Exemple #1
0
        public async Task <ActionResult> Start(int id)
        {
            // Get an instance of the CadesSignatureStarter class, responsible for receiving the signature
            // elements and start the signature process.
            var signatureStarter = new CadesSignatureStarter(Util.GetRestPkiClient())
            {
                // Set the signature policy.
                SignaturePolicyId = StandardCadesSignaturePolicies.PkiBrazil.AdrBasica,

                // Set the security context to be used to determine trust in the certificate chain. We have
                // encapsulated the security context choice on Util.cs.
                SecurityContextId = Util.GetSecurityContextId(),

                // Optionally, set whether the content should be encapsulated in the resulting CMS.
                EncapsulateContent = true
            };

            // Set the document to be signed based on its ID (passed to us from the page).
            signatureStarter.SetFileToSign(StorageMock.GetBatchDocPath(id));

            // Call the StartWithWebPki() method, which initiates the signature. This yields the token, a
            // 43-character case-sensitive URL-safe string, which identifies this signature process. We'll
            // use this value to call the signWithRestPki() method on the Web PKI component (see
            // batch-signature-form.js) and also to complete the signature on the POST action below (this
            // should not be mistaken with the API access token).
            var token = await signatureStarter.StartWithWebPkiAsync();

            // Return a JSON with the token obtained from REST PKI. (the page will use jQuery to decode this
            // value)
            return(Json(token));
        }
        public async Task <ActionResult> Index(string userfile, string cmsfile)
        {
            // Get an instance of the CadesSignatureStarter class, responsible for receiving the signature
            // elements and start the signature process.
            var signatureStarter = new CadesSignatureStarter(Util.GetRestPkiClient())
            {
                // Set the signature policy.
                SignaturePolicyId = StandardCadesSignaturePolicies.PkiBrazil.AdrBasica,

                // Set the security context to be used to determine trust in the certificate chain. We have
                // encapsulated the security context choice on Util.cs.
                SecurityContextId = Util.GetSecurityContextId(),

                // Optionally, set whether the content should be encapsulated in the resulting CMS. If this
                // parameter is ommitted, the following rules apply:
                // - If no CmsToCoSign is given, the resulting CMS will include the content.
                // - If a CmsToCoSign is given, the resulting CMS will include the content if and only if the
                //   CmsToCoSign also includes the content.
                EncapsulateContent = true
            };

            if (!string.IsNullOrEmpty(cmsfile))
            {
                // Verify if the cmsfile exists and get the absolute path of the cmsfile.
                string cmsfilePath;
                if (!StorageMock.TryGetFile(cmsfile, out cmsfilePath))
                {
                    return(HttpNotFound());
                }

                /*
                 * If the URL argument "cmsfile" is filled, the user has asked to co-sign a previously signed
                 * CMS. We'll set the path to the CMS to be co-signed, which was perviously saved in the
                 * App_Data folder by the POST action on this controller. Note two important things:
                 *
                 *      1. The CMS to be co-signed must be set using the method "SetCmsToCoSign", not the
                 *         method "SetContentToSign" nor "SetFileToSign".
                 *
                 *      2. Since we're creating CMSs with encapsulated content (see call to
                 *         SetEncapsulateContent below), we don't need to set the content to be signed,
                 *         REST PKI will get the content from the CMS being co-signed.
                 */
                signatureStarter.SetCmsToCoSign(cmsfilePath);
            }
            else
            {
                // Verify if the userfile exists and get the absolute path of the userfile.
                string userfilePath;
                if (!StorageMock.TryGetFile(userfile, out userfilePath))
                {
                    return(HttpNotFound());
                }

                // If the URL argument "userfile" is filled, it means the user was redirected here by
                // UploadController (signature with file uploaded by user). We'll set the path of the file to
                // be signed, which was saved in the App_Data folder by UploadController.
                signatureStarter.SetFileToSign(userfilePath);
            }

            // Call the StartWithWebPki() method, which initiates the signature. This yields the token, a
            // 43-character case-sensitive URL-safe string, which identifies this signature process. We'll
            // use this value to call the signWithRestPki() method on the Web PKI component
            // (see signature-form.js) and also to complete the signature on the POST action below (this
            // should not be mistaken with the API access token).
            var token = await signatureStarter.StartWithWebPkiAsync();

            // The token acquired above can only be used for a single signature attempt. In order to retry
            // the signature it is necessary to get a new token. This can be a problem if the user uses the
            // back button of the browser, since the browser might show a cached page that we rendered
            // previously, with a now stale token. To prevent this from happening, we call the method
            // SetNoCacheHeaders() (in BaseController) which sets HTTP headers to prevent caching of the
            // page.
            base.SetNoCacheHeaders();

            // Render the signature page with the token obtained from REST PKI.
            return(View(new SignatureModel()
            {
                Token = token,
                UserFile = userfile,
                CmsFile = cmsfile
            }));
        }
        public ActionResult Index(string userfile, string cmsfile)
        {
            // Get an instance of the CadesSignatureStarter class, responsible for receiving the signature elements and start the
            // signature process
            var signatureStarter = new CadesSignatureStarter(Util.GetRestPkiClient()) {

                // Set the signature policy
                SignaturePolicyId = StandardCadesSignaturePolicies.PkiBrazil.AdrBasica,

                // Optionally, set a SecurityContext to be used to determine trust in the certificate chain
                //SecurityContextId = StandardSecurityContexts.PkiBrazil,
                // Note: Depending on the signature policy chosen above, setting the security context may be mandatory (this is not
                // the case for ICP-Brasil policies, which will automatically use the PkiBrazil security context if none is passed)

                // Optionally, set whether the content should be encapsulated in the resulting CMS. If this parameter is ommitted,
                // the following rules apply:
                // - If no CmsToSign is given, the resulting CMS will include the content
                // - If a CmsToCoSign is given, the resulting CMS will include the content if and only if the CmsToCoSign also includes the content
                EncapsulateContent = true

            };

            if (!string.IsNullOrEmpty(userfile)) {

                // If the URL argument "userfile" is filled, it means the user was redirected here by UploadController (signature with file uploaded by user).
                // We'll set the path of the file to be signed, which was saved in the App_Data folder by UploadController
                signatureStarter.SetFileToSign(Server.MapPath("~/App_Data/" + userfile.Replace("_", "."))); // Note: we're passing the filename argument with "." as "_" because of limitations of ASP.NET MVC

            } else if (!string.IsNullOrEmpty(cmsfile)) {

                /*
                 * If the URL argument "cmsfile" is filled, the user has asked to co-sign a previously signed CMS. We'll set the path to the CMS
                 * to be co-signed, which was perviously saved in the App_Data folder by the POST action on this controller. Note two important things:
                 *
                 * 1. The CMS to be co-signed must be set using the method "SetCmsToCoSign", not the method "SetContentToSign" nor "SetFileToSign"
                 *
                 * 2. Since we're creating CMSs with encapsulated content (see call to SetEncapsulateContent below), we don't need to set the content
                 *    to be signed, REST PKI will get the content from the CMS being co-signed.
                 */
                signatureStarter.SetCmsToCoSign(Server.MapPath("~/App_Data/" + cmsfile.Replace("_", "."))); // Note: we're passing the filename argument with "." as "_" because of limitations of ASP.NET MVC

            } else {

                // If both userfile and cmsfile are null, this is the "signature with server file" case. We'll set the path of the file to be signed
                signatureStarter.SetFileToSign(Util.GetSampleDocPath());

            }

            // Call the StartWithWebPki() method, which initiates the signature. This yields the token, a 43-character
            // case-sensitive URL-safe string, which identifies this signature process. We'll use this value to call the
            // signWithRestPki() method on the Web PKI component (see javascript on the view) and also to complete the signature
            // on the POST action below (this should not be mistaken with the API access token).
            var token = signatureStarter.StartWithWebPki();

            // The token acquired above can only be used for a single signature attempt. In order to retry the signature it is
            // necessary to get a new token. This can be a problem if the user uses the back button of the browser, since the
            // browser might show a cached page that we rendered previously, with a now stale token. To prevent this from happening,
            // we call the method SetNoCacheHeaders() (in BaseController) which sets HTTP headers to prevent caching of the page.
            base.SetNoCacheHeaders();

            // Render the signature page with the token obtained from REST PKI
            return View(new CadesSignatureModel() {
                Token = token,
                UserFile = userfile,
                CmsFile = cmsfile
            });
        }
Exemple #4
0
        public async Task <string> Start(string userfile, string cmsfile)
        {
            var storage = new Storage(hostingEnvironment);
            var client  = Util.GetRestPkiClient(restPkiConfig);

            // Get an instance of the CadesSignatureStarter class, responsible for receiving the signature elements and start the
            // signature process
            var signatureStarter = new CadesSignatureStarter(client)
            {
                // Set the signature policy
                SignaturePolicyId = StandardCadesSignaturePolicies.PkiBrazil.AdrBasica,
                // Note: Depending on the signature policy chosen above, setting the security context below may be mandatory (this is not
                // the case for ICP-Brasil policies, which will automatically use the PkiBrazil security context if none is passed)

                // Optionally, set a SecurityContext to be used to determine trust in the certificate chain
                //SecurityContextId = new Guid("ID OF YOUR CUSTOM SECURITY CONTEXT"),
                // For instance, to use the test certificates on Lacuna Test PKI (for development purposes only!):
                //SecurityContextId = new Guid("803517ad-3bbc-4169-b085-60053a8f6dbf"),
            };

            // Below we'll either set the file to be signed or the CMS to be co-signed. Prefer passing a path or a stream instead of
            // the file's contents as a byte array to prevent memory allocation issues with large files.

            if (!string.IsNullOrEmpty(userfile))
            {
                // If the URL argument "userfile" is filled (signature with file uploaded by user). We'll set the file to be signed
                Stream userFileStream;
                if (!storage.TryOpenRead(userfile, out userFileStream))
                {
                    throw new Exception("File not found");
                }
                signatureStarter.SetContentToSign(userFileStream);
            }
            else if (!string.IsNullOrEmpty(cmsfile))
            {
                /*
                 * If the URL argument "cmsfile" is filled, the user has asked to co-sign a previously signed CMS. We'll set the CMS
                 * to be co-signed, which was perviously saved in the App_Data folder by the POST action on this controller. Note two important things:
                 *
                 * 1. The CMS to be co-signed must be set using the method "SetCmsToCoSign", not the method "SetContentToSign" nor "SetFileToSign"
                 *
                 * 2. Since we're creating CMSs with encapsulated content (see call to SetEncapsulateContent below), we don't need to set the content
                 *    to be signed, REST PKI will get the content from the CMS being co-signed.
                 */
                Stream cmsFileStream;
                if (!storage.TryOpenRead(cmsfile, out cmsFileStream))
                {
                    throw new Exception("File not found");
                }
                signatureStarter.SetCmsToCoSign(cmsFileStream);
            }
            else
            {
                // If both userfile and cmsfile are null, this is the "signature with server file" case. We'll set the path of the file to be signed
                signatureStarter.SetFileToSign(storage.GetSampleDocPath());
            }

            // Call the StartWithWebPkiAsync() method, which initiates the signature. This yields the token, a 43-character
            // case-sensitive URL-safe string, which identifies this signature process. We'll use this value to call the
            // signWithRestPki() method on the Web PKI component (see javascript on the angular controller) and also to complete
            // the signature on the POST action below (this should not be mistaken with the API access token).
            var token = await signatureStarter.StartWithWebPkiAsync();

            return(token);
        }
Exemple #5
0
        public ActionResult Index(string userfile, string cmsfile)
        {
            // Get an instance of the CadesSignatureStarter class, responsible for receiving the signature elements and start the
            // signature process
            var signatureStarter = new CadesSignatureStarter(Util.GetRestPkiClient())
            {
                // Set the signature policy
                SignaturePolicyId = StandardCadesSignaturePolicies.PkiBrazil.AdrBasica,

                // Optionally, set a SecurityContext to be used to determine trust in the certificate chain
                //SecurityContextId = StandardSecurityContexts.PkiBrazil,
                // Note: Depending on the signature policy chosen above, setting the security context may be mandatory (this is not
                // the case for ICP-Brasil policies, which will automatically use the PkiBrazil security context if none is passed)

                // Optionally, set whether the content should be encapsulated in the resulting CMS. If this parameter is ommitted,
                // the following rules apply:
                // - If no CmsToSign is given, the resulting CMS will include the content
                // - If a CmsToCoSign is given, the resulting CMS will include the content if and only if the CmsToCoSign also includes the content
                EncapsulateContent = true
            };

            if (!string.IsNullOrEmpty(userfile))
            {
                // If the URL argument "userfile" is filled, it means the user was redirected here by UploadController (signature with file uploaded by user).
                // We'll set the path of the file to be signed, which was saved in the App_Data folder by UploadController
                signatureStarter.SetFileToSign(Server.MapPath("~/App_Data/" + userfile.Replace("_", ".")));                 // Note: we're passing the filename argument with "." as "_" because of limitations of ASP.NET MVC
            }
            else if (!string.IsNullOrEmpty(cmsfile))
            {
                /*
                 * If the URL argument "cmsfile" is filled, the user has asked to co-sign a previously signed CMS. We'll set the path to the CMS
                 * to be co-signed, which was perviously saved in the App_Data folder by the POST action on this controller. Note two important things:
                 *
                 * 1. The CMS to be co-signed must be set using the method "SetCmsToCoSign", not the method "SetContentToSign" nor "SetFileToSign"
                 *
                 * 2. Since we're creating CMSs with encapsulated content (see call to SetEncapsulateContent below), we don't need to set the content
                 *    to be signed, REST PKI will get the content from the CMS being co-signed.
                 */
                signatureStarter.SetCmsToCoSign(Server.MapPath("~/App_Data/" + cmsfile.Replace("_", ".")));                 // Note: we're passing the filename argument with "." as "_" because of limitations of ASP.NET MVC
            }
            else
            {
                // If both userfile and cmsfile are null, this is the "signature with server file" case. We'll set the path of the file to be signed
                signatureStarter.SetFileToSign(Util.GetSampleDocPath());
            }

            // Call the StartWithWebPki() method, which initiates the signature. This yields the token, a 43-character
            // case-sensitive URL-safe string, which identifies this signature process. We'll use this value to call the
            // signWithRestPki() method on the Web PKI component (see javascript on the view) and also to complete the signature
            // on the POST action below (this should not be mistaken with the API access token).
            var token = signatureStarter.StartWithWebPki();

            // The token acquired above can only be used for a single signature attempt. In order to retry the signature it is
            // necessary to get a new token. This can be a problem if the user uses the back button of the browser, since the
            // browser might show a cached page that we rendered previously, with a now stale token. To prevent this from happening,
            // we call the method SetNoCacheHeaders() (in BaseController) which sets HTTP headers to prevent caching of the page.
            base.SetNoCacheHeaders();

            // Render the signature page with the token obtained from REST PKI
            return(View(new CadesSignatureModel()
            {
                Token = token,
                UserFile = userfile,
                CmsFile = cmsfile
            }));
        }