptAcquireContext(ref hProv, key.CspKeyContainerInfo.KeyContainerName,
        key.CspKeyContainerInfo.ProviderName, (uint)key.CspKeyContainerInfo.ProviderType, 0))
    {
        if ((CryptSetProvParam(hProv, PP_KEYEXCHANGE_PIN, IntPtr.Zero, 0) == true) &&
            (CryptSetProvParam(hProv, PP_SIGNATURE_PIN, IntPtr.Zero, 0) == true))
        {
            bretval = true;
        }
    }

    if (hProv != IntPtr.Zero)
    {
        CryptReleaseContext(hProv, 0);
        hProv = IntPtr.Zero;
    }

    return bretval;
}
于 2009-09-30T18:04:45.193 回答