주식회사 누리아이티

지문인식카드 및 정보자산 2차 인증 보안SW 전문기업

BaroPAM integration API (C#) for a password-free world

댓글 0

▶ BaroSolution/BaroPAM

2021. 2. 5.

1. Integration API configuration

 

To use BaroPAM-related dll, it must be located in "C:\Windows\System32".

 

API class

Description

Etc

BaroKEYx.h

BaroKEYx.dll

BaroCRYPTx.dll

Header file and dll related to BaroPAM

 

libeay32MD.dll

ssleay32MD.dll

Open SSL related dll

 

 

 

2. Integration API function

 

1) verifyKEYL function(When using login-ID)

 

- NAME

  verifyKEYL

 

- SYNOPSIS

  int verifyKEYL(const char *login_id, const char *phone_no, const char *cycle_time, const char *corr_time, const char *key_method, char *auth_key)

 

- DESCRIPTION

A function that verifies whether the entered one-time authentication key is correct.

 

login_id: Set the ID entered in the login-ID field of the login screen.

phone_no: Login-ID set user's smart phone number only with numbers.

cycle_time: Set the generation cycle (3~60 seconds) of one-time authentication key

               specified for each user.

corr_time: This is the guarantee error time (seconds) of the one-time authentication key.

             Set only for authentication cards. (0 seconds)

key_method: Set the one-time authentication key verification method (app1, app256, app384,

                 app512: app, card1, card256, card384, card512: authentication card).

auth_key: Set the one-time authentication key created and entered in the BaroPAM app on the

             login screen.

 

If the generation period of the smart phone number for each user and the one-time authentication key designated for each individual is different from the generator of the one-time authentication key, verification may fail because the one-time authentication key is different. You must match the information.

 

- RETURN VALUES

 On success, 1 is returned, and on failure, 0 is returned.

 

 

2) verifyKEYP function(When using secure key)

 

- NAME

  verifyKEYP

 

- SYNOPSIS

  int verifyKEYP(const char *secure_key, const char *cycle_time, const char *corr_time, const char *key_method, char *auth_key)

 

- DESCRIPTION

A function that verifies whether the entered one-time authentication key is correct.

 

Secure_key: Set the secure key given for each user or OTP card.

cycle_time: Set the generation cycle (3~60 seconds) of one-time authentication key

               specified for each user.

corr_time: This is the guarantee error time (seconds) of the one-time authentication key.

              Set only for authentication cards. (900 seconds)

key_method: Set the one-time authentication key verification method (app1, app256, app384,

                 app512: app, card1, card256, card384, card512: authentication card).

auth_key: Set the one-time authentication key created and entered in the BaroPAM app on the

             login screen.

 

If the generation cycle of the secure key and one-time authentication key specified for each user or card is different from the one-time authentication key generator, verification may fail because the one-time authentication key is different. You must match the information.

 

- RETURN VALUES

 On success, 1 is returned, and on failure, 0 is returned.

 

 

3. Authentication key verification part

 

When configuring the Visual Studio environment, you must set "x64" in "Platform" in "Configuration Manager". If not, just click "new" to register.

 

 

How to pass const char * to C function in C# is as follows.

 

const char* is a string in .NET. On the managed side, I don't understand the concept of read-only parameters.

 

When this is used in P/Invoke context, MarshalAs property must be declared and marshaled to LPStr.

 

The resulting signature is:

 

[DllImport("SomeModule.dll")]

public static extern void set_param([MarshalAs(UnmanagedType.LPStr)]string lpString);

 

Example) verifyKEYL function(When using Login-ID)

 

using System;

using System.Text;

using System.Collections.Generic;

using System.Linq;

using System.Web;

using System.Web.UI;

using System.Web.UI.WebControls;

using System.Data.SqlClient; //this namespace is for sqlclient server 

using System.Configuration; // this namespace is add I am adding connection name in web config file config connection name

using System.Runtime.InteropServices; //DLL support

 

namespace WebApplication1 {

    public partial class _Default : Page {

[DllImport("BaroKEYx.dll", CallingConvention = CallingConvention.Cdecl)]

        extern public static int verifyKEYL(

                                       [MarshalAs(UnmanagedType.LPStr)] String login_id

                                      ,[MarshalAs(UnmanagedType.LPStr)] String phone_no

                                      ,[MarshalAs(UnmanagedType.LPStr)] String cycle_time

                                      ,[MarshalAs(UnmanagedType.LPStr)] String corr_time

                                      ,[MarshalAs(UnmanagedType.LPStr)] String key_method

                                      ,[MarshalAs(UnmanagedType.LPStr)] String auth_key

                                           );

 

        protected void Page_Load(object sender, EventArgs e) {

 

        }

 

        protected void btnCert_Click(object sender, EventArgs e) {

            try {

                String strLogin_id   = txtLogin_id.Text;

                String strKey        = txauth_key.Text;

 

                int     chkKey        = 0;

 

                String  strPhone_no   = "01027714076";

                String  strCycle_time = "30";

                String  strCorr_time  = "0";

                String  strKey_method = "app512";

 

                chkKey = verifyKEYL(

                             strLogin_id,

                             strPhone_no,

                             strCycle_time,

                             strCorr_time,

                             strKey_method,

                             strKey

                         );

                if (chkKey == 1) {

                    lblMessage.Text = "One-time authentication key verification success......!!";

                } else {

                    lblMessage.Text = "One-time authentication key verification failure......!!";

                }

            } catch (Exception ex) {

                Response.Write(ex.Message);

            }

        }

    }

}

 

 

Example) verifyKEYL function(When using secure key)

 

using System;

using System.Text;

using System.Collections.Generic;

using System.Linq;

using System.Web;

using System.Web.UI;

using System.Web.UI.WebControls;

using System.Data.SqlClient; //this namespace is for sqlclient server 

using System.Configuration; // this namespace is add I am adding connection name in web config file config connection name

using System.Runtime.InteropServices; //DLL support

 

namespace Web어플리케이션1 {

    public partial class _Default : Page {

[DllImport("BaroKEYx.dll", CallingConvention = CallingConvention.Cdecl)]

        extern public static int verifyKEYP(

                                       [MarshalAs(UnmanagedType.LPStr)] String secure_key

                                      ,[MarshalAs(UnmanagedType.LPStr)] String cycle_time

                                      ,[MarshalAs(UnmanagedType.LPStr)] String corr_time

                                      ,[MarshalAs(UnmanagedType.LPStr)] String key_method

                                      ,[MarshalAs(UnmanagedType.LPStr)] String auth_key

                                           );

 

        protected void Page_Load(object sender, EventArgs e) {

 

        }

 

        protected void btnCert_Click(object sender, EventArgs e) {

            try {

                String strLogin_id   = txtLogin_id.Text;

                String strKey        = txauth_key.Text;

 

                int     chkKey        = 0;

 

                String  strSecure_key = "Ri5+xgVdtEBJGlrSD2hvituZxAq0vttx";

                String  strCycle_time = "30";

                String  strCorr_time  = "900";

                String  strKey_method = "card512";

 

                chkKey = verifyKEYL(

                             strSecure_key,

                             strCycle_time,

                             strCorr_time,

                             strKey_method,

                             strKey

                         );

                if (chkKey == 1) {

lblMessage.Text = "One-time authentication key verification success......!!";

                } else {

                    lblMessage.Text = "One-time authentication key verification failure......!!";

                }

            } catch (Exception ex) {

                Response.Write(ex.Message);

            }

        }

    }

}

 

 

4. Notes (IIS environment)

 

Describes how to switch between the 32-bit version of Microsoft ASP.NET 1.1 and the 32-bit version and 64-bit version of ASP.NET 2.0 on the 64-bit version of Microsoft Windows.

 

If you have installed both versions of ASP.NET, you may receive an error message if you do not follow the steps to set up each ASP.NET environment to run on Microsoft Internet Information Services (IIS) 6.0. For example, if ASP.NET is not set up properly, you may receive the following error message on a web page:

 

Service unavailable

 

Error messages similar to the following may be logged in the application log:

 

IIS 6.0 supports both 32-bit mode and 64-bit mode, but it does not support running both modes simultaneously on a 64-bit version of Windows. ASP.NET 1.1 runs only in 32-bit mode, and ASP.NET 2.0 runs in 32-bit mode and 64-bit mode. So, to run ASP.NET 1.1 and ASP.NET 2.0 at the same time, you need to run IIS in 32-bit mode.

 

1) ASP.NET 1.1, 32-bit version

 

To run the 32-bit version of ASP.NET 1.1:

 

Click Start, click Run, type cmd, and click OK.

Enter the following command to enable 32-bit mode.

cscript %SYSTEMDRIVE%\inetpub\adminscripts\adsutil.vbs SET W3SVC/AppPools/Enable32bitAppOnWin64 1

Install the ASP.NET 1.1 version by entering the following command and install the script map

under the IIS root and then:

%SYSTEMROOT%\Microsoft.NET\Framework\v1.1.4322\aspnet_regiis.exe –i

Check that the status of ASP.NET version 1.1.4322 is set to Allowed in the list of web service

extensions in Internet Information Services Manager.

 

2) ASP.NET 2.0, 32-bit version

 

To run the 32-bit version of ASP.NET 2.0:

 

Click Start, click Run, type cmd, and click OK.

Enter the following command to enable 32-bit mode.

cscript %SYSTEMDRIVE%\inetpub\adminscripts\adsutil.vbs SET W3SVC/AppPools/Enable32bitAppOnWin64 1

Enter the following command to install the ASP.NET 2.0 (32-bit) version and install the script

map under the IIS root and then:

%SYSTEMROOT%\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis.exe -i

Make sure that the status of ASP.NET version 2.0.50727 (32-bit) is set to Allowed in the list

of Web service extensions in Internet Information Services Manager.

 

3) ASP.NET 2.0, 64-bit version

 

To run the 64-bit version of ASP.NET 2.0:

 

Click Start, click Run, type cmd, and click OK.

Enter the following command to disable 32-bit mode.

cscript %SYSTEMDRIVE%\inetpub\adminscripts\adsutil.vbs SET W3SVC/AppPools/Enable32bitAppOnWin64 0

Install the ASP.NET 2.0 version by entering the following command and install the script map

under the IIS root and then:

%SYSTEMROOT%\Microsoft.NET\Framework64\v2.0.50727\aspnet_regiis.exe -i

In Internet Information Services Manager, in the list of Web service extensions, verify that

the status of ASP.NET version 2.0.50727 is set to Allowed.

 

Note) The build version of ASP.NET 2.0 may differ depending on the currently released build version. The above steps correspond to build version 2.0.50727.

 

사업자 정보 표시
주식회사 누리아이티 | 이종일 | 서울시 강서구 공항대로 186 로뎀타워 617호 | 사업자 등록번호 : 258-87-00901 | TEL : 010-2771-4076 | Mail : mc529@nurit.co.kr | 사이버몰의 이용약관 바로가기