ActiveX Control Development

To implement an ActiveX control using C #, three problems must be solved:

1. Enable the. NET component to be called by com

2. After registering on the client, ActiveX control can pass IE Security Authentication.

3. When the client is not registered, the installation package can pass ie signature authentication.

BenProgramThe development environment is. NET Framework 3.5 and the tool is Visual Studio. NET 2008. It passes the test on the client that installs. NET Framework 3.5.

The following are the implementation steps:

(1) Create an assembly that can be accessed from com

First, implement an assembly visible to com and create a class library project. assemblyinfo. CS should include:

Using System. runtime. interopservices;

//Make the types in this Assembly visible to the COM Component
[Assembly: comvisible (True)]
//If this project is made public to com, the following GUID is used for the ID of the Type Library
[Assembly: GUID ("94882155-3b7c-48e3-b357-234d56d8f15e")]

Add the followingCodeTo assemblyinfo. CS to ensure Assembly accessibility:

Using System. Security;

[Assembly: allowpartiallytrustedcallers ()]

Note the guid above. If the class in the Assembly is not labeled with guid, The GUID registered by com will be generated, and the guid here does not work.

Create user control (custom class to be tested) identitykey. CS, add:

Using System;
Using System. componentmodel;
Using System. Windows. forms;
Using System. runtime. interopservices;

NamespaceKeyactivex
{
[GUID ("94882155-3b7c-48e3-b357-234d56d8f15e")]
Public Partial ClassIdentitykey: usercontrol
{
}
}

The GUID here is the same as assemblyinfo. cs. It will become CLSID in COM registration and be called as CLSID by HTML.

In the class library project properties, select generate, check com registration, and add

< Object ID = "Controlbyid" Classid = "CLSID: {94882155-3b7c-48e3-b357-234d56d8f15e }"   > </ Object >

Enable insecure controls in IE and view the HTML page. You should be able to access the controls. Now a com-registered assembly is developed at release.

You can use OLE/COM Object Viewer (installed with VC) to view components and CLSID in. Net categories.

 

(2) pass IE Security Control Authentication

If the client's IE does not enable access to the unsecure ActiveX control, you can use IE to browse the ActiveX control developed in the preceding steps and find that IE will give a warning:

ActiveX objects on this page may be insecure. Do you want to allow it to be initialized and accessed through scripts?

Or prohibit access. This is set by the security rules of client ie. We should solve the problem of IE Security Authentication in control development. First, we need to know how IE judges that an ActiveX control is insecure. For details, see Microsoft Help and Support documentation:

How Internet Explorer determines if ActiveX controls are safe

There are two ways to mark a control as safe for scripting and initialization:

1. Implement the IObjectSafety interface.

2. Provide the following registry keys for the control's CLSID under the implemented categories section:

A. the following key marks the control safe for scripting:
{7dd95801-9882-11cf-9fa9-00aa006c42c4}

B. the following key marks the control safe for initialization from persistent data:
{7dd95802-9882-11cf-9fa9-00aa006c42c4}

Microsoft recommends that you implement IObjectSafety to mark a control as safe or unsafe. This prevents other users from repackaging your control and marking it as safe when it is not.

I decided to implement the IObjectSafety interface to indicate the Security Identifier of the ActiveX control to IE, so as to ensure that the security identifier will not be rewritten when the control is packaged again.

IObjectSafety is an interface under com. For C ++ programs, you only need to implement it. net. In this case, our ActiveX control is a COM component without a Type Library. You must use the C # code to redefine the COM interface.

Here you need to know a little about the COM interface. The interface is the core of COM, which distinguishes the contract and implementation used between the customer and the object. There are three types of COM interfaces: Custom interface dispatch interface and double interface .. Net Framework uses cominterfacetype to redefine it:

Namespace System. runtime. interopservices
{
// Abstract:
// Identifies how to expose an interface to com.
[Serializable]
[Comvisible ( True )]
Public   Enum Cominterfacetype
{
// Abstract:
// Indicates the interface is exposed to com as a dual interface, which enables
// Both early and late binding. system. runtime. interopservices. cominterfacetype. interfaceisdual
// Is the default value.
Interfaceisdual =   0 ,
//
// Abstract:
// Indicates an interface is exposed to com as an iunknown-derived interface,
// Which enables only early binding.
Interfaceisiunknown =   1 ,
//
// Abstract:
// Indicates an interface is exposed to com as a dispinterface, which enables
// Late binding only.
Interfaceisidispatch =   2 ,
}
}

For details about the three interfaces, refer to "C # advanced programming Third Edition" 28.1.3 interface.

On msdn, you can find that IObjectSafety inherits from iunknown and is a custom interface. Through the previous chapter, you can find that when registering with COM, a guid must be provided as the CLSID to identify the C # class in the Assembly. In fact, in COM, the interface and Type Library both carry guid as the unique identifier, which are IID and typelib ID respectively.

In this way, by marking the required COM interface IID on the Interface written in C #, You can indicate the interface identity to com during registration. Find the IObjectSafety definition on Microsoft Help:

[
UUID (c67830e0 - D11d - 11cf - Bd80 - 00aa00575603 ),
Helpstring ( " VB IObjectSafety interface " ),
Version ( 1.0 )
]
Library iobjectsafetytlb
{
Importlib ( " Stdole2.tlb " );
[
UUID (cb5bdc81 - 93c1 - 11cf - 8f20 - 00805f2cd064 ),
Helpstring ( " IObjectSafety interface " ),
Odl
]
Interface IObjectSafety: iunknown {
[Helpstring ( " Getinterfacesafetyoptions " )]
Hresult getinterfacesafetyoptions (
[ In ] Long Riid,
[ In ] Long   * Pdwsupportedoptions,
[ In ] Long   * Pdwenabledoptions );

[Helpstring ( " Setinterfacesafetyoptions " )]
Hresult setinterfacesafetyoptions (
[ In ] Long Riid,
[ In ] Long Dwoptionssetmask,
[ In ] Long Dwenabledoptions );
}
}

The UUID (CB5BDC81-93C1-11cf-8F20-00805F2CD064Is the required api iid.

Use C # To write IObjectSafety:

Using System;
Using System. runtime. interopservices;

Namespace Keyactivex
{
[Comimport, GUID ( " CB5BDC81-93C1-11CF-8F20-00805F2CD064 " )]
[Interfacetype (cominterfacetype. interfaceisiunknown)]
Public   Interface IObjectSafety
{
[Preservesig]
Void Getinterfaccesafyoptions (
Int Riid,
Out   Int Pdwsupportedoptions,
Out   Int Pdwenabledoptions );

[Preservesig]
VoidSetinterfacesafetyoptions (
IntRiid,
IntDwoptionssetmask,
IntDwenabledoptions );
}
}

In interfacetype, cominterfacetype. interfaceisiunknown must be used because IObjectSafety inherits from iunkown.

The following is the implementation of the keyactivex interface:

Namespace Keyactivex
{
[GUID ( " 94882155-3b7c-48e3-b357-234d56d8f15e " )]
Public   Partial   Class Identitykey: usercontrol, IObjectSafety
{
# Region IObjectSafety Member

Public   Void Getinterfaccesafyoptions ( Int Riid, Out   Int Pdwsupportedoptions, Out   Int Pdwenabledoptions)
{
Pdwsupportedoptions =   1 ;
Pdwenabledoptions =   2 ;< BR >}

Public void setinterfacesafetyoptions ( int riid, int dwoptionssetmask, int dwenabledoptions)
{< br> throw New notimplementedexception ();
}

# Endregion
}
}

The IE control is safe by returning a fixed value. For more information, see

How to Implement IObjectSafety in the Visual Basic Control

 

(3) signature Publishing

C # There are three methods to publish ActiveX controls:

1. Create the Client installation package and distribute it to the client for installation;
2. Create an online installation package and install it on the client;
3. Use the codebase of the object in HTML to point to the installation package address.

The first two are relatively simple and suitable for implementation in the LAN. When the installation package is generated, you must set the register attribute to vsdrpcom. The last method requires a digital signature on the installation package, to ensure the security and trust of the client. A trusted signature certificate should be purchased from a certificate provider (such as versign), and then the installation package is signed using the signature tool.

The following uses the test certificate creation tool makecert and signing tool signtool that comes with Visual Studio 2008 for testing. First, create a test certificate with company information and enter it at the Visual Studio Command Prompt:

Makecert-sk abc-n " CN = ABC Corporation "   F: \ Abccorptest. Cer

A test certificate is created on drive F. Enter

Signtool signwizard

On the signing options page, select Custom to define the Certificate file location, and then select an encryptionAlgorithm(MD5 or sha1), specify the application name and description URL, and confirm.

In this case, the ActiveX control installation package has a test certificate marked as untrusted. You need to set ieto enable untrusted installer and reference it in HTML.

< Object ID = "Controlbyid" Classid = "CLSID: {94882155-3b7c-48e3-b357-234d56d8f15e }" Codebase = "Setup.exe"   > </ Object >

The ActiveX control can be used after the client is installed.