public ActionResult Index(string userfile, string cmsfile)
{
// Get an instance of the CadesSignatureStarter class, responsible for receiving the signature elements and start the
// signature process
var signatureStarter = new CadesSignatureStarter(Util.GetRestPkiClient()) {
// Set the signature policy
SignaturePolicyId = StandardCadesSignaturePolicies.PkiBrazil.AdrBasica,
// Optionally, set a SecurityContext to be used to determine trust in the certificate chain
//SecurityContextId = StandardSecurityContexts.PkiBrazil,
// Note: Depending on the signature policy chosen above, setting the security context may be mandatory (this is not
// the case for ICP-Brasil policies, which will automatically use the PkiBrazil security context if none is passed)
// Optionally, set whether the content should be encapsulated in the resulting CMS. If this parameter is ommitted,
// the following rules apply:
// - If no CmsToSign is given, the resulting CMS will include the content
// - If a CmsToCoSign is given, the resulting CMS will include the content if and only if the CmsToCoSign also includes the content
EncapsulateContent = true
};
if (!string.IsNullOrEmpty(userfile)) {
// If the URL argument "userfile" is filled, it means the user was redirected here by UploadController (signature with file uploaded by user).
// We'll set the path of the file to be signed, which was saved in the App_Data folder by UploadController
signatureStarter.SetFileToSign(Server.MapPath("~/App_Data/" + userfile.Replace("_", "."))); // Note: we're passing the filename argument with "." as "_" because of limitations of ASP.NET MVC
} else if (!string.IsNullOrEmpty(cmsfile)) {
/*
* If the URL argument "cmsfile" is filled, the user has asked to co-sign a previously signed CMS. We'll set the path to the CMS
* to be co-signed, which was perviously saved in the App_Data folder by the POST action on this controller. Note two important things:
*
* 1. The CMS to be co-signed must be set using the method "SetCmsToCoSign", not the method "SetContentToSign" nor "SetFileToSign"
*
* 2. Since we're creating CMSs with encapsulated content (see call to SetEncapsulateContent below), we don't need to set the content
* to be signed, REST PKI will get the content from the CMS being co-signed.
*/
signatureStarter.SetCmsToCoSign(Server.MapPath("~/App_Data/" + cmsfile.Replace("_", "."))); // Note: we're passing the filename argument with "." as "_" because of limitations of ASP.NET MVC
} else {
// If both userfile and cmsfile are null, this is the "signature with server file" case. We'll set the path of the file to be signed
signatureStarter.SetFileToSign(Util.GetSampleDocPath());
}
// Call the StartWithWebPki() method, which initiates the signature. This yields the token, a 43-character
// case-sensitive URL-safe string, which identifies this signature process. We'll use this value to call the
// signWithRestPki() method on the Web PKI component (see javascript on the view) and also to complete the signature
// on the POST action below (this should not be mistaken with the API access token).
var token = signatureStarter.StartWithWebPki();
// The token acquired above can only be used for a single signature attempt. In order to retry the signature it is
// necessary to get a new token. This can be a problem if the user uses the back button of the browser, since the
// browser might show a cached page that we rendered previously, with a now stale token. To prevent this from happening,
// we call the method SetNoCacheHeaders() (in BaseController) which sets HTTP headers to prevent caching of the page.
base.SetNoCacheHeaders();
// Render the signature page with the token obtained from REST PKI
return View(new CadesSignatureModel() {
Token = token,
UserFile = userfile,
CmsFile = cmsfile
});
}
public ActionResult Index(string userfile, string cmsfile)
{
// Get an instance of the CadesSignatureStarter class, responsible for receiving the signature elements and start the
// signature process
var signatureStarter = new CadesSignatureStarter(Util.GetRestPkiClient())
{
// Set the signature policy
SignaturePolicyId = StandardCadesSignaturePolicies.PkiBrazil.AdrBasica,
// Optionally, set a SecurityContext to be used to determine trust in the certificate chain
//SecurityContextId = StandardSecurityContexts.PkiBrazil,
// Note: Depending on the signature policy chosen above, setting the security context may be mandatory (this is not
// the case for ICP-Brasil policies, which will automatically use the PkiBrazil security context if none is passed)
// Optionally, set whether the content should be encapsulated in the resulting CMS. If this parameter is ommitted,
// the following rules apply:
// - If no CmsToSign is given, the resulting CMS will include the content
// - If a CmsToCoSign is given, the resulting CMS will include the content if and only if the CmsToCoSign also includes the content
EncapsulateContent = true
};
if (!string.IsNullOrEmpty(userfile))
{
// If the URL argument "userfile" is filled, it means the user was redirected here by UploadController (signature with file uploaded by user).
// We'll set the path of the file to be signed, which was saved in the App_Data folder by UploadController
signatureStarter.SetFileToSign(Server.MapPath("~/App_Data/" + userfile.Replace("_", "."))); // Note: we're passing the filename argument with "." as "_" because of limitations of ASP.NET MVC
}
else if (!string.IsNullOrEmpty(cmsfile))
{
/*
* If the URL argument "cmsfile" is filled, the user has asked to co-sign a previously signed CMS. We'll set the path to the CMS
* to be co-signed, which was perviously saved in the App_Data folder by the POST action on this controller. Note two important things:
*
* 1. The CMS to be co-signed must be set using the method "SetCmsToCoSign", not the method "SetContentToSign" nor "SetFileToSign"
*
* 2. Since we're creating CMSs with encapsulated content (see call to SetEncapsulateContent below), we don't need to set the content
* to be signed, REST PKI will get the content from the CMS being co-signed.
*/
signatureStarter.SetCmsToCoSign(Server.MapPath("~/App_Data/" + cmsfile.Replace("_", "."))); // Note: we're passing the filename argument with "." as "_" because of limitations of ASP.NET MVC
}
else
{
// If both userfile and cmsfile are null, this is the "signature with server file" case. We'll set the path of the file to be signed
signatureStarter.SetFileToSign(Util.GetSampleDocPath());
}
// Call the StartWithWebPki() method, which initiates the signature. This yields the token, a 43-character
// case-sensitive URL-safe string, which identifies this signature process. We'll use this value to call the
// signWithRestPki() method on the Web PKI component (see javascript on the view) and also to complete the signature
// on the POST action below (this should not be mistaken with the API access token).
var token = signatureStarter.StartWithWebPki();
// The token acquired above can only be used for a single signature attempt. In order to retry the signature it is
// necessary to get a new token. This can be a problem if the user uses the back button of the browser, since the
// browser might show a cached page that we rendered previously, with a now stale token. To prevent this from happening,
// we call the method SetNoCacheHeaders() (in BaseController) which sets HTTP headers to prevent caching of the page.
base.SetNoCacheHeaders();
// Render the signature page with the token obtained from REST PKI
return(View(new CadesSignatureModel()
{
Token = token,
UserFile = userfile,
CmsFile = cmsfile
}));
}
