自定义WebBrowserControl IHttpNegotiate3 [英] Custom WebBrowserControl IHttpNegotiate3

问题描述

您好， 

我开发了一个网页自定义控件，尝试自动选择 某个网络环境中的用户证书（仅支持Internet Explorer浏览器）。

I have developed a web custom control, trying automate the selection of  user certificates on a certain web enviroment (only the internet explorer browser is supported).

我已经阅读了几篇文章，寻找有关此自定义的信息，并在msdn论坛中发帖。

I have readed several articles looking for information about this customization and many post in msdn forum.

（如下所示：  https://jiangsheng.net/2013/07/17/howto-ignoring-web-browser-certificate-errors-in-webbrowser-host/）

(like this: https://jiangsheng.net/2013/07/17/howto-ignoring-web-browser-certificate-errors-in-webbrowser-host/ )

我的结论是在类中实现IHttpNegotiate3接口，从浏览器中捕获调用（方法  GetSerializedClientCertContext），并将原始数据从用户想要的选定证书（使用指纹）传递到
浏览器实例。

My conclusion is to implement the IHttpNegotiate3 interface in a class, catching the invocation from the browser ( method  GetSerializedClientCertContext ) , and pass raw data from a selected certificate that the user wants (with the thumbprint) to the browser instance.

但这不起作用。让我解释一下情况。该过程调用我的GetSerializedClientCertContext方法，对返回我的方法作为响应的证书原始数据不执行任何操作。然后系统使用标准
证书选择窗口请求证书。

But this does not work. Let me explain the situation. The process calls my GetSerializedClientCertContext method, doing nothing with the certificate raw data that returns my method in response. Then the system requests a certificate with the standar certificate selection window.

几个问题：我的代码是否有错误？以前有必要吗？ 

Several questions: Is there an error on my code? Something previous is necessary? 

我认为接口文档不清楚证书数据的格式。

I consider that the interface documentation is not clear about the format of the certificate data.

获取证书：

public IList<CertificadoViewModel> BuscarCertificados()
        {
            List<CertificadoViewModel> result = new List<CertificadoViewModel>();

            List<StoreName> storeNames = new List<StoreName>() { StoreName.My, StoreName.Root, StoreName.TrustedPublisher };
            foreach (var sn in storeNames)
            {
                try
                {
                    X509Store store = new X509Store(sn);
                    store.Open(OpenFlags.ReadOnly);

                    if (store.Certificates.Count > 0)
                        result.AddRange(store.Certificates.Cast<X509Certificate2>().Select(c => CreateCertificadoViewModel(c, sn)).ToList());

                    store.Close();
                }
                catch (Exception)
                {
                   // Logger.EscribirException(ex);
                }
            }

            return result;
        }

我的GetSerializedClientCertContext实现 

My GetSerializedClientCertContext implementation 

int IHttpNegotiate3.GetSerializedClientCertContext(out IntPtr ppbCert, ref int pcbCert)
            {

                CertManager c = new CertManager();
                IList<CertificadoViewModel> certificados = c.BuscarCertificados();
                bool sucess = false;
                if (certificados is null)
                {
                    //sucess false
                }
                else
                {
					//Adhoc certificate selection
                    IList<CertificadoViewModel> elegidos = certificados.Where(cert => cert.Certificado.Thumbprint.ToLower () .Equals ("f504ad7ee269e240e351f1842fee2666273e050a")).ToList();
                    CertificadoViewModel selected =elegidos [0];
                    if (!(selected is null ) )
                    {
                        sucess = true;
                        Byte[] buffer = selected.Certificado.GetRawCertData() ;
                        int size = Marshal.SizeOf(buffer[0]) * buffer.Length;
                        IntPtr puntero = Marshal.AllocHGlobal(size);
                        Marshal.Copy(buffer, 0, puntero, size);
                        ppbCert = puntero;
                        pcbCert = size;
                        return S_OK;
                    }
                }
                return S_FALSE;
			}

IHttpNegotiate3定义

IHttpNegotiate3 Definition

 [ComImport, ComVisible(true)]
    [Guid("57b6c80a-34c2-4602-bc26-66a02fc57153")]
    [InterfaceType(ComInterfaceType.InterfaceIsIUnknown)]
    public interface IHttpNegotiate3
    {


        [return: MarshalAs(UnmanagedType.I4)]
        [PreserveSig]
        int BeginningTransaction(
            [In, MarshalAs(UnmanagedType.LPWStr)] string szURL,
            [In, MarshalAs(UnmanagedType.LPWStr)] string szHeaders,
            [In, MarshalAs(UnmanagedType.U4)] UInt32 dwReserved,
            [Out] out IntPtr pszAdditionalHeaders);

        [return: MarshalAs(UnmanagedType.I4)]
        [PreserveSig]
        int OnResponse(
            [In, MarshalAs(UnmanagedType.U4)] UInt32 dwResponseCode,
            [In, MarshalAs(UnmanagedType.LPWStr)] string szResponseHeaders,
            [In, MarshalAs(UnmanagedType.LPWStr)] string szRequestHeaders,
            [Out] out IntPtr pszAdditionalRequestHeaders);

        [return: MarshalAs(UnmanagedType.I4)]
        [PreserveSig]
        int GetRootSecurityId(
            [Out] out IntPtr pbSecurityId,
            [In, Out] ref IntPtr pcbSecurityId,
            [In, MarshalAs(UnmanagedType.U4)] UInt32 dwReserved);

        [return: MarshalAs(UnmanagedType.I4)]
        [PreserveSig]
        int GetSerializedClientCertContext(
            [Out]   out  IntPtr ppbCert,
            [In,Out] ref int pcbCert);
      


    }

提前感谢您的任何信息。

Thanks in advance for any information.

推荐答案

Hi Fildiro，

Hi Fildiro,

对于迟到的回复感到抱歉。

Sorry for the late reply.

据我所知，  IHttpNegotiate3 :: GetSerializedClientCertContext method 支持IE8和更大，但在Winform中有一个
障碍： Web浏览器控件 - 默认情况下 - 永远停留在IE 7渲染模式。即使我们是现在，IE 11和一个合理的HTML5兼容浏览器，Web浏览器控件默认使用IE 7渲染引擎。
这是因为ActiveX控件的原始版本使用了这种模式，并且为了向后兼容性，Control继续这种过时且非常HTML5不友好的默认值。

As far as I know, IHttpNegotiate3::GetSerializedClientCertContext method is supported with IE8 and the greater, but in Winform there's a snag: The Web Browser Control is - by default - perpetually stuck in IE 7 rendering mode. Even though we're now up to IE 11 and a reasonably HTML5 compatible browser, the Web Browser Control always uses the IE 7 rendering engine by default. This is because the original versions of the ActiveX control used this mode and for backwards compatibility the Control continues this outdated and very HTML5 unfriendly default.

因此IE将无法工作这种情况。

So the IE will not work in this case.

要解决您的问题，请尝试指定IE版本：

To solve your problem, try to specify the IE version:

Web浏览器控件&指定IE版本

问候，

Stanly

注意：此回复包含参考第三方万维网站点。 Microsoft提供此信息是为了方便您。 Microsoft不控制这些网站，也未测试在这些网站上找到的任何软件或信息;因此，
Microsoft不能就其中发现的任何软件或信息的质量，安全性或适用性做出任何陈述。使用互联网上的任何软件都存在固有的危险，微软提醒您在从互联网上检索任何软件之前，确保您完全了解风险。

Note: This response contains a reference to a third party World Wide Web site. Microsoft is providing this information as a convenience to you. Microsoft does not control these sites and has not tested any software or information found on these sites; Therefore, Microsoft cannot make any representations regarding the quality, safety, or suitability of any software or information found there. There are inherent dangers in the use of any software found on the Internet, and Microsoft cautions you to make sure that you completely understand the risk before retrieving any software from the Internet.

这篇关于自定义WebBrowserControl IHttpNegotiate3的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！