前面
两
篇文章分
别
介
绍
了
MFC ActiveX
应
用程序和使用
ATL
开发
ActiveX
的
简单实
例,但
还
有
两个问题
需要解
决
:
1)标记ActiveX控件为安全的控件 2)对控件进行数字签名。本文将结合这两点进行简单的介绍。
Building a Safe ActiveX Control
如何不想办法将控件标记为安全的,就会在Web页面与控件进行交互时出现如下图的警告信息:
下面将分别介绍在MFC ActiveX和ATL中如何标记一个控件为安全的控件。
要标记一个MFC ActiveX控件为安全,可以仿照下面代码修改而得:
<!--<br /> <br /> Code highlighting produced by Actipro CodeHighlighter (freeware)<br /> http://www.CodeHighlighter.com/<br /> <br /> -->
//
CardScan.cpp:CCardScanApp和DLL注册的实现。
#include " stdafx.h "
#include " CardScan.h "
#include " comcat.h "
#include " strsafe.h "
#include " objsafe.h "
CCardScanApptheApp;
const GUIDCDECLBASED_CODE_tlid =
{ 0x29959268 , 0x9729 , 0x458E ,{ 0xA8 , 0x39 , 0xBB , 0x39 , 0x2E , 0xCB , 0x7E , 0x37 }};
const WORD_wVerMajor = 1 ;
const WORD_wVerMinor = 0 ;
const CATIDCLSID_SafeItem =
{ 0xB548F3C7 , 0x2135 , 0x4242 ,{ 0x92 , 0x0B , 0xA7 , 0xBD , 0xEE , 0x6D , 0x2B , 0xA3 }};
// {0x36299202,0x9ef,0x4abf,{0xad,0xb9,0x47,0xc5,0x99,0xdb,0xe7,0x78}};
// CCardScanApp::InitInstance-DLL初始化
BOOLCCardScanApp::InitInstance()
{
BOOLbInit = COleControlModule::InitInstance();
if (bInit)
{
}
return bInit;
}
// CCardScanApp::ExitInstance-DLL终止
int CCardScanApp::ExitInstance()
{
return COleControlModule::ExitInstance();
}
HRESULTCreateComponentCategory(CATIDcatid,CHAR * catDescription)
{
ICatRegister * pcr = NULL;
HRESULThr = S_OK;
hr = CoCreateInstance(CLSID_StdComponentCategoriesMgr,
NULL,CLSCTX_INPROC_SERVER,IID_ICatRegister,( void ** ) & pcr);
if (FAILED(hr))
return hr;
// MakesuretheHKCR/ComponentCategories/{..catid
}
// keyisregistered.
CATEGORYINFOcatinfo;
catinfo.catid = catid;
catinfo.lcid = 0x0409 ; // english
size_tlen;
// Makesuretheprovideddescriptionisnottoolong.
// Onlycopythefirst127charactersifitis.
// ThesecondparameterofStringCchLengthisthemaximum
// numberofcharactersthatmaybereadintocatDescription.
// TheremustberoomforaNULL-terminator.Thethirdparameter
// containsthenumberofcharactersexcludingtheNULL-terminator.
hr = StringCchLength(catDescription,STRSAFE_MAX_CCH, & len);
if (SUCCEEDED(hr))
{
if (len > 127 )
{
len = 127 ;
}
}
else
{
// TODO:Writeanerrorhandler;
}
// ThesecondparameterofStringCchCopyis128becauseyouneed
// roomforaNULL-terminator.
hr = StringCchCopy(COLE2T(catinfo.szDescription),len + 1 ,catDescription);
// Makesurethedescriptionisnullterminated.
catinfo.szDescription[len + 1 ] = ' /0 ' ;
hr = pcr -> RegisterCategories( 1 , & catinfo);
pcr -> Release();
return hr;
}
// HRESULTRegisterCLSIDInCategory-
// Registeryourcomponentcategoriesinformation
HRESULTRegisterCLSIDInCategory(REFCLSIDclsid,CATIDcatid)
{
// Registeryourcomponentcategoriesinformation.
ICatRegister * pcr = NULL;
HRESULThr = S_OK;
hr = CoCreateInstance(CLSID_StdComponentCategoriesMgr,
NULL,CLSCTX_INPROC_SERVER,IID_ICatRegister,( void ** ) & pcr);
if (SUCCEEDED(hr))
{
// Registerthiscategoryasbeing"implemented"bytheclass.
CATIDrgcatid[ 1 ];
rgcatid[ 0 ] = catid;
hr = pcr -> RegisterClassImplCategories(clsid, 1 ,rgcatid);
}
if (pcr != NULL)
pcr -> Release();
return hr;
}
// HRESULTUnRegisterCLSIDInCategory-Removeentriesfromtheregistry
HRESULTUnRegisterCLSIDInCategory(REFCLSIDclsid,CATIDcatid)
{
ICatRegister * pcr = NULL;
HRESULThr = S_OK;
hr = CoCreateInstance(CLSID_StdComponentCategoriesMgr,
NULL,CLSCTX_INPROC_SERVER,IID_ICatRegister,( void ** ) & pcr);
if (SUCCEEDED(hr))
{
// Unregisterthiscategoryasbeing"implemented"bytheclass.
CATIDrgcatid[ 1 ];
rgcatid[ 0 ] = catid;
hr = pcr -> UnRegisterClassImplCategories(clsid, 1 ,rgcatid);
}
if (pcr != NULL)
pcr -> Release();
return hr;
}
// DllRegisterServer-将项添加到系统注册表
STDAPIDllRegisterServer( void )
{
HRESULThr;
AFX_MANAGE_STATE(_afxModuleAddrThis);
if ( ! AfxOleRegisterTypeLib(AfxGetInstanceHandle(),_tlid))
return ResultFromScode(SELFREG_E_TYPELIB);
if ( ! COleObjectFactoryEx::UpdateRegistryAll(TRUE))
return ResultFromScode(SELFREG_E_CLASS);
// Markthecontrolassafeforinitializing.
hr = CreateComponentCategory(CATID_SafeForInitializing,
_T( " Controlssafelyinitializablefrompersistentdata! " ));
if (FAILED(hr))
return hr;
hr = RegisterCLSIDInCategory(CLSID_SafeItem,
CATID_SafeForInitializing);
if (FAILED(hr))
return hr;
// Markthecontrolassafeforscripting.
hr = CreateComponentCategory(CATID_SafeForScripting,
_T( " Controlssafelyscriptable! " ));
if (FAILED(hr))
return hr;
hr = RegisterCLSIDInCategory(CLSID_SafeItem,
CATID_SafeForScripting);
if (FAILED(hr))
return hr;
return NOERROR;
}
// DllUnregisterServer-将项从系统注册表中移除
STDAPIDllUnregisterServer( void )
{
HRESULThr;
AFX_MANAGE_STATE(_afxModuleAddrThis);
// Removeentriesfromtheregistry.
hr = UnRegisterCLSIDInCategory(CLSID_SafeItem,
CATID_SafeForInitializing);
if (FAILED(hr))
return hr;
hr = UnRegisterCLSIDInCategory(CLSID_SafeItem,
CATID_SafeForScripting);
if (FAILED(hr))
return hr;
if ( ! AfxOleUnregisterTypeLib(_tlid,_wVerMajor,_wVerMinor))
return ResultFromScode(SELFREG_E_TYPELIB);
if ( ! COleObjectFactoryEx::UpdateRegistryAll(FALSE))
return ResultFromScode(SELFREG_E_CLASS);
return NOERROR;
}
#include " stdafx.h "
#include " CardScan.h "
#include " comcat.h "
#include " strsafe.h "
#include " objsafe.h "
CCardScanApptheApp;
const GUIDCDECLBASED_CODE_tlid =
{ 0x29959268 , 0x9729 , 0x458E ,{ 0xA8 , 0x39 , 0xBB , 0x39 , 0x2E , 0xCB , 0x7E , 0x37 }};
const WORD_wVerMajor = 1 ;
const WORD_wVerMinor = 0 ;
const CATIDCLSID_SafeItem =
{ 0xB548F3C7 , 0x2135 , 0x4242 ,{ 0x92 , 0x0B , 0xA7 , 0xBD , 0xEE , 0x6D , 0x2B , 0xA3 }};
// {0x36299202,0x9ef,0x4abf,{0xad,0xb9,0x47,0xc5,0x99,0xdb,0xe7,0x78}};
// CCardScanApp::InitInstance-DLL初始化
BOOLCCardScanApp::InitInstance()
{
BOOLbInit = COleControlModule::InitInstance();
if (bInit)
{
}
return bInit;
}
// CCardScanApp::ExitInstance-DLL终止
int CCardScanApp::ExitInstance()
{
return COleControlModule::ExitInstance();
}
HRESULTCreateComponentCategory(CATIDcatid,CHAR * catDescription)
{
ICatRegister * pcr = NULL;
HRESULThr = S_OK;
hr = CoCreateInstance(CLSID_StdComponentCategoriesMgr,
NULL,CLSCTX_INPROC_SERVER,IID_ICatRegister,( void ** ) & pcr);
if (FAILED(hr))
return hr;
// MakesuretheHKCR/ComponentCategories/{..catid
}// keyisregistered.
CATEGORYINFOcatinfo;
catinfo.catid = catid;
catinfo.lcid = 0x0409 ; // english
size_tlen;
// Makesuretheprovideddescriptionisnottoolong.
// Onlycopythefirst127charactersifitis.
// ThesecondparameterofStringCchLengthisthemaximum
// numberofcharactersthatmaybereadintocatDescription.
// TheremustberoomforaNULL-terminator.Thethirdparameter
// containsthenumberofcharactersexcludingtheNULL-terminator.
hr = StringCchLength(catDescription,STRSAFE_MAX_CCH, & len);
if (SUCCEEDED(hr))
{
if (len > 127 )
{
len = 127 ;
}
}
else
{
// TODO:Writeanerrorhandler;
}
// ThesecondparameterofStringCchCopyis128becauseyouneed
// roomforaNULL-terminator.
hr = StringCchCopy(COLE2T(catinfo.szDescription),len + 1 ,catDescription);
// Makesurethedescriptionisnullterminated.
catinfo.szDescription[len + 1 ] = ' /0 ' ;
hr = pcr -> RegisterCategories( 1 , & catinfo);
pcr -> Release();
return hr;
}
// HRESULTRegisterCLSIDInCategory-
// Registeryourcomponentcategoriesinformation
HRESULTRegisterCLSIDInCategory(REFCLSIDclsid,CATIDcatid)
{
// Registeryourcomponentcategoriesinformation.
ICatRegister * pcr = NULL;
HRESULThr = S_OK;
hr = CoCreateInstance(CLSID_StdComponentCategoriesMgr,
NULL,CLSCTX_INPROC_SERVER,IID_ICatRegister,( void ** ) & pcr);
if (SUCCEEDED(hr))
{
// Registerthiscategoryasbeing"implemented"bytheclass.
CATIDrgcatid[ 1 ];
rgcatid[ 0 ] = catid;
hr = pcr -> RegisterClassImplCategories(clsid, 1 ,rgcatid);
}
if (pcr != NULL)
pcr -> Release();
return hr;
}
// HRESULTUnRegisterCLSIDInCategory-Removeentriesfromtheregistry
HRESULTUnRegisterCLSIDInCategory(REFCLSIDclsid,CATIDcatid)
{
ICatRegister * pcr = NULL;
HRESULThr = S_OK;
hr = CoCreateInstance(CLSID_StdComponentCategoriesMgr,
NULL,CLSCTX_INPROC_SERVER,IID_ICatRegister,( void ** ) & pcr);
if (SUCCEEDED(hr))
{
// Unregisterthiscategoryasbeing"implemented"bytheclass.
CATIDrgcatid[ 1 ];
rgcatid[ 0 ] = catid;
hr = pcr -> UnRegisterClassImplCategories(clsid, 1 ,rgcatid);
}
if (pcr != NULL)
pcr -> Release();
return hr;
}
// DllRegisterServer-将项添加到系统注册表
STDAPIDllRegisterServer( void )
{
HRESULThr;
AFX_MANAGE_STATE(_afxModuleAddrThis);
if ( ! AfxOleRegisterTypeLib(AfxGetInstanceHandle(),_tlid))
return ResultFromScode(SELFREG_E_TYPELIB);
if ( ! COleObjectFactoryEx::UpdateRegistryAll(TRUE))
return ResultFromScode(SELFREG_E_CLASS);
// Markthecontrolassafeforinitializing.
hr = CreateComponentCategory(CATID_SafeForInitializing,
_T( " Controlssafelyinitializablefrompersistentdata! " ));
if (FAILED(hr))
return hr;
hr = RegisterCLSIDInCategory(CLSID_SafeItem,
CATID_SafeForInitializing);
if (FAILED(hr))
return hr;
// Markthecontrolassafeforscripting.
hr = CreateComponentCategory(CATID_SafeForScripting,
_T( " Controlssafelyscriptable! " ));
if (FAILED(hr))
return hr;
hr = RegisterCLSIDInCategory(CLSID_SafeItem,
CATID_SafeForScripting);
if (FAILED(hr))
return hr;
return NOERROR;
}
// DllUnregisterServer-将项从系统注册表中移除
STDAPIDllUnregisterServer( void )
{
HRESULThr;
AFX_MANAGE_STATE(_afxModuleAddrThis);
// Removeentriesfromtheregistry.
hr = UnRegisterCLSIDInCategory(CLSID_SafeItem,
CATID_SafeForInitializing);
if (FAILED(hr))
return hr;
hr = UnRegisterCLSIDInCategory(CLSID_SafeItem,
CATID_SafeForScripting);
if (FAILED(hr))
return hr;
if ( ! AfxOleUnregisterTypeLib(_tlid,_wVerMajor,_wVerMinor))
return ResultFromScode(SELFREG_E_TYPELIB);
if ( ! COleObjectFactoryEx::UpdateRegistryAll(FALSE))
return ResultFromScode(SELFREG_E_CLASS);
return NOERROR;
}
这里值得注意的一个地方是DllUnregisterServer函数,在这段代码中,我是将
<!--<br /> <br /> Code highlighting produced by Actipro CodeHighlighter (freeware)<br /> http://www.CodeHighlighter.com/<br /> <br /> -->
hr
=
UnRegisterCLSIDInCategory(CLSID_SafeItem,CATID_SafeForInitializing);
hr = UnRegisterCLSIDInCategory(CLSID_SafeItem,CATID_SafeForScripting);
hr = UnRegisterCLSIDInCategory(CLSID_SafeItem,CATID_SafeForScripting);
这两句代码放在
<!--<br /> <br /> Code highlighting produced by Actipro CodeHighlighter (freeware)<br /> http://www.CodeHighlighter.com/<br /> <br /> -->
if
(
!
AfxOleUnregisterTypeLib(_tlid,_wVerMajor,_wVerMinor))
return ResultFromScode(SELFREG_E_TYPELIB);
if ( ! COleObjectFactoryEx::UpdateRegistryAll(FALSE))
return ResultFromScode(SELFREG_E_CLASS);
return ResultFromScode(SELFREG_E_TYPELIB);
if ( ! COleObjectFactoryEx::UpdateRegistryAll(FALSE))
return ResultFromScode(SELFREG_E_CLASS);
这两句代码的前面,如果你查阅MSDN,将会发现它上面的顺序和我是相反的,这应该是微软的一个错误代码,如果按照MSDN的代码来写,则你使用regsvr32 -uCardScan.ocx反注册时会报下面的错误:
调整为我所说的顺序就没问题了。
2)要标记使用ATL写的ActiveX控件为安全的控件,这比MFC要简单的多,只需要在控件头文件中增加几行代码就可以了:
<!--<br /> <br /> Code highlighting produced by Actipro CodeHighlighter (freeware)<br /> http://www.CodeHighlighter.com/<br /> <br /> -->
class
ATL_NO_VTABLECTestCtrl:
…
public IObjectSafetyImpl < CTestCtrl,INTERFACESAFE_FOR_UNTRUSTED_CALLER | INTERFACESAFE_FOR_UNTRUSTED_DATA > ,
…
public IObjectSafetyImpl < CTestCtrl,INTERFACESAFE_FOR_UNTRUSTED_CALLER | INTERFACESAFE_FOR_UNTRUSTED_DATA > ,
然后在COM映射表中增加一项:
<!--<br /> <br /> Code highlighting produced by Actipro CodeHighlighter (freeware)<br /> http://www.CodeHighlighter.com/<br /> <br /> -->
BEGIN_COM_MAP(CTestCtrl)
…
COM_INTERFACE_ENTRY(IObjectSafety)
END_COM_MAP()
…
COM_INTERFACE_ENTRY(IObjectSafety)
END_COM_MAP()
Building a Signed ActiveX Control
ActiveX控件是个危险的东西,如果不对其合法性进行数字签名和验证,IE是会拒绝其安装的。
工具包准备:CABARC.exe, cert2spc.exe, makecab.exe, makecert.exe, signcode.exe(或新版本中的signtool),以上小工具都可以在VS的安装路径下"Common7"Tools"Bin找到,或去微软官方网站上下载。
ActiveX控件的安装过程中,一部分工作就是自注册,这需要控件在VERSIONINFO结构中定义OLESelfRegister值,你可以对资源文件进行编辑如下
<!--<br /> <br /> Code highlighting produced by Actipro CodeHighlighter (freeware)<br /> http://www.CodeHighlighter.com/<br /> <br /> -->
BEGIN
BLOCK " StringFileInfo "
BEGIN
BLOCK " 080403a8 "
BEGIN
VALUE " CompanyName " , " TODO:<公司名> "
VALUE " FileDescription " , " TODO:<文件说明> "
VALUE " FileVersion " , " 1.0.0.1 "
VALUE " InternalName " , " CardScan.ocx "
VALUE " LegalCopyright " , " TODO:(C)<公司名>。保留所有权利。 "
VALUE " OLESelfRegister " , " /0 "
VALUE " OriginalFilename " , " CardScan.ocx "
VALUE " ProductName " , " TODO:<产品名> "
VALUE " ProductVersion " , " 1.0.0.1 "
END
END
BLOCK " VarFileInfo "
BEGIN
VALUE " Translation " , 0x804 , 936
END
END
BLOCK " StringFileInfo "
BEGIN
BLOCK " 080403a8 "
BEGIN
VALUE " CompanyName " , " TODO:<公司名> "
VALUE " FileDescription " , " TODO:<文件说明> "
VALUE " FileVersion " , " 1.0.0.1 "
VALUE " InternalName " , " CardScan.ocx "
VALUE " LegalCopyright " , " TODO:(C)<公司名>。保留所有权利。 "
VALUE " OLESelfRegister " , " /0 "
VALUE " OriginalFilename " , " CardScan.ocx "
VALUE " ProductName " , " TODO:<产品名> "
VALUE " ProductVersion " , " 1.0.0.1 "
END
END
BLOCK " VarFileInfo "
BEGIN
VALUE " Translation " , 0x804 , 936
END
END
打包为CAB文件
因为ActiveX控件要放在网站上供客户下载到本地,因此压缩是必需的。一段典型的html代码如下:
<!--<br /> <br /> Code highlighting produced by Actipro CodeHighlighter (freeware)<br /> http://www.CodeHighlighter.com/<br /> <br /> -->
<
OBJECT
ID
="FuckATL1"
CODEBASE ="http://localhost:8080/CardScan.cab"
CLASSID ="CLSID:B548F3C7-2135-4242-920B-A7BDEE6D2BA3" WIDTH =300 HEIGHT =200
/>
CODEBASE ="http://localhost:8080/CardScan.cab"
CLASSID ="CLSID:B548F3C7-2135-4242-920B-A7BDEE6D2BA3" WIDTH =300 HEIGHT =200
/>
CODEBASE就指明了要下载的压缩包,其中包含了oxc,dll控件等所需要的文件。
通常CAB文件包含了一个INF文件,它用来描述CAB文件的所有细节信息,下面举个简单例子,代码如下:
<!--<br /> <br /> Code highlighting produced by Actipro CodeHighlighter (freeware)<br /> http://www.CodeHighlighter.com/<br /> <br /> -->
;
SampleINFfile
for
SCRIPTABLEACTIVEX
.
DLL
[version]
; versionsignature ( same for bothNTandWin95 ) do not remove
signature = " $CHICAGO$ "
AdvancedINF = 2.0
[Add . Code]
CardScan . ocx = CardScan . ocx
CardScan . inf = CardScan . inf
[CardScan . ocx]
file-win32-x86 = thiscab
clsid = {B548F3C7- 2135 - 4242 -920B-A7BDEE6D2BA3}
FileVersion = 1 , 0 , 0 , 1
RegisterServer = yes
[CardScan . inf]
file = thiscab
; end ofINFfile
[version]
; versionsignature ( same for bothNTandWin95 ) do not remove
signature = " $CHICAGO$ "
AdvancedINF = 2.0
[Add . Code]
CardScan . ocx = CardScan . ocx
CardScan . inf = CardScan . inf
[CardScan . ocx]
file-win32-x86 = thiscab
clsid = {B548F3C7- 2135 - 4242 -920B-A7BDEE6D2BA3}
FileVersion = 1 , 0 , 0 , 1
RegisterServer = yes
[CardScan . inf]
file = thiscab
; end ofINFfile
至于打包就不赘述了,详尽的图解过程请看《如何给ActiveX数字签名(Step by Step, Delphi)》
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
