public void SignAsyncNoLangInvisibleNoProps()
{
DsspClient dsspClient = new DsspClient("https://www.e-contract.be/dss-ws/dss");
dsspClient.Application.X509.Certificate = new X509Certificate2("certificate.p12", "");
DsspSession s;
using (Stream i = File.OpenRead("Blank.pdf"))
{
Document id = new Document("application/pdf", i);
s = dsspClient.UploadDocument(id);
}
String signResponse = emulateBrowser(
s.GeneratePendingRequest("http://localhost/dssp"),
"View Document");
NameIdentifierType signer = s.ValidateSignResponse(signResponse);
Assert.AreEqual("SERIALNUMBER=79021802145, GIVENNAME=Bryan Eduard, SURNAME=Brouckaert, CN=Bryan Brouckaert (Signature), C=BE", signer.Value);
Document od = dsspClient.DownloadDocument(s);
using (Stream o = File.OpenWrite("Output.pdf")) {
od.Content.CopyTo(o);
}
od.Content.Seek(0, SeekOrigin.Current);
Verify(od, null, null);
}
public void SignAsyncNLVisiblePropsMultiText()
{
DsspClient dsspClient = new DsspClient("https://www.e-contract.be/dss-ws/dss");
dsspClient.Application.UT.Name = "egelke";
dsspClient.Application.UT.Password = "******";
DsspSession s;
using (Stream i = File.OpenRead("Blank.pdf"))
{
Document id = new Document("application/pdf", i);
s = dsspClient.UploadDocument(id);
}
SignatureRequestProperties props = new SignatureRequestProperties()
{
SignerRole = "Developer",
SignatureProductionPlace = "Oost-Vlaanderen",
VisibleSignature = new ImageVisibleSignature()
{
CustomText = "Custom",
CustomText2 = "Custom2",
CustomText3 = "Custom3",
CustomText4 = "Custom4",
CustomText5 = "Custom5",
ValueUri = "urn:be:e-contract:dssp:1.0:vs:si:eid-photo:signer-info",
Page = 1,
X = 500,
Y = 700
}
};
String signResponse = emulateBrowser(
s.GeneratePendingRequest(new Uri("http://localhost/dssp"), "NL", props),
"Document bekijken");
NameIdentifierType signer = s.ValidateSignResponse(signResponse);
Assert.AreEqual("SERIALNUMBER=79021802145, GIVENNAME=Bryan Eduard, SURNAME=Brouckaert, CN=Bryan Brouckaert (Signature), C=BE", signer.Value);
Document od = dsspClient.DownloadDocument(s);
using (Stream o = File.OpenWrite("Output.pdf"))
{
od.Content.CopyTo(o);
}
od.Content.Seek(0, SeekOrigin.Current);
Verify(od, "Developer", "Oost-Vlaanderen");
}
/// <summary>
/// Constructor
/// </summary>
/// <param name="message">The exception message</param>
/// <param name="attemptedSigner">The Attempted Signer subject name information</param>
public AuthorizationError(String message, NameIdentifierType attemptedSigner)
: base(message)
{
this.AttemptedSigner = attemptedSigner;
}
public async Task <HttpResponseMessage> Post(string id, [FromBody] FormDataCollection formData)
{
NameIdentifierType newSigner = null;
try
{
foreach (KeyValuePair <String, String> formField in formData)
{
if (formField.Key == "SignResponse")
{
try
{
//check if the sign response is correct, keep the signer
newSigner = sessions[id].ValidateSignResponse(formField.Value);
docs[id].Alert = new Alert()
{
Message = "New signature by " + newSigner.Value, Type = "success"
};
//get the session and remove it from the store
DsspSession session = sessions.Remove(id);
//Download the signed document.
Document doc = await dsspClient.DownloadDocumentAsync(session);
docs[id].Content = doc.Content;
//You should save the signed document about here...
//For demo purposes, lets validate the signature. This is purely optional
SecurityInfo securityInfo = await dsspClient.VerifyAsync(doc);
//Keep some interesting info about the signed document
docs[id].TimeStampValidity = securityInfo.TimeStampValidity;
docs[id].Signatures = new List <SignInfo>();
foreach (SignatureInfo info in securityInfo.Signatures)
{
SignInfo i = new SignInfo();
i.Signer = info.SignerSubject;
i.SignedOn = info.SigningTime;
i.Location = info.SignatureProductionPlace;
i.Role = info.SignerRole;
docs[id].Signatures.Add(i);
}
}
catch (AuthorizationError ae)
{
newSigner = ae.AttemptedSigner;
docs[id].Alert = new Alert()
{
Message = "Failed signature attempt by " + ae.AttemptedSigner.Value, Type = "warning"
};
sessions.Remove(id); //we can remove now, it is no longer valid
}
}
}
if (newSigner == null)
{
docs[id].Alert = new Alert()
{
Message = "No new signature found", Type = "danger"
};
}
}
catch (Exception e)
{
docs[id].Alert = new Alert()
{
Message = "Internal error: " + e.Message, Type = "danger"
};
}
//Redirecting back to the main site (via HTML to make sure "Get" is used instead of POST)
return(RedirectBack());
}
protected void Page_Load(object sender, EventArgs e)
{
if (!IsPostBack)
{
//Retrieve the content
string signResponse = Request.Form.Get("SignResponse");
//Retrieve the session
DsspSession session = (DsspSession)Session["dsspSession"];
// verify whether DsspSession is serializable
BinaryFormatter binaryFormatter = new BinaryFormatter();
MemoryStream memoryStream = new MemoryStream();
binaryFormatter.Serialize(memoryStream, session);
memoryStream.Seek(0, SeekOrigin.Begin);
session = (DsspSession)binaryFormatter.Deserialize(memoryStream);
Document signedDocument;
try
{
//Check if the content is valid, this isn't required but strongly advised.
NameIdentifierType newSigner = session.ValidateSignResponse(signResponse);
//Remove the DSS-P Session from the HTTP Session
Session.Remove("dsspSession");
//download the signed document
signedDocument = dsspClient.DownloadDocument(session);
//You should save the signed document about here...
Session["signedDocument"] = signedDocument;
//For demo purposes, lets validate the signature. This is purely optional
SecurityInfo securityInfo = dsspClient.Verify(signedDocument);
//Display some interesting info about the signed document
this.msg.Text = "signed document with timestamp valid until " + securityInfo.TimeStampValidity;
foreach (SignatureInfo signature in securityInfo.Signatures)
{
if (signature.SignerSubject == newSigner.Value)
{
this.signatures.Items.Add("New: Signed by " + signature.Signer.Subject + " on " + signature.SigningTime);
}
else
{
this.signatures.Items.Add("Signed by " + signature.Signer.Subject + " on " + signature.SigningTime);
}
}
this.view.Enabled = true;
}
catch (AuthorizationError error)
{
//Failed, lets display the error
this.msg.Text = "authorization error: " + error.AttemptedSigner.Value;
this.view.Enabled = false;
return;
}
catch (RequestError error)
{
//Failed, lets display the error
this.msg.Text = "signing error: " + error.Message;
this.view.Enabled = false;
return;
}
}
}
/// <summary>
/// Constructor
/// </summary>
/// <param name="message">The exception message</param>
/// <param name="attemptedSigner">The Attempted Signer subject name information</param>
public AuthorizationError(String message, NameIdentifierType attemptedSigner)
: base(message)
{
this.AttemptedSigner = attemptedSigner;
}
/// <summary>
/// Creates a Version 1.1 Saml Assertion
/// </summary>
/// <param name="issuer">Issuer</param>
/// <param name="subject">Subject</param>
/// <param name="attributes">Attributes</param>
/// <returns>returns a Version 1.1 Saml Assertoion</returns>
private static AssertionType CreateSaml11Assertion(string issuer, string domain, string subject, Dictionary <string, string> attributes)
{
// Create some SAML assertion with ID and Issuer name.
AssertionType assertion = new AssertionType();
assertion.AssertionID = "_" + Guid.NewGuid().ToString();
assertion.Issuer = issuer.Trim();
assertion.MajorVersion = "1";
assertion.MinorVersion = "1";
assertion.IssueInstant = System.DateTime.UtcNow;
//Not before, not after conditions
ConditionsType conditions = new ConditionsType();
conditions.NotBefore = DateTime.UtcNow;
conditions.NotBeforeSpecified = true;
conditions.NotOnOrAfter = DateTime.UtcNow.AddMinutes(10);
conditions.NotOnOrAfterSpecified = true;
//Name Identifier to be used in Saml Subject
NameIdentifierType nameIdentifier = new NameIdentifierType();
nameIdentifier.NameQualifier = domain.Trim();
nameIdentifier.Value = subject.Trim();
SubjectConfirmationType subjectConfirmation = new SubjectConfirmationType();
subjectConfirmation.ConfirmationMethod = new string[] { "urn:oasis:names:tc:SAML:1.0:cm:bearer" };
//
// Create some SAML subject.
SubjectType samlSubject = new SubjectType();
AttributeStatementType attrStatement = new AttributeStatementType();
AuthenticationStatementType authStatement = new AuthenticationStatementType();
authStatement.AuthenticationMethod = "urn:oasis:names:tc:SAML:1.0:am:password";
authStatement.AuthenticationInstant = System.DateTime.UtcNow;
samlSubject.Items = new object[] { nameIdentifier, subjectConfirmation };
attrStatement.Subject = samlSubject;
authStatement.Subject = samlSubject;
IPHostEntry ipEntry =
Dns.GetHostEntry(System.Environment.MachineName);
SubjectLocalityType subjectLocality = new SubjectLocalityType();
subjectLocality.IPAddress = ipEntry.AddressList[0].ToString();
authStatement.SubjectLocality = subjectLocality;
attrStatement.Attribute = new AttributeType[attributes.Count];
int i = 0;
// Create userName SAML attributes.
foreach (KeyValuePair <string, string> attribute in attributes)
{
AttributeType attr = new AttributeType();
attr.AttributeName = attribute.Key;
attr.AttributeNamespace = domain;
attr.AttributeValue = new object[] { attribute.Value };
attrStatement.Attribute[i] = attr;
i++;
}
assertion.Conditions = conditions;
assertion.Items = new StatementAbstractType[] { authStatement, attrStatement };
return(assertion);
}
