public async Task <string> Start(string userfile, string cmsfile)
{
var storage = new Storage(hostingEnvironment);
var client = Util.GetRestPkiClient(restPkiConfig);
// Get an instance of the CadesSignatureStarter class, responsible for receiving the signature elements and start the
// signature process
var signatureStarter = new CadesSignatureStarter(client)
{
// Set the signature policy
SignaturePolicyId = StandardCadesSignaturePolicies.PkiBrazil.AdrBasica,
// Note: Depending on the signature policy chosen above, setting the security context below may be mandatory (this is not
// the case for ICP-Brasil policies, which will automatically use the PkiBrazil security context if none is passed)
// Optionally, set a SecurityContext to be used to determine trust in the certificate chain
//SecurityContextId = new Guid("ID OF YOUR CUSTOM SECURITY CONTEXT"),
// For instance, to use the test certificates on Lacuna Test PKI (for development purposes only!):
//SecurityContextId = new Guid("803517ad-3bbc-4169-b085-60053a8f6dbf"),
};
// Below we'll either set the file to be signed or the CMS to be co-signed. Prefer passing a path or a stream instead of
// the file's contents as a byte array to prevent memory allocation issues with large files.
if (!string.IsNullOrEmpty(userfile))
{
// If the URL argument "userfile" is filled (signature with file uploaded by user). We'll set the file to be signed
Stream userFileStream;
if (!storage.TryOpenRead(userfile, out userFileStream))
{
throw new Exception("File not found");
}
signatureStarter.SetContentToSign(userFileStream);
}
else if (!string.IsNullOrEmpty(cmsfile))
{
/*
* If the URL argument "cmsfile" is filled, the user has asked to co-sign a previously signed CMS. We'll set the CMS
* to be co-signed, which was perviously saved in the App_Data folder by the POST action on this controller. Note two important things:
*
* 1. The CMS to be co-signed must be set using the method "SetCmsToCoSign", not the method "SetContentToSign" nor "SetFileToSign"
*
* 2. Since we're creating CMSs with encapsulated content (see call to SetEncapsulateContent below), we don't need to set the content
* to be signed, REST PKI will get the content from the CMS being co-signed.
*/
Stream cmsFileStream;
if (!storage.TryOpenRead(cmsfile, out cmsFileStream))
{
throw new Exception("File not found");
}
signatureStarter.SetCmsToCoSign(cmsFileStream);
}
else
{
// If both userfile and cmsfile are null, this is the "signature with server file" case. We'll set the path of the file to be signed
signatureStarter.SetFileToSign(storage.GetSampleDocPath());
}
// Call the StartWithWebPkiAsync() method, which initiates the signature. This yields the token, a 43-character
// case-sensitive URL-safe string, which identifies this signature process. We'll use this value to call the
// signWithRestPki() method on the Web PKI component (see javascript on the angular controller) and also to complete
// the signature on the POST action below (this should not be mistaken with the API access token).
var token = await signatureStarter.StartWithWebPkiAsync();
return(token);
}
