public async Task <ActionResult> Start(int id)
{
// Get an instance of the CadesSignatureStarter class, responsible for receiving the signature
// elements and start the signature process.
var signatureStarter = new CadesSignatureStarter(Util.GetRestPkiClient())
{
// Set the signature policy.
SignaturePolicyId = StandardCadesSignaturePolicies.PkiBrazil.AdrBasica,
// Set the security context to be used to determine trust in the certificate chain. We have
// encapsulated the security context choice on Util.cs.
SecurityContextId = Util.GetSecurityContextId(),
// Optionally, set whether the content should be encapsulated in the resulting CMS.
EncapsulateContent = true
};
// Set the document to be signed based on its ID (passed to us from the page).
signatureStarter.SetFileToSign(StorageMock.GetBatchDocPath(id));
// Call the StartWithWebPki() method, which initiates the signature. This yields the token, a
// 43-character case-sensitive URL-safe string, which identifies this signature process. We'll
// use this value to call the signWithRestPki() method on the Web PKI component (see
// batch-signature-form.js) and also to complete the signature on the POST action below (this
// should not be mistaken with the API access token).
var token = await signatureStarter.StartWithWebPkiAsync();
// Return a JSON with the token obtained from REST PKI. (the page will use jQuery to decode this
// value)
return(Json(token));
}
public async Task <ActionResult> Index(string userfile, string cmsfile)
{
// Get an instance of the CadesSignatureStarter class, responsible for receiving the signature
// elements and start the signature process.
var signatureStarter = new CadesSignatureStarter(Util.GetRestPkiClient())
{
// Set the signature policy.
SignaturePolicyId = StandardCadesSignaturePolicies.PkiBrazil.AdrBasica,
// Set the security context to be used to determine trust in the certificate chain. We have
// encapsulated the security context choice on Util.cs.
SecurityContextId = Util.GetSecurityContextId(),
// Optionally, set whether the content should be encapsulated in the resulting CMS. If this
// parameter is ommitted, the following rules apply:
// - If no CmsToCoSign is given, the resulting CMS will include the content.
// - If a CmsToCoSign is given, the resulting CMS will include the content if and only if the
// CmsToCoSign also includes the content.
EncapsulateContent = true
};
if (!string.IsNullOrEmpty(cmsfile))
{
// Verify if the cmsfile exists and get the absolute path of the cmsfile.
string cmsfilePath;
if (!StorageMock.TryGetFile(cmsfile, out cmsfilePath))
{
return(HttpNotFound());
}
/*
* If the URL argument "cmsfile" is filled, the user has asked to co-sign a previously signed
* CMS. We'll set the path to the CMS to be co-signed, which was perviously saved in the
* App_Data folder by the POST action on this controller. Note two important things:
*
* 1. The CMS to be co-signed must be set using the method "SetCmsToCoSign", not the
* method "SetContentToSign" nor "SetFileToSign".
*
* 2. Since we're creating CMSs with encapsulated content (see call to
* SetEncapsulateContent below), we don't need to set the content to be signed,
* REST PKI will get the content from the CMS being co-signed.
*/
signatureStarter.SetCmsToCoSign(cmsfilePath);
}
else
{
// Verify if the userfile exists and get the absolute path of the userfile.
string userfilePath;
if (!StorageMock.TryGetFile(userfile, out userfilePath))
{
return(HttpNotFound());
}
// If the URL argument "userfile" is filled, it means the user was redirected here by
// UploadController (signature with file uploaded by user). We'll set the path of the file to
// be signed, which was saved in the App_Data folder by UploadController.
signatureStarter.SetFileToSign(userfilePath);
}
// Call the StartWithWebPki() method, which initiates the signature. This yields the token, a
// 43-character case-sensitive URL-safe string, which identifies this signature process. We'll
// use this value to call the signWithRestPki() method on the Web PKI component
// (see signature-form.js) and also to complete the signature on the POST action below (this
// should not be mistaken with the API access token).
var token = await signatureStarter.StartWithWebPkiAsync();
// The token acquired above can only be used for a single signature attempt. In order to retry
// the signature it is necessary to get a new token. This can be a problem if the user uses the
// back button of the browser, since the browser might show a cached page that we rendered
// previously, with a now stale token. To prevent this from happening, we call the method
// SetNoCacheHeaders() (in BaseController) which sets HTTP headers to prevent caching of the
// page.
base.SetNoCacheHeaders();
// Render the signature page with the token obtained from REST PKI.
return(View(new SignatureModel()
{
Token = token,
UserFile = userfile,
CmsFile = cmsfile
}));
}
public ActionResult Index(string userfile, string cmsfile)
{
// Get an instance of the CadesSignatureStarter class, responsible for receiving the signature elements and start the
// signature process
var signatureStarter = new CadesSignatureStarter(Util.GetRestPkiClient()) {
// Set the signature policy
SignaturePolicyId = StandardCadesSignaturePolicies.PkiBrazil.AdrBasica,
// Optionally, set a SecurityContext to be used to determine trust in the certificate chain
//SecurityContextId = StandardSecurityContexts.PkiBrazil,
// Note: Depending on the signature policy chosen above, setting the security context may be mandatory (this is not
// the case for ICP-Brasil policies, which will automatically use the PkiBrazil security context if none is passed)
// Optionally, set whether the content should be encapsulated in the resulting CMS. If this parameter is ommitted,
// the following rules apply:
// - If no CmsToSign is given, the resulting CMS will include the content
// - If a CmsToCoSign is given, the resulting CMS will include the content if and only if the CmsToCoSign also includes the content
EncapsulateContent = true
};
if (!string.IsNullOrEmpty(userfile)) {
// If the URL argument "userfile" is filled, it means the user was redirected here by UploadController (signature with file uploaded by user).
// We'll set the path of the file to be signed, which was saved in the App_Data folder by UploadController
signatureStarter.SetFileToSign(Server.MapPath("~/App_Data/" + userfile.Replace("_", "."))); // Note: we're passing the filename argument with "." as "_" because of limitations of ASP.NET MVC
} else if (!string.IsNullOrEmpty(cmsfile)) {
/*
* If the URL argument "cmsfile" is filled, the user has asked to co-sign a previously signed CMS. We'll set the path to the CMS
* to be co-signed, which was perviously saved in the App_Data folder by the POST action on this controller. Note two important things:
*
* 1. The CMS to be co-signed must be set using the method "SetCmsToCoSign", not the method "SetContentToSign" nor "SetFileToSign"
*
* 2. Since we're creating CMSs with encapsulated content (see call to SetEncapsulateContent below), we don't need to set the content
* to be signed, REST PKI will get the content from the CMS being co-signed.
*/
signatureStarter.SetCmsToCoSign(Server.MapPath("~/App_Data/" + cmsfile.Replace("_", "."))); // Note: we're passing the filename argument with "." as "_" because of limitations of ASP.NET MVC
} else {
// If both userfile and cmsfile are null, this is the "signature with server file" case. We'll set the path of the file to be signed
signatureStarter.SetFileToSign(Util.GetSampleDocPath());
}
// Call the StartWithWebPki() method, which initiates the signature. This yields the token, a 43-character
// case-sensitive URL-safe string, which identifies this signature process. We'll use this value to call the
// signWithRestPki() method on the Web PKI component (see javascript on the view) and also to complete the signature
// on the POST action below (this should not be mistaken with the API access token).
var token = signatureStarter.StartWithWebPki();
// The token acquired above can only be used for a single signature attempt. In order to retry the signature it is
// necessary to get a new token. This can be a problem if the user uses the back button of the browser, since the
// browser might show a cached page that we rendered previously, with a now stale token. To prevent this from happening,
// we call the method SetNoCacheHeaders() (in BaseController) which sets HTTP headers to prevent caching of the page.
base.SetNoCacheHeaders();
// Render the signature page with the token obtained from REST PKI
return View(new CadesSignatureModel() {
Token = token,
UserFile = userfile,
CmsFile = cmsfile
});
}
public async Task <string> Start(string userfile, string cmsfile)
{
var storage = new Storage(hostingEnvironment);
var client = Util.GetRestPkiClient(restPkiConfig);
// Get an instance of the CadesSignatureStarter class, responsible for receiving the signature elements and start the
// signature process
var signatureStarter = new CadesSignatureStarter(client)
{
// Set the signature policy
SignaturePolicyId = StandardCadesSignaturePolicies.PkiBrazil.AdrBasica,
// Note: Depending on the signature policy chosen above, setting the security context below may be mandatory (this is not
// the case for ICP-Brasil policies, which will automatically use the PkiBrazil security context if none is passed)
// Optionally, set a SecurityContext to be used to determine trust in the certificate chain
//SecurityContextId = new Guid("ID OF YOUR CUSTOM SECURITY CONTEXT"),
// For instance, to use the test certificates on Lacuna Test PKI (for development purposes only!):
//SecurityContextId = new Guid("803517ad-3bbc-4169-b085-60053a8f6dbf"),
};
// Below we'll either set the file to be signed or the CMS to be co-signed. Prefer passing a path or a stream instead of
// the file's contents as a byte array to prevent memory allocation issues with large files.
if (!string.IsNullOrEmpty(userfile))
{
// If the URL argument "userfile" is filled (signature with file uploaded by user). We'll set the file to be signed
Stream userFileStream;
if (!storage.TryOpenRead(userfile, out userFileStream))
{
throw new Exception("File not found");
}
signatureStarter.SetContentToSign(userFileStream);
}
else if (!string.IsNullOrEmpty(cmsfile))
{
/*
* If the URL argument "cmsfile" is filled, the user has asked to co-sign a previously signed CMS. We'll set the CMS
* to be co-signed, which was perviously saved in the App_Data folder by the POST action on this controller. Note two important things:
*
* 1. The CMS to be co-signed must be set using the method "SetCmsToCoSign", not the method "SetContentToSign" nor "SetFileToSign"
*
* 2. Since we're creating CMSs with encapsulated content (see call to SetEncapsulateContent below), we don't need to set the content
* to be signed, REST PKI will get the content from the CMS being co-signed.
*/
Stream cmsFileStream;
if (!storage.TryOpenRead(cmsfile, out cmsFileStream))
{
throw new Exception("File not found");
}
signatureStarter.SetCmsToCoSign(cmsFileStream);
}
else
{
// If both userfile and cmsfile are null, this is the "signature with server file" case. We'll set the path of the file to be signed
signatureStarter.SetFileToSign(storage.GetSampleDocPath());
}
// Call the StartWithWebPkiAsync() method, which initiates the signature. This yields the token, a 43-character
// case-sensitive URL-safe string, which identifies this signature process. We'll use this value to call the
// signWithRestPki() method on the Web PKI component (see javascript on the angular controller) and also to complete
// the signature on the POST action below (this should not be mistaken with the API access token).
var token = await signatureStarter.StartWithWebPkiAsync();
return(token);
}
public ActionResult Index(string userfile, string cmsfile)
{
// Get an instance of the CadesSignatureStarter class, responsible for receiving the signature elements and start the
// signature process
var signatureStarter = new CadesSignatureStarter(Util.GetRestPkiClient())
{
// Set the signature policy
SignaturePolicyId = StandardCadesSignaturePolicies.PkiBrazil.AdrBasica,
// Optionally, set a SecurityContext to be used to determine trust in the certificate chain
//SecurityContextId = StandardSecurityContexts.PkiBrazil,
// Note: Depending on the signature policy chosen above, setting the security context may be mandatory (this is not
// the case for ICP-Brasil policies, which will automatically use the PkiBrazil security context if none is passed)
// Optionally, set whether the content should be encapsulated in the resulting CMS. If this parameter is ommitted,
// the following rules apply:
// - If no CmsToSign is given, the resulting CMS will include the content
// - If a CmsToCoSign is given, the resulting CMS will include the content if and only if the CmsToCoSign also includes the content
EncapsulateContent = true
};
if (!string.IsNullOrEmpty(userfile))
{
// If the URL argument "userfile" is filled, it means the user was redirected here by UploadController (signature with file uploaded by user).
// We'll set the path of the file to be signed, which was saved in the App_Data folder by UploadController
signatureStarter.SetFileToSign(Server.MapPath("~/App_Data/" + userfile.Replace("_", "."))); // Note: we're passing the filename argument with "." as "_" because of limitations of ASP.NET MVC
}
else if (!string.IsNullOrEmpty(cmsfile))
{
/*
* If the URL argument "cmsfile" is filled, the user has asked to co-sign a previously signed CMS. We'll set the path to the CMS
* to be co-signed, which was perviously saved in the App_Data folder by the POST action on this controller. Note two important things:
*
* 1. The CMS to be co-signed must be set using the method "SetCmsToCoSign", not the method "SetContentToSign" nor "SetFileToSign"
*
* 2. Since we're creating CMSs with encapsulated content (see call to SetEncapsulateContent below), we don't need to set the content
* to be signed, REST PKI will get the content from the CMS being co-signed.
*/
signatureStarter.SetCmsToCoSign(Server.MapPath("~/App_Data/" + cmsfile.Replace("_", "."))); // Note: we're passing the filename argument with "." as "_" because of limitations of ASP.NET MVC
}
else
{
// If both userfile and cmsfile are null, this is the "signature with server file" case. We'll set the path of the file to be signed
signatureStarter.SetFileToSign(Util.GetSampleDocPath());
}
// Call the StartWithWebPki() method, which initiates the signature. This yields the token, a 43-character
// case-sensitive URL-safe string, which identifies this signature process. We'll use this value to call the
// signWithRestPki() method on the Web PKI component (see javascript on the view) and also to complete the signature
// on the POST action below (this should not be mistaken with the API access token).
var token = signatureStarter.StartWithWebPki();
// The token acquired above can only be used for a single signature attempt. In order to retry the signature it is
// necessary to get a new token. This can be a problem if the user uses the back button of the browser, since the
// browser might show a cached page that we rendered previously, with a now stale token. To prevent this from happening,
// we call the method SetNoCacheHeaders() (in BaseController) which sets HTTP headers to prevent caching of the page.
base.SetNoCacheHeaders();
// Render the signature page with the token obtained from REST PKI
return(View(new CadesSignatureModel()
{
Token = token,
UserFile = userfile,
CmsFile = cmsfile
}));
}
