Exemple #1
0
        private async void signButtonClick(object sender, RoutedEventArgs e)
        {
            //var progressDialog = await this.ShowProgressAsync("Please wait...", "Signing");
            Pkcs11CertificateStore p11Store = null;

            addLog($"Signature process begin");
            progressBar.Value = 10;
            try {
                var signatureStarter = new PadesSignatureStarter(restPkiClient)
                {
                    // Set the unit of measurement used to edit the pdf marks and visual representations
                    MeasurementUnits = PadesMeasurementUnits.Centimeters,
                    // Set the signature policy
                    SignaturePolicyId = StandardPadesSignaturePolicies.Basic,
                    // Set a SecurityContext to be used to determine trust in the certificate chain
                    SecurityContextId = Guid.Parse("803517ad-3bbc-4169-b085-60053a8f6dbf"),
                    //SecurityContextId =StandardSecurityContexts.PkiBrazil,
                    // Note: this SecurityContext above accept unsecured certificates. You can create custom security context on the Rest PKI website.

                    // Set a visual representation for the signature
                    VisualRepresentation = createVisualRepresentation()
                };

                progressBar.Value = 15;

                // If the user was redirected here by UploadController (signature with file uploaded by user), the "userfile" URL argument
                // will contain the filename under the "App_Data" folder. Otherwise (signature with server file), we'll sign a sample
                // document.
                if (string.IsNullOrEmpty(FileToSign))
                {
                    // Set the PDF to be signed as a byte array
                    signatureStarter.SetPdfToSign(Signer.Resources.SampleDocument);
                }
                else
                {
                    // Set the path of the file to be signed
                    addLog($"file size {(new FileInfo(FileToSign).Length / 1024.0).ToString("0.00")} KBytes");
                    signatureStarter.SetPdfToSign(FileToSign);
                }

                /*
                 *      Optionally, add marks to the PDF before signing. These differ from the signature visual representation in that
                 *      they are actually changes done to the document prior to signing, not binded to any signature. Therefore, any number
                 *      of marks can be added, for instance one per page, whereas there can only be one visual representation per signature.
                 *      However, since the marks are in reality changes to the PDF, they can only be added to documents which have no previous
                 *      signatures, otherwise such signatures would be made invalid by the changes to the document (see property
                 *      PadesSignatureStarter.BypassMarksIfSigned). This problem does not occurr with signature visual representations.
                 *
                 *      We have encapsulated this code in a method to include several possibilities depending on the argument passed.
                 *      Experiment changing the argument to see different examples of PDF marks. Once you decide which is best for your case,
                 *      you can place the code directly here.
                 */
                signatureStarter.PdfMarks.Add(PadesVisualElements.GetPdfMark(1));

                // Call the StartWithWebPki() method, which initiates the signature. This yields the token, a 43-character
                // case-sensitive URL-safe string, which identifies this signature process. We'll use this value to call the
                // signWithRestPki() method on the Web PKI component (see javascript on the view) and also to complete the signature
                // on the POST action below (this should not be mistaken with the API access token).

                // Find selected certificate with key
                // --------------------------------------------------------------
                PKCertificateWithKey certWithKey = null;
                var selectedThumbprint           = (CertificatesCB.SelectedItem as ComboCertificate).Certificate.ThumbprintSHA256;

                p11Store = Pkcs11CertificateStore.Load(getPkcs11Modules(), new P11LoginProvider());
                // search on pkcs11 store
                if (findCertificate(p11Store.GetCertificatesWithKey(), selectedThumbprint, out certWithKey))
                {
                }
                else if (findCertificate(WindowsCertificateStore.LoadPersonalCurrentUser().GetCertificatesWithKey(), selectedThumbprint, out certWithKey))
                {
                }
                else
                {
                    throw new Exception("Selected certificate not found");
                }
                // --------------------------------------------------------------
                signatureStarter.SetSignerCertificate(certWithKey.Certificate.EncodedValue);

                progressBar.Value = 30;
                addLog($"Step 1: Start Signature");
                var sw = Stopwatch.StartNew();
                Token = await signatureStarter.StartAsync();

                sw.Stop();
                addLog($"Step 1: Signature Started, elapsed {sw.Elapsed.TotalSeconds:N1}s");
                progressBar.Value = 50;

                addLog($"Signing with {certWithKey.Certificate.SubjectDisplayName}");
                var signature = certWithKey.SignData(Lacuna.Pki.DigestAlgorithm.GetInstanceByOid(Token.DigestAlgorithmOid), Token.ToSignData);
                addLog($"Signed");

                progressBar.Value = 70;
                var signatureFinisher = new PadesSignatureFinisher2(restPkiClient)
                {
                    Token     = Token.Token,
                    Signature = signature
                };
                sw = Stopwatch.StartNew();
                // Call the Finish() method, which finalizes the signature process and returns a SignatureResult object
                addLog($"Step 2: Finish Signature");
                var signatureResult = await signatureFinisher.FinishAsync();

                sw.Stop();
                addLog($"Step 2: Signature Finished, elapsed {sw.Elapsed.TotalSeconds:N1}s");

                SignedFile = System.IO.Path.Combine(Path.GetDirectoryName(FileToSign), Path.GetFileNameWithoutExtension(FileToSign) + "-signed" + Path.GetExtension(FileToSign));
                signatureResult.WriteToFile(SignedFile);
                //BusyIndicator.IsBusy = false;
                progressBar.Value          = 100;
                OpenFileSignedBt.IsEnabled = true;
                addLog($"File signed: {SignedFile}");
            } catch (Exception ex) {
                addLog(ex.ToString());
            } finally {
                if (p11Store != null)
                {
                    p11Store.Dispose();
                }
            }
            progressBar.Value = 0;
        }
Exemple #2
0
        public async Task <ActionResult> Start(BatchSignatureStartRequest request)
        {
            // Recover the batch information based on its ID, which contains the user's certificate.
            var batchInfo = batches[request.BatchId];

            // Get an instance of the PadesSignatureStarter class, responsible for receiving the signature
            // elements and start the signature process.
            var signatureStarter = new PadesSignatureStarter(Util.GetRestPkiClient())
            {
                // Set the user's certificate. Notice that this step is not necessary on the regular batch
                // signature example. This enhances the performance of the batch processing.
                SignerCertificate = Convert.FromBase64String(batchInfo.Certificate),

                // Set the signature policy.
                SignaturePolicyId = StandardPadesSignaturePolicies.Basic,

                // Set a SecurityContext to be used to determine trust in the certificate chain. We have
                // encapsulated the security context choice on Util.cs.
                SecurityContextId = Util.GetSecurityContextId(),

                // Set a visual representation for the signature.
                VisualRepresentation = new PadesVisualRepresentation()
                {
                    // The tags {{name}} and {{national_id}} will be substituted according to the user's
                    // certificate:
                    //
                    //      name        : Full name of the signer;
                    //      national_id : If the certificate is ICP-Brasil, contains the signer's CPF.
                    //
                    // For a full list of the supported tags, see:
                    // https://github.com/LacunaSoftware/RestPkiSamples/blob/master/PadesTags.md
                    Text = new PadesVisualText("Signed by {{name}} ({{national_id}})")
                    {
                        // Specify that the signing time should also be rendered.
                        IncludeSigningTime = true,

                        // Optionally set the horizontal alignment of the text ('Left' or 'Right'), if not
                        // set the default is Left.
                        HorizontalAlign = PadesTextHorizontalAlign.Left
                    },

                    // We'll use as background the image in Content/PdfStamp.png.
                    Image = new PadesVisualImage(Util.GetPdfStampContent(), "image/png")
                    {
                        // Opacity is an integer from 0 to 100 (0 is completely transparent, 100 is
                        // completely opaque).
                        Opacity = 50,

                        // Align the image to the right.
                        HorizontalAlign = PadesHorizontalAlign.Right
                    },

                    // Position of the visual representation. We have encapsulated this code in a method to
                    // include several possibilities depending on the argument passed. Experiment changing
                    // the argument to see different examples of signature positioning. Once you decide which
                    // is best for your case, you can place the code directly here.
                    Position = PadesVisualElements.GetVisualPositioning(1)
                }
            };

            // Set the document to be signed based on its ID. (passed to us from the page)
            signatureStarter.SetPdfToSign(Util.GetBatchDocPath(request.DocumentId));

            // Call the Start() method, which initiates the signature. Notice that, on the regular signature
            // example, we call the StartWithRestPki() method, which is simpler but with worse performance.
            // The Start() method will yield not only the token, a 43-character case-sensitive URL-safe
            // string which identifies this signature process, but also the data that should be used to call
            // the signHash() function on the Web PKI component (instead of the signWithRestPki() function,
            // which is also simpler but far slower).
            var signatureParams = await signatureStarter.StartAsync();

            // Notice: it is not necessary to call SetNoCacheHeaders() because this action is a POST action,
            // therefore no caching of the response will be made by browsers.

            // Return a JSON with the token obtained from REST PKI, along with the parameters for the
            // signHash() call. (the page will use jQuery to decode this value)
            var response = new BatchSignatureStartResponse()
            {
                Token              = signatureParams.Token,
                ToSignHash         = Convert.ToBase64String(signatureParams.ToSignHash),
                DigestAlgorithmOid = signatureParams.DigestAlgorithmOid
            };

            return(Json(response));
        }
Exemple #3
0
        public async Task <ActionResult> Index(SignatureStartModel model)
        {
            ClientSideSignatureInstructions signatureParams;

            try {
                // Get an instance of the PadesSignatureStarter class, responsible for receiving the
                // signature elements and start the signature process.
                var signatureStarter = new PadesSignatureStarter(Util.GetRestPkiClient())
                {
                    // Set the unit of measurement used to edit the pdf marks and visual representations.
                    MeasurementUnits = PadesMeasurementUnits.Centimeters,

                    // Set the signature policy.
                    SignaturePolicyId = StandardPadesSignaturePolicies.Basic,

                    // Set a SecurityContext to be used to determine trust in the certificate chain.
                    SecurityContextId = Util.GetSecurityContextId(),

                    // Set a visual representation for the signature.
                    VisualRepresentation = new PadesVisualRepresentation()
                    {
                        // The tags {{name}} and {{national_id}} will be substituted according to the user's
                        // certificate:
                        //
                        //		name        : Full name of the signer;
                        //		national_id : If the certificate is ICP-Brasil, contains the signer's CPF.
                        //
                        // For a full list of the supported tags, see:
                        // https://github.com/LacunaSoftware/RestPkiSamples/blob/master/PadesTags.md
                        Text = new PadesVisualText("Signed by {{name}} ({{national_id}})")
                        {
                            // Specify that the signing time should also be rendered.
                            IncludeSigningTime = true,

                            // Optionally set the horizontal alignment of the text ('Left' or 'Right'), if
                            // not set the default is Left.
                            HorizontalAlign = PadesTextHorizontalAlign.Left
                        },

                        // We'll use as background the image in Content/PdfStamp.png.
                        Image = new PadesVisualImage(Util.GetPdfStampContent(), "image/png")
                        {
                            // Opacity is an integer from 0 to 100. (0 is completely transparent, 100 is
                            // completely opaque)
                            Opacity = 50,

                            // Align the image to the right.
                            HorizontalAlign = PadesHorizontalAlign.Right
                        },

                        // Position of the visual representation. We have encapsulated this code in a method
                        // to include several possibilities depending on the argument passed. Experiment
                        // changing the argument to see different examples of signature positioning. Once you
                        // decide which is best for your case, you can place the code directly here.
                        Position = PadesVisualElements.GetVisualPositioning(1)
                    }
                };

                // Set certificate's content. (received from a hidden field on the form submission, its value
                // is filled on javascript, see signature-start-form.js)
                signatureStarter.SetSignerCertificate(model.CertContent);

                // Set PDF to be signed.
                signatureStarter.SetPdfToSign(Util.GetSampleDocPath());

                /*
                 *                  Optionally, add marks to the PDF before signing. These differ from the signature visual
                 *  representation in that they are actually changes done to the document prior to signing,
                 *  not binded to any signature. Therefore, any number of marks can be added, for instance
                 *  one per page, whereas there can only be one visual representation per signature. However,
                 *  since the marks are in reality changes to the PDF, they can only be added to documents
                 *  which have no previous signatures, otherwise such signatures would be made invalid by the
                 *  changes to the document (see property PadesSignatureStarter.BypassMarksIfSigned). This
                 *  problem does not occurr with signature visual representations.
                 *
                 *                  We have encapsulated this code in a method to include several possibilities depending on
                 *  the argument passed. Experiment changing the argument to see different examples of PDF
                 *  marks. Once you decide which is best for your case, you can place the code directly here.
                 */
                //signatureStarter.PdfMarks.Add(PadesVisualElements.GetPdfMark(1));

                // Call the StartAsync() method, which initiates the signature. This yields the parameters
                // for the signature using the certificates.
                signatureParams = await signatureStarter.StartAsync();
            } catch (ValidationException ex) {
                // Return to Index view rendering the error message.
                ModelState.AddModelError("", ex.Message);
                return(View());
            }

            // On the next step (Complete action), we'll need once again some information:
            // - The token that identifies the signature process on REST PKI service.
            // - The thumbprint of the selected certificate.
            // - The "to-sign-hash" to be signed. (see signature-complete-form.js)
            // - The OID of the digest algorithm to be used during the signature operation.
            // We'll store these values on TempData, which is a dictionary shared between actions.
            TempData["SignatureCompleteModel"] = new SignatureCompleteModel()
            {
                Token              = signatureParams.Token,
                CertThumb          = model.CertThumb,
                ToSignHash         = signatureParams.ToSignHash,
                DigestAlgorithmOid = signatureParams.DigestAlgorithmOid
            };

            return(RedirectToAction("Complete"));
        }
Exemple #4
0
        private async void signButtonClick(object sender, RoutedEventArgs e)
        {
            var progressDialog = await this.ShowProgressAsync("Please wait...", "Signing");

            addLog($"Signature started");
            progressDialog.SetProgress(0.10);
            try {
                var signatureStarter = new PadesSignatureStarter(restPkiClient)
                {
                    // Set the unit of measurement used to edit the pdf marks and visual representations
                    MeasurementUnits = PadesMeasurementUnits.Centimeters,
                    // Set the signature policy
                    SignaturePolicyId = StandardPadesSignaturePolicies.Basic,
                    // Set a SecurityContext to be used to determine trust in the certificate chain
                    SecurityContextId = Guid.Parse("803517ad-3bbc-4169-b085-60053a8f6dbf"),
                    //SecurityContextId =StandardSecurityContexts.PkiBrazil,
                    // Note: this SecurityContext above accept unsecured certificates. You can create custom security context on the Rest PKI website.

                    // Set a visual representation for the signature
                    VisualRepresentation = new PadesVisualRepresentation()
                    {
                        // The tags {{name}} and {{national_id}} will be substituted according to the user's certificate
                        //
                        //		name        : full name of the signer
                        //		national_id : if the certificate is ICP-Brasil, contains the signer's CPF
                        //
                        // For a full list of the supported tags, see: https://github.com/LacunaSoftware/RestPkiSamples/blob/master/PadesTags.md
                        Text = new PadesVisualText("Signed by {{name}} ({{national_id}})")
                        {
                            // Specify that the signing time should also be rendered
                            IncludeSigningTime = true,

                            // Optionally set the horizontal alignment of the text ('Left' or 'Right'), if not set the default is Left
                            HorizontalAlign = PadesTextHorizontalAlign.Left
                        },

                        // We'll use as background the image in Content/PdfStamp.png
                        Image = new PadesVisualImage(Signer.Resources.PdfStamp_png, "image/png")
                        {
                            // Opacity is an integer from 0 to 100 (0 is completely transparent, 100 is completely opaque).
                            Opacity = 50,

                            // Align the image to the right
                            HorizontalAlign = PadesHorizontalAlign.Right
                        },

                        // Position of the visual representation. We have encapsulated this code in a method to include several
                        // possibilities depending on the argument passed. Experiment changing the argument to see different examples
                        // of signature positioning. Once you decide which is best for your case, you can place the code directly here.
                        Position = PadesVisualElements.GetVisualPositioning(restPkiClient, 1)
                    },
                };

                var cert        = CertificatesCB.SelectedItem as Cert;
                var certificate = getCertificate(cert.Thumbprint);
                signatureStarter.SetSignerCertificate(certificate.GetRawCertData());
                progressDialog.SetProgress(0.15);

                // If the user was redirected here by UploadController (signature with file uploaded by user), the "userfile" URL argument
                // will contain the filename under the "App_Data" folder. Otherwise (signature with server file), we'll sign a sample
                // document.
                if (string.IsNullOrEmpty(FileToSign))
                {
                    // Set the PDF to be signed as a byte array
                    signatureStarter.SetPdfToSign(Signer.Resources.SampleDocument);
                }
                else
                {
                    // Set the path of the file to be signed
                    addLog($"file size {new FileInfo(FileToSign).Length / 1024}kBytes");
                    signatureStarter.SetPdfToSign(FileToSign);
                }

                /*
                 *      Optionally, add marks to the PDF before signing. These differ from the signature visual representation in that
                 *      they are actually changes done to the document prior to signing, not binded to any signature. Therefore, any number
                 *      of marks can be added, for instance one per page, whereas there can only be one visual representation per signature.
                 *      However, since the marks are in reality changes to the PDF, they can only be added to documents which have no previous
                 *      signatures, otherwise such signatures would be made invalid by the changes to the document (see property
                 *      PadesSignatureStarter.BypassMarksIfSigned). This problem does not occurr with signature visual representations.
                 *
                 *      We have encapsulated this code in a method to include several possibilities depending on the argument passed.
                 *      Experiment changing the argument to see different examples of PDF marks. Once you decide which is best for your case,
                 *      you can place the code directly here.
                 */
                signatureStarter.PdfMarks.Add(PadesVisualElements.GetPdfMark(1));

                // Call the StartWithWebPki() method, which initiates the signature. This yields the token, a 43-character
                // case-sensitive URL-safe string, which identifies this signature process. We'll use this value to call the
                // signWithRestPki() method on the Web PKI component (see javascript on the view) and also to complete the signature
                // on the POST action below (this should not be mistaken with the API access token).

                progressDialog.SetProgress(0.20);
                addLog($"Step One Started");
                var sw = new Stopwatch();
                sw.Start();
                Token = await signatureStarter.StartAsync();

                sw.Stop();
                addLog($"Step One finished,elapsed {sw.Elapsed.TotalSeconds:N1}s");
                progressDialog.SetProgress(0.40);
                byte[] signature;
                using (RSA rsa = certificate.GetRSAPrivateKey()) {
                    HashAlgorithmName hashAlgorithm;
                    switch (Token.DigestAlgorithm.ApiModel)
                    {
                    case DigestAlgorithms.MD5:
                        hashAlgorithm = HashAlgorithmName.MD5;
                        break;

                    case DigestAlgorithms.SHA1:
                        hashAlgorithm = HashAlgorithmName.SHA1;
                        break;

                    case DigestAlgorithms.SHA256:
                        hashAlgorithm = HashAlgorithmName.SHA256;
                        break;

                    case DigestAlgorithms.SHA384:
                        hashAlgorithm = HashAlgorithmName.SHA384;
                        break;

                    case DigestAlgorithms.SHA512:
                        hashAlgorithm = HashAlgorithmName.SHA512;
                        break;

                    default:
                        throw new ArgumentOutOfRangeException();
                    }
                    signature = rsa.SignData(Token.ToSignData, hashAlgorithm, RSASignaturePadding.Pkcs1);

                    var signatureFinisher = new PadesSignatureFinisher2(restPkiClient)
                    {
                        Token     = Token.Token,
                        Signature = signature
                    };
                    progressDialog.SetProgress(0.50);

                    // Call the Finish() method, which finalizes the signature process and returns a SignatureResult object
                    sw.Reset();
                    sw.Start();
                    var signatureResult = await signatureFinisher.FinishAsync();

                    sw.Stop();
                    addLog($"Step two finished,elapsed {sw.Elapsed.TotalSeconds:N1}s");


                    SignedFile = System.IO.Path.Combine(Path.GetDirectoryName(FileToSign),
                                                        Path.GetFileNameWithoutExtension(FileToSign) + "Signed" + Path.GetExtension(FileToSign));
                    signatureResult.WriteToFile(SignedFile);
                    //BusyIndicator.IsBusy = false;
                    progressDialog.SetProgress(0.99);
                    OpenFileSignedBt.IsEnabled = true;
                    addLog($"Signarure finished");
                }
            } catch (Exception ex) {
                addLog(ex.ToString());
            }
            await progressDialog.CloseAsync();
        }