using System;
using System.Configuration;
using System.Data;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.HtmlControls;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.IO;
using System.Net;
using System.Collections;
using System.Security.Cryptography.X509Certificates;
/*Bouncy castle*/
using Org.BouncyCastle.Ocsp;
using Org.BouncyCastle.Math;
using Org.BouncyCastle.Asn1.X509;
using Org.BouncyCastle.Crypto.Tls;
using Org.BouncyCastle.Asn1;
using Org.BouncyCastle.Asn1.Ocsp;
using Org.BouncyCastle.Utilities.Encoders;
using Org.BouncyCastle.X509;public partial class UKeyVerification : System.Web.UI.Page
{
protected void Page_Load(object sender, EventArgs e)
{
X509Store store = new X509Store(StoreName.My);
store.Open(OpenFlags.ReadOnly); X509CertificateCollection certificates =
X509Certificate2UI.SelectFromCollection
(
store.Certificates,
"Liste des certificats",
"Veuillez sélectionner un certificat",
X509SelectionFlag.SingleSelection
);
//Close certificate store
store.Close();
//Retrieve selected certificate
if (certificates.Count == 0) //the user has caceled shoosing certificate
{
return;
}
X509Certificate2 certificate = (X509Certificate2)certificates[0];
//Convert X509Certificate2 to Org.BouncyCastle.X509.X509Certificate
X509CertificateParser certParser = new X509CertificateParser();
Org.BouncyCastle.X509.X509Certificate CertBouncy = certParser.ReadCertificate(certificate.RawData);
//FileStream fs = new FileStream(@"C:\AV.cer",FileMode.Open);
//Org.BouncyCastle.X509.X509Certificate CertBouncy = certParser.ReadCertificate(fs);
//DoOcspRequest(new Uri("http://ocsp.eid.belgium.be"), CertBouncy.SerialNumber, CertBouncy);
DoOcspRequest(new Uri("http://10.27.141.13:8800"), CertBouncy.SerialNumber, CertBouncy);
} private static byte[] getOcspPackage(BigInteger serialNr, Org.BouncyCastle.X509.X509Certificate cacert)
{
OcspReqGenerator gen = new OcspReqGenerator();
try
{
CertificateID certId = new CertificateID(CertificateID.HashSha1, cacert, serialNr);
gen.AddRequest(certId);
gen.SetRequestExtensions(getExtentions());
OcspReq req;
req = gen.Generate();
return req.GetEncoded();
}
catch (OcspException e)
{
//System.Console.WriteLine(e.Message);
HttpContext.Current.Response.Write(e.Message);
}
catch (IOException e)
{
//System.Console.WriteLine(e.Message);
HttpContext.Current.Response.Write(e.Message);
}
return null;
} private static X509Extensions getExtentions()
{
byte[] nonce = new byte[16];
Hashtable exts = new Hashtable();
Org.BouncyCastle.Asn1.X509.X509Extension nonceext = new Org.BouncyCastle.Asn1.X509.X509Extension(false, new DerOctetString(nonce));
exts.Add(OcspObjectIdentifiers.PkixOcspNonce, nonceext);
return new X509Extensions(exts);
} private byte[] DoOcspRequest(Uri uri, BigInteger serialNr, Org.BouncyCastle.X509.X509Certificate certificate)
{
byte[] response = null;
HttpWebRequest webRequest = null;
try
{
webRequest = (HttpWebRequest)WebRequest.Create(uri);
//Setting required HTTP Headers
webRequest.ContentType = "application/ocsp-request";
//webRequest.Accept = "application/ocsp-response";
webRequest.Method = "POST";
byte[] ocspPackage = getOcspPackage(serialNr, certificate);
webRequest.ContentLength = ocspPackage.Length;
HttpContext.Current.Response.Write("1111" + "<br/>");
//webRequest.KeepAlive = true;
Stream s = webRequest.GetRequestStream();
s.Write(ocspPackage, 0, ocspPackage.Length); //Getting the response
//webRequest.Proxy = null;
HttpWebResponse res = (HttpWebResponse)webRequest.GetResponse();
//错误就在这里
//reading Content-Length Header
long contentLength = res.ContentLength;//normally about 3100 bytes
OcspResp OcspResponse = new OcspResp(res.GetResponseStream());
string statusOcsp = getOcspResponseStatus(OcspResponse.Status);
System.Console.WriteLine(statusOcsp);
BasicOcspResp brep;
brep = (BasicOcspResp)OcspResponse.GetResponseObject();
SingleResp[] singleResps = brep.Responses;
SingleResp singleResp = singleResps[0];
Object status = singleResp.GetCertStatus();
s.Close();
}
catch (Exception ex)
{
//System.Console.WriteLine(ex.Message);
HttpContext.Current.Response.Write(ex.Message + "<br/>");
}
return response;
} private static string getOcspResponseStatus(int status)
{
string OcspResponseStatus = "";
switch (status)
{
case 0: OcspResponseStatus = "succesfull";
break;
case 1: OcspResponseStatus = "malformedRequest";
break;
case 2: OcspResponseStatus = "internalError";
break;
case 3: OcspResponseStatus = "tryLater";
break;
case 5: OcspResponseStatus = "sigRequired";
break;
case 6: OcspResponseStatus = "unauthorized";
break;
}
return OcspResponseStatus;
HttpContext.Current.Response.Write(OcspResponseStatus);
} private static void getOcspResponse(Stream sResponse)
{
try
{
OcspResp response = new OcspResp(sResponse);
BasicOcspResp brep;
brep = (BasicOcspResp)response.GetResponseObject();
SingleResp[] singleResps = brep.Responses;
SingleResp singleResp = singleResps[0];
Object status = singleResp.GetCertStatus(); if (status == null)
{
//System.Console.WriteLine("OCSP Response is GOOD");
HttpContext.Current.Response.Write("OCSP Response is GOOD" + "<br/>");
}
else
{
//System.Console.WriteLine("OCSP Response is REVOKED or UNKNOW");
HttpContext.Current.Response.Write("OCSP Response is REVOKED or UNKNOW" + "<br/>");
} }
catch (Exception e)
{
System.Console.WriteLine("5" + e.Message);
}
}
}
using System.Configuration;
using System.Data;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.HtmlControls;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.IO;
using System.Net;
using System.Collections;
using System.Security.Cryptography.X509Certificates;
/*Bouncy castle*/
using Org.BouncyCastle.Ocsp;
using Org.BouncyCastle.Math;
using Org.BouncyCastle.Asn1.X509;
using Org.BouncyCastle.Crypto.Tls;
using Org.BouncyCastle.Asn1;
using Org.BouncyCastle.Asn1.Ocsp;
using Org.BouncyCastle.Utilities.Encoders;
using Org.BouncyCastle.X509;public partial class UKeyVerification : System.Web.UI.Page
{
protected void Page_Load(object sender, EventArgs e)
{
X509Store store = new X509Store(StoreName.My);
store.Open(OpenFlags.ReadOnly); X509CertificateCollection certificates =
X509Certificate2UI.SelectFromCollection
(
store.Certificates,
"Liste des certificats",
"Veuillez sélectionner un certificat",
X509SelectionFlag.SingleSelection
);
//Close certificate store
store.Close();
//Retrieve selected certificate
if (certificates.Count == 0) //the user has caceled shoosing certificate
{
return;
}
X509Certificate2 certificate = (X509Certificate2)certificates[0];
//Convert X509Certificate2 to Org.BouncyCastle.X509.X509Certificate
X509CertificateParser certParser = new X509CertificateParser();
Org.BouncyCastle.X509.X509Certificate CertBouncy = certParser.ReadCertificate(certificate.RawData);
//FileStream fs = new FileStream(@"C:\AV.cer",FileMode.Open);
//Org.BouncyCastle.X509.X509Certificate CertBouncy = certParser.ReadCertificate(fs);
//DoOcspRequest(new Uri("http://ocsp.eid.belgium.be"), CertBouncy.SerialNumber, CertBouncy);
DoOcspRequest(new Uri("http://10.27.141.13:8800"), CertBouncy.SerialNumber, CertBouncy);
} private static byte[] getOcspPackage(BigInteger serialNr, Org.BouncyCastle.X509.X509Certificate cacert)
{
OcspReqGenerator gen = new OcspReqGenerator();
try
{
CertificateID certId = new CertificateID(CertificateID.HashSha1, cacert, serialNr);
gen.AddRequest(certId);
gen.SetRequestExtensions(getExtentions());
OcspReq req;
req = gen.Generate();
return req.GetEncoded();
}
catch (OcspException e)
{
//System.Console.WriteLine(e.Message);
HttpContext.Current.Response.Write(e.Message);
}
catch (IOException e)
{
//System.Console.WriteLine(e.Message);
HttpContext.Current.Response.Write(e.Message);
}
return null;
} private static X509Extensions getExtentions()
{
byte[] nonce = new byte[16];
Hashtable exts = new Hashtable();
Org.BouncyCastle.Asn1.X509.X509Extension nonceext = new Org.BouncyCastle.Asn1.X509.X509Extension(false, new DerOctetString(nonce));
exts.Add(OcspObjectIdentifiers.PkixOcspNonce, nonceext);
return new X509Extensions(exts);
} private byte[] DoOcspRequest(Uri uri, BigInteger serialNr, Org.BouncyCastle.X509.X509Certificate certificate)
{
byte[] response = null;
HttpWebRequest webRequest = null;
try
{
webRequest = (HttpWebRequest)WebRequest.Create(uri);
//Setting required HTTP Headers
webRequest.ContentType = "application/ocsp-request";
//webRequest.Accept = "application/ocsp-response";
webRequest.Method = "POST";
byte[] ocspPackage = getOcspPackage(serialNr, certificate);
webRequest.ContentLength = ocspPackage.Length;
HttpContext.Current.Response.Write("1111" + "<br/>");
//webRequest.KeepAlive = true;
Stream s = webRequest.GetRequestStream();
s.Write(ocspPackage, 0, ocspPackage.Length); //Getting the response
//webRequest.Proxy = null;
HttpWebResponse res = (HttpWebResponse)webRequest.GetResponse();
//错误就在这里
//reading Content-Length Header
long contentLength = res.ContentLength;//normally about 3100 bytes
OcspResp OcspResponse = new OcspResp(res.GetResponseStream());
string statusOcsp = getOcspResponseStatus(OcspResponse.Status);
System.Console.WriteLine(statusOcsp);
BasicOcspResp brep;
brep = (BasicOcspResp)OcspResponse.GetResponseObject();
SingleResp[] singleResps = brep.Responses;
SingleResp singleResp = singleResps[0];
Object status = singleResp.GetCertStatus();
s.Close();
}
catch (Exception ex)
{
//System.Console.WriteLine(ex.Message);
HttpContext.Current.Response.Write(ex.Message + "<br/>");
}
return response;
} private static string getOcspResponseStatus(int status)
{
string OcspResponseStatus = "";
switch (status)
{
case 0: OcspResponseStatus = "succesfull";
break;
case 1: OcspResponseStatus = "malformedRequest";
break;
case 2: OcspResponseStatus = "internalError";
break;
case 3: OcspResponseStatus = "tryLater";
break;
case 5: OcspResponseStatus = "sigRequired";
break;
case 6: OcspResponseStatus = "unauthorized";
break;
}
return OcspResponseStatus;
HttpContext.Current.Response.Write(OcspResponseStatus);
} private static void getOcspResponse(Stream sResponse)
{
try
{
OcspResp response = new OcspResp(sResponse);
BasicOcspResp brep;
brep = (BasicOcspResp)response.GetResponseObject();
SingleResp[] singleResps = brep.Responses;
SingleResp singleResp = singleResps[0];
Object status = singleResp.GetCertStatus(); if (status == null)
{
//System.Console.WriteLine("OCSP Response is GOOD");
HttpContext.Current.Response.Write("OCSP Response is GOOD" + "<br/>");
}
else
{
//System.Console.WriteLine("OCSP Response is REVOKED or UNKNOW");
HttpContext.Current.Response.Write("OCSP Response is REVOKED or UNKNOW" + "<br/>");
} }
catch (Exception e)
{
System.Console.WriteLine("5" + e.Message);
}
}
}
解决方案 »
免费领取超大流量手机卡,每月29元包185G流量+100分钟通话, 中国电信官方发货