IObjectSafety-ActiveX Authenticode问题 [英] IObjectSafety - ActiveX Authenticode problem

问题描述

你好

我必须为用C#(WPF)编写的ActiveX控件实现Authenticode证书.

I have to implement Authenticode certyficate for my ActiveX control written in C# (WPF).

我的ActiveX控件工作正常，但IE始终显示安全栏，用户必须单击允许"，然后单击确定".每次他运行控件时-这就是原因，为什么我们决定购买Authenticode Certyficate.我们已收到证书和私钥， 但是在对控件进行签名(签名过程正确结束)之后，它仍然不是安全"的.用于IE.

My ActiveX control works fine, but IE always shows a security bar, user has to click "Allow" each time he runs the control - This is the reason, why we have dicded to buy Authenticode Certyficate. We have received a certyficate and private key, but after signing the control (signing process end correctly) it is still not "safe" for IE.

我发现必须实现IObjectSafety接口的信息，但是它也没有进行任何更改.我将向您发布代码片段:

I have found information, that I have to implement IObjectSafety interface, but it also does not made any change. I will post You code fragments:

namespace ActiveX_MyProgram
{
  [Guid("694D1820-04B6-4388-928F-FF858B95F880")]
  public interface iMyProgram
  {
    //some code here, not important for my question
  }

  [Guid("68FD4E0D-D7BC-4cf6-BEB7-CFF950161A79")]
  [InterfaceType(ComInterfaceType.InterfaceIsIDispatch)]
  public interface iMyProgramEvents
  {
    //some code here, not important for my question
  }

  [ComImport()]
  [GuidAttribute("CB5BDC81-93C1-11CF-8F20-00805F2CD064")]
  [InterfaceType(ComInterfaceType.InterfaceIsIUnknown)]
  public interface IObjectSafety
  {
    [PreserveSig]
    int GetInterfaceSafetyOptions(ref Guid riid,
           out int pdwSupportedOptions,
           out int pdwEnabledOptions);

    [PreserveSig()]
    int SetInterfaceSafetyOptions(ref Guid riid,
           int dwOptionSetMask,
           int dwEnabledOptions);
  }

  [ProgId("ActiveX_MyProgram")]
  [ClassInterface(ClassInterfaceType.None), ComSourceInterfaces(typeof(iMyProgramEvents))]
  [Guid("6BAE3EB8-EBC9-11DE-A7A1-0A6F55F89593")]
  [ComVisible(true)]
  public partial class Acx : UserControl, iMyProgram, IObjectSafety 
  {
    /* Some more implementation, that I have cutted out... */

  #region IObjectSafety implementation
    private const int INTERFACESAFE_FOR_UNTRUSTED_CALLER = 0x00000001;
    private const int INTERFACESAFE_FOR_UNTRUSTED_DATA = 0x00000002;
    private const int S_OK = 0;

    int IObjectSafety.GetInterfaceSafetyOptions(ref Guid riid, out int pdwSupportedOptions, out int pdwEnabledOptions)
    {
      pdwSupportedOptions = INTERFACESAFE_FOR_UNTRUSTED_CALLER | INTERFACESAFE_FOR_UNTRUSTED_DATA;
      pdwEnabledOptions = INTERFACESAFE_FOR_UNTRUSTED_CALLER | INTERFACESAFE_FOR_UNTRUSTED_DATA;
      return S_OK;  // return S_OK
    }

    int IObjectSafety.SetInterfaceSafetyOptions(ref Guid riid, int dwOptionSetMask, int dwEnabledOptions)
    {
      return S_OK;  // return S_OK
    }
  #endregion
  }
}

推荐答案

嗨Nevalon，

根据我的经验，它应取决于用户的IE设置.当用户启动您的站点时，IE会检查安全选项并警告用户.如果IE安全设置 较低时，需要较少的警告.但是较高的警告级别会警告更多物品.

Based on my experience, it should dependent on user’s IE setting. When user launches your site, the IE checks the security option and warns the user. If the IE security setting is low, less warning is required. But a high warning level warns more items.

我不认为实现某些接口可以解决该问题.任何实现该接口的有害程序都可以摆脱警告.如果您从可信赖的公司购买认证 认证供应商可能会有所帮助.

I don’t think implement some interface can solve the issue. Any harmful program which implements that interface can get rid of warning. If you buy a certification from trusted certification vendor might help.

此致，

这篇关于IObjectSafety-ActiveX Authenticode问题的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！