当需要大量签名的工作,同时又多用户使用,但又想把签名证书进行一定限制时,下面就实现了这样一个简单的方案。
需要一台IIS server, 共享一个文件夹(读写)。
在IIS 上创建一个asp.net web站点:
页面上添加一个按钮就可以了,后台代码如下:
using
System;
using System.Data;
using System.Configuration;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using System.Diagnostics;
using System.Timers;
public partial class _Default : System.Web.UI.Page
{
protected void Page_Load( object sender, EventArgs e)
{
}
void processSign( string cmd, string showstr)
{
// 利用CMD来执行已经写好的sign的bat处理文件
Process p = new Process();
p.StartInfo.RedirectStandardOutput = true ;
p.StartInfo.FileName = " cmd.exe " ;
p.StartInfo.WorkingDirectory = @" C:doxtechsign " ;
p.StartInfo.UseShellExecute = false ;
p.StartInfo.RedirectStandardInput = true ;
p.StartInfo.RedirectStandardOutput = true ;
p.StartInfo.RedirectStandardError = true ;
p.StartInfo.CreateNoWindow = true ;
p.Start();
// 记录签名者IP地址 和 签名的一些信息(这里仅仅反馈给用户显示),如果保存至文件就可以进行管理了。
string cIP = Request.ServerVariables[ " REMOTE_ADDR " ];
p.StandardInput.WriteLine(cmd + " " + cIP);
p.StandardInput.WriteLine( " exit " );
string info = " Your IP: " + cIP + " <br> Using Signature is " + showstr + " <br><br> " ;
string starstr = p.StandardOutput.ReadToEnd();
string [] sc = new string [] { " " };
string [] showmsg = starstr.Split(sc, StringSplitOptions.RemoveEmptyEntries);
System.DateTime currentTime = new System.DateTime();
currentTime = System.DateTime.Now;
string Labelstr = " Sign Time: " + currentTime.ToString( " g " ) + " <br> " + info;
if (showmsg.Length <= 4 )
{
Labelstr += ( " Not Found Files! <br> " );
Label1.Text = Labelstr;
return ;
}
else
{
for ( int i = 3 ; i < showmsg.Length - 1 ; i ++ )
{
Labelstr += showmsg[i];
Labelstr += " <br> " ;
}
Label1.Text = Labelstr + " <br> " ;
}
}
protected void Button2_Click( object sender, EventArgs e)
{
processSign( " Sign2K3.bat " , " File -> Windows Mobile 2003 " );
}
}
using System.Data;
using System.Configuration;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using System.Diagnostics;
using System.Timers;
public partial class _Default : System.Web.UI.Page
{
protected void Page_Load( object sender, EventArgs e)
{
}
void processSign( string cmd, string showstr)
{
// 利用CMD来执行已经写好的sign的bat处理文件
Process p = new Process();
p.StartInfo.RedirectStandardOutput = true ;
p.StartInfo.FileName = " cmd.exe " ;
p.StartInfo.WorkingDirectory = @" C:doxtechsign " ;
p.StartInfo.UseShellExecute = false ;
p.StartInfo.RedirectStandardInput = true ;
p.StartInfo.RedirectStandardOutput = true ;
p.StartInfo.RedirectStandardError = true ;
p.StartInfo.CreateNoWindow = true ;
p.Start();
// 记录签名者IP地址 和 签名的一些信息(这里仅仅反馈给用户显示),如果保存至文件就可以进行管理了。
string cIP = Request.ServerVariables[ " REMOTE_ADDR " ];
p.StandardInput.WriteLine(cmd + " " + cIP);
p.StandardInput.WriteLine( " exit " );
string info = " Your IP: " + cIP + " <br> Using Signature is " + showstr + " <br><br> " ;
string starstr = p.StandardOutput.ReadToEnd();
string [] sc = new string [] { " " };
string [] showmsg = starstr.Split(sc, StringSplitOptions.RemoveEmptyEntries);
System.DateTime currentTime = new System.DateTime();
currentTime = System.DateTime.Now;
string Labelstr = " Sign Time: " + currentTime.ToString( " g " ) + " <br> " + info;
if (showmsg.Length <= 4 )
{
Labelstr += ( " Not Found Files! <br> " );
Label1.Text = Labelstr;
return ;
}
else
{
for ( int i = 3 ; i < showmsg.Length - 1 ; i ++ )
{
Labelstr += showmsg[i];
Labelstr += " <br> " ;
}
Label1.Text = Labelstr + " <br> " ;
}
}
protected void Button2_Click( object sender, EventArgs e)
{
processSign( " Sign2K3.bat " , " File -> Windows Mobile 2003 " );
}
}
Sign2K3.bat 文件:
@echo off
dir Files | find /i " mui " >signname.tmp
dir Files | find /i " dll " >>signname.tmp
dir Files | find /i " cab " >>signname.tmp
dir Files | find /i " exe " >>signname.tmp
dir Files | find /i " hme " >>signname.tmp
for /f " tokens=4 " %%a in (signname.tmp) do signcode /spc DOXTechsign.cer /v DOXTechsign.pvk /a sha1 Files%%a
del signname.tmp
goto done
:usage
echo S
echo filename: all mui , dll , exe files in the files floder
:done
dir Files | find /i " mui " >signname.tmp
dir Files | find /i " dll " >>signname.tmp
dir Files | find /i " cab " >>signname.tmp
dir Files | find /i " exe " >>signname.tmp
dir Files | find /i " hme " >>signname.tmp
for /f " tokens=4 " %%a in (signname.tmp) do signcode /spc DOXTechsign.cer /v DOXTechsign.pvk /a sha1 Files%%a
del signname.tmp
goto done
:usage
echo S
echo filename: all mui , dll , exe files in the files floder
:done
这样就构建完成了。
1.当需要签名是在客户端上打开网页。2. 把需要签名的文件放置在共享的文件里。 3. 点击页面上的按钮。
在这里,只是并没有深入考虑安全性和广域网,也忽略多用户同时进行处理。简单安全性可以使用IIS提供安全设置来控制指定用户密码登入此网页,限制IP等。广域网的实施那就要实现页面上传文件至服务器,签名后下载至客户端。