protected void SubmitSignatureButton_Click(object sender, EventArgs e) { PKCertificate cert; byte[] signatureContent; try { // Decode the user's certificate. cert = PKCertificate.Decode(Convert.FromBase64String(CertificateField.Value)); // Instantiate a CadesSigner class. var cadesSigner = new CadesSigner(); // Set the document to be signed and the policy, exactly like in the previous action // (SubmitCertificateButton_Click). cadesSigner.SetDataToSign(Storage.GetSampleDocContent()); cadesSigner.SetPolicy(getSignaturePolicy()); // Set the signer certificate. cadesSigner.SetSigningCertificate(cert); // Set the signature computed on the client-side, along with the "to-sign-bytes" recovered from // the page. cadesSigner.SetPrecomputedSignature(Convert.FromBase64String(SignatureField.Value), Convert.FromBase64String(ToSignBytesField.Value)); // Call ComputeSignature(), which does all the work, including validation of the signer's // certificate and of the resulting signature. cadesSigner.ComputeSignature(); // Get the signature as an array of bytes. signatureContent = cadesSigner.GetSignature(); } catch (ValidationException ex) { // Some of the operations above may throw a ValidationException, for instance if the certificate // is revoked. ex.ValidationResults.Errors.ForEach(ve => ModelState.AddModelError("", ve.ToString())); CertificateField.Value = ""; ToSignHashField.Value = ""; return; } // Pass the following fields to be used on CadesSignatureInfo page: // - The signature file will be stored on the folder "App_Data/". Its name will be passed by // SignatureFile field. // - The user's certificate this.SignatureFile = Storage.StoreFile(signatureContent, ".p7s"); this.Certificate = cert; Server.Transfer("CadesSignatureInfo.aspx"); }
public IHttpActionResult Complete(SignatureCompleteRequest request) { byte[] signatureContent; try { // Instantiate a CadesSigner class var cadesSigner = new CadesSigner(); // Set the document to be signed and the policy, exactly like in the Start action if (!string.IsNullOrEmpty(request.FileId)) { cadesSigner.SetDataToSign(Storage.GetFile(request.FileId)); } else { cadesSigner.SetDataToSign(Storage.GetSampleDocContent()); } cadesSigner.SetPolicy(getSignaturePolicy()); // Set signer's certificate cadesSigner.SetSigningCertificate(PKCertificate.Decode(request.Certificate)); // Set the signature computed on the client-side, along with the "to-sign-bytes" received from the request. cadesSigner.SetPrecomputedSignature(request.Signature, request.ToSignBytes); // Call ComputeSignature(), which does all the work, including validation of the signer's certificate and of the resulting signature. cadesSigner.ComputeSignature(); // Get the signature as an array of bytes signatureContent = cadesSigner.GetSignature(); } catch (ValidationException ex) { // Some of the operations above may throw a ValidationException, for instance if the certificate is revoked. return(new ResponseMessageResult(Request.CreateResponse(HttpStatusCode.BadRequest, new ValidationErrorModel(ex.ValidationResults)))); } // Pass the following fields to be used on signature-results template: // - The signature file will be stored on the folder "App_Data/". Its name will be passed by Filename field. // - The user's certificate var response = new SignatureCompleteResponse() { Filename = Storage.StoreFile(signatureContent, ".p7s"), Certificate = new CertificateModel(PKCertificate.Decode(request.Certificate)) }; return(Ok(response)); }
public ActionResult Complete(SignatureCompleteModel model) { byte[] signatureContent; try { // Instantiate a CadesSigner class var cadesSigner = new CadesSigner(); // Set the document to be signed and the policy, exactly like in the Start method cadesSigner.SetDataToSign(Storage.GetSampleDocContent()); cadesSigner.SetPolicy(getSignaturePolicy()); // Set signer's certificate cadesSigner.SetSigningCertificate(PKCertificate.Decode(model.CertContent)); // Set the signature computed on the client-side, along with the "to-sign-bytes" (rendered in a hidden input field, see the view) cadesSigner.SetPrecomputedSignature(model.Signature, model.ToSignBytes); // Call ComputeSignature(), which does all the work, including validation of the signer's certificate and of the resulting signature cadesSigner.ComputeSignature(); // Get the signature as an array of bytes signatureContent = cadesSigner.GetSignature(); } catch (ValidationException ex) { // Some of the operations above may throw a ValidationException, for instance if the certificate is revoked. ModelState.AddModelError("", ex.ValidationResults.ToString()); return(View()); } // On the next step (SignatureInfo action), we'll render the following information:] // - The filename to be available to download in next action. // - The signer's certificate information to be rendered. // We'll store these values on TempData, which is a dictionary shared between actions. TempData["SignatureInfoModel"] = new SignatureInfoModel() { // Store the signature file on the folder "App_Data/" and redirects to the SignatureInfo action with the filename. // With this filename, it can show a link to download the signature file. Filename = Storage.StoreFile(signatureContent, ".p7s"), UserCert = PKCertificate.Decode(model.CertContent) }; return(RedirectToAction("SignatureInfo")); }
private static int RunSignAndReturnExitCode(SignOptions opts) { var certificates = WindowsCertificateStore.LoadPersonalCurrentUser().GetCertificatesWithKey().Where(c => c.Certificate.PkiBrazil.CPF != null).ToList(); var certificate = certificates[opts.Certificate]; var fileName = opts.InputFile; using var stream = File.OpenRead(fileName); var digestAlgorithm = DigestAlgorithm.SHA256; var digest = digestAlgorithm.ComputeHash(stream); var signer = new CadesSigner(); signer.SetSigningCertificate(certificate); signer.SetPolicy(CadesPoliciesForGeneration.GetPkiBrazilAdrBasica()); signer.SetEncapsulatedContent(false); signer.SetDataDigestToSign(digestAlgorithm, digest); signer.ComputeSignature(); var cades = signer.GetSignature(); File.WriteAllBytes(opts.SignedFile, cades); stream.Close(); return(0); }
public ActionResult Complete(SignatureCompleteModel model) { byte[] signatureContent; try { // Instantiate a CadesSigner class var cadesSigner = new CadesSigner(); // Set the document to be signed, exactly like in the Start method if (!string.IsNullOrEmpty(model.CmsFile)) { // Verify if the cmsfile exists and get the content of the cmsfile. byte[] cmsfileContent; if (!StorageMock.TryGetFile(model.CmsFile, out cmsfileContent)) { return(HttpNotFound()); } // If the URL argument "cmsfile" is filled, the user has asked to co-sign a previously signed // CMS. We'll set the path to the CMS to be co-signed, which was perviously saved in the // App_Data folder by the POST action on this controller. cadesSigner.SetSignatureToCoSign(cmsfileContent); } else { // Verify if the userfile exists and get the content of the userfile. byte[] userfileContent; if (!StorageMock.TryGetFile(model.UserFile, out userfileContent)) { return(HttpNotFound()); } // If the URL argument "userfile" is filled, it means the user was redirected here by // UploadController (signature with file uploaded by user). We'll set the path of the file to // be signed, which was saved in the App_Data folder by UploadController. cadesSigner.SetDataToSign(userfileContent); } // Set the signature policy, exactly like in the Start method. cadesSigner.SetPolicy(getSignaturePolicy()); // Decode the user's certificate and set as the signer certificate. var cert = PKCertificate.Decode(model.CertContent); cadesSigner.SetSigningCertificate(cert); // Set the signature computed on the client-side, along with the "to-sign-bytes" (rendered in a hidden input field, see the view) cadesSigner.SetPrecomputedSignature(model.Signature, model.ToSignBytes); // Call ComputeSignature(), which does all the work, including validation of the signer's certificate and of the resulting signature cadesSigner.ComputeSignature(); // Get the signature as an array of bytes signatureContent = cadesSigner.GetSignature(); } catch (ValidationException ex) { // Some of the operations above may throw a ValidationException, for instance if the certificate is revoked. ModelState.AddModelError("", ex.ValidationResults.ToString()); // Return userfile to continue the signature with the same file. return(View("Complete", model)); } // On the next step (SignatureInfo action), we'll render the following information:] // - The filename to be available to download in next action. // We'll store these values on TempData, which is a dictionary shared between actions. TempData["SignatureInfoModel"] = new SignatureInfoModel() { // Store the signature file on the folder "App_Data/" and redirects to the SignatureInfo action with the filename. // With this filename, it can show a link to download the signature file. File = StorageMock.Store(signatureContent, ".p7s") }; return(RedirectToAction("SignatureInfo")); }
public IHttpActionResult Complete(SignatureCompleteRequest model) { // We'll use the SignatureProcess ID to locate the values we stored during the signature first step SignatureProcess signatureProcess; using (var dbContext = new DbContext()) { signatureProcess = dbContext.SignatureProcesses.FirstOrDefault(p => p.Id == model.ProcessId); // We won't be needing this information again, so let's do some housekeeping if (signatureProcess != null) { dbContext.SignatureProcesses.Remove(signatureProcess); dbContext.SaveChanges(); } } // If we haven't found the SignatureProcess, something went wrong and we cannot continue (this shouldn't normally happen) if (signatureProcess == null) { return NotFound(); } byte[] signatureContent; try { var cadesSigner = new CadesSigner(); // Set the document to be signed and the policy, exactly like in the Start method cadesSigner.SetDataToSign(Util.GetSampleDocContent()); cadesSigner.SetPolicy(getPolicy()); // Set signer's certificate recovered from the database cadesSigner.SetSigningCertificate(PKCertificate.Decode(signatureProcess.CadesSignerCertificate)); // Set the signature computed on the client-side, along with the "to-sign-bytes" recovered from the database cadesSigner.SetPrecomputedSignature(model.Signature, signatureProcess.CadesToSign); // Call ComputeSignature(), which does all the work, including validation of the signer's certificate and of the resulting signature cadesSigner.ComputeSignature(); // Get the signature as an array of bytes signatureContent = cadesSigner.GetSignature(); } catch (ValidationException ex) { // Some of the operations above may throw a ValidationException, for instance if the certificate is revoked. return Ok(new SignatureCompleteResponse() { Success = false, Message = "A validation error has occurred", ValidationResults = ex.ValidationResults.ToString() }); } // Store the signature for future download (see method SignatureController.Download in the Controllers folder) Signature signature; using (var dbContext = new DbContext()) { signature = Signature.Create(); signature.Type = SignatureTypes.Cades; signature.Content = signatureContent; dbContext.Signatures.Add(signature); dbContext.SaveChanges(); } // Inform the page of the success, along with the ID of the stored signature, so that the page // can render the download link return Ok(new SignatureCompleteResponse() { Success = true, SignatureId = signature.Id }); }
private void completeSignature() { // Get the ID of the document currently being signed. var docId = DocumentIds[DocumentIndex]; PKCertificate cert; byte[] signatureContent; try { // Decode the user's certificate. cert = PKCertificate.Decode(Convert.FromBase64String(CertificateField.Value)); // Instantiate a CadesSigner class. var cadesSigner = new CadesSigner(); // Set the document to be signed and the policy, exactly like in the previous action // (SubmitCertificateButton_Click). cadesSigner.SetDataToSign(Storage.GetBatchDocContent(docId)); cadesSigner.SetPolicy(getSignaturePolicy()); // Set the signer certificate. cadesSigner.SetSigningCertificate(cert); // Optionally, set whether the content should be encapsulated in the resulting CMS. cadesSigner.SetEncapsulatedContent(false); // Set the signature computed on the client-side, along with the "to-sign-bytes" recovered from // the page. cadesSigner.SetPrecomputedSignature(Convert.FromBase64String(SignatureField.Value), Convert.FromBase64String(ToSignBytesField.Value)); // Call ComputeSignature(), which does all the work, including validation of the signer's // certificate and of the resulting signature. cadesSigner.ComputeSignature(); // Get the signature as an array of bytes. signatureContent = cadesSigner.GetSignature(); } catch (ValidationException ex) { // One or more validations failed. We log the error and update the page with a summary of what // happened to this document. logger.Error(ex, "Validation error completing the signature of a batch document"); setValidationError(ex.ValidationResults); return; } catch (Exception ex) { // An error has occurred. We log the error and update the page with a summary of what happened to // this document. logger.Error(ex, "Error completing the signature of a batch document"); setError(ex.Message); return; } // Store the signed file. var file = Storage.StoreFile(signatureContent, ".p7s"); // Update the page with a link to the signed file. var docItem = DocumentsListView.Items[DocumentIndex]; docItem.DataItem = new DocumentItem() { Id = DocumentIds[DocumentIndex], DownloadLink = "Download?file=" + file }; docItem.DataBind(); }
private async Task <bool> sign(TaskProgressDialog progressDialog) { try { var signer = new CadesSigner(); if (CoSign) { progressDialog.Message = "Reading existing CAdES signature ..."; } else { progressDialog.Message = "Reading file ..."; } await Task.Delay(TimeSpan.FromMilliseconds(100)); if (CoSign) { var cmsBytes = await readAllBytesAsync(CmsPath, progressDialog.CancellationToken); signer.SetSignatureToCoSign(cmsBytes); } else { var fileBytes = await readAllBytesAsync(FilePath, progressDialog.CancellationToken); signer.SetDataToSign(fileBytes); } if (progressDialog.CancellationToken.IsCancellationRequested) { return(false); } progressDialog.Progress = 33; progressDialog.Message = "Signing ..."; await Task.Delay(TimeSpan.FromMilliseconds(100)); signer.SetSigningCertificate(SelectedCertificate.CertificateWithKey); signer.SetPolicy(CadesPoliciesForGeneration.GetCadesBasic(App.GetTrustArbitrator())); signer.SetEncapsulatedContent(this.EncapsulateContent); signer.ComputeSignature(); var signature = signer.GetSignature(); if (progressDialog.CancellationToken.IsCancellationRequested) { return(false); } progressDialog.Progress = 66; progressDialog.Message = "Saving signature ..."; await Task.Delay(TimeSpan.FromMilliseconds(100)); var saveFileDialog = new SaveFileDialog() { Filter = "CAdES signature files (.p7s)|*.p7s", FilterIndex = 1, FileName = CoSign ? string.Format("{0}-{1:yyyy-MM-dd-HHmmss}.p7s", Path.GetFileNameWithoutExtension(CmsPath), DateTime.Now) : FilePath + ".p7s" }; if (saveFileDialog.ShowDialog() != true) { return(false); } var outFilePath = saveFileDialog.FileName; await writeAllBytesAsync(outFilePath, signature, progressDialog.CancellationToken); if (progressDialog.CancellationToken.IsCancellationRequested) { return(false); } progressDialog.Progress = 100; progressDialog.Message = "Completed!"; return(true); } catch (ValidationException ex) { new ValidationResultsDialog("Validation failed", ex.ValidationResults).ShowDialog(); return(false); } catch (Exception ex) { logger.Error(ex, "Error while performing CAdES signature"); MessageBox.Show(ex.Message); return(false); } }