public ActionResult SignCodComplete(SignatureCompleteModel model)
        {
            byte[] signatureContent;

            try {
                var signer = new XmlElementSigner();

                // Set the document to be signed and the policy, exactly like in the SignCod method
                signer.SetXml(Storage.GetSampleCodEnvelope());
                signer.SetPolicy(getSignaturePolicy());

                // Set the signature computed on the client-side, along with the "transfer data"
                signer.SetPrecomputedSignature(model.Signature, model.TransferData);

                // It is not necessary to set the signing certificate nor the element ID to be signed, both are contained in the "transfer data"

                // Call ComputeSignature(), which validates the signature of the "to-sign-hash" and finishes the signature process
                signer.ComputeSignature();

                // Get the signed XML as an array of bytes
                signatureContent = signer.GetSignedXml();
            } catch (ValidationException ex) {
                // Some of the operations above may throw a ValidationException, for instance if the certificate is revoked.
                ModelState.AddModelError("", ex.ValidationResults.ToString());
                return(View());
            }

            // Store the signature file on the folder "App_Data/" and redirect to the SignCodResult action with the filename.
            var filename = Storage.StoreFile(signatureContent, ".xml");

            return(RedirectToAction("SignCodResult", new SignatureInfoModel()
            {
                Filename = filename
            }));
        }
        public ActionResult SignCodeh(string id, SignatureStartModel model)
        {
            // Recover XML envelope with signed COD element from "storage" based on its ID
            byte[] content;
            string extension;

            if (!Storage.TryGetFile(id, out content, out extension))
            {
                return(HttpNotFound());
            }

            byte[]             toSignHash, transferData;
            SignatureAlgorithm signatureAlg;

            try {
                // Instantiate a CadesSigner class
                var signer = new XmlElementSigner();

                // Set the XML to sign
                signer.SetXml(content);

                // Set the ID of the CODEH element
                signer.SetToSignElementId("CODEH");

                // Decode the user's certificate and set as the signer certificate
                signer.SetSigningCertificate(PKCertificate.Decode(model.CertContent));

                // Set the signature policy
                signer.SetPolicy(getSignaturePolicy());

                // Generate the "to-sign-hash". This method also yields the signature algorithm that must
                // be used on the client-side, based on the signature policy.
                toSignHash = signer.GenerateToSignHash(out signatureAlg, out transferData);
            } catch (ValidationException ex) {
                // Some of the operations above may throw a ValidationException, for instance if the certificate
                // encoding cannot be read or if the certificate is expired.
                ModelState.AddModelError("", ex.ValidationResults.ToString());
                return(View());
            }

            // On the next step (SignCodehComplete action), we'll need once again some information:
            // - The thumpprint of the selected certificate
            // - The "to-sign-hash"
            // - The OID of the digest algorithm to be used during the signature operation
            // - The "transfer data"
            TempData["SignatureCompleteModel"] = new SignatureCompleteModel()
            {
                CertThumb          = model.CertThumb,
                ToSignHash         = toSignHash,
                DigestAlgorithmOid = signatureAlg.DigestAlgorithm.Oid,
                TransferData       = transferData
            };

            return(RedirectToAction("SignCodehComplete", new { id }));
        }
Exemple #3
0
        public ActionResult SignCodehComplete(string id, SignatureCompleteModel model)
        {
            // Recover XML envelope with signed COD element from "storage" based on its ID
            byte[] content;
            if (!StorageMock.TryGetFile(id, out content))
            {
                return(HttpNotFound());
            }

            byte[] signatureContent;

            try {
                // Recover the "transfer data" content stored in a temporary file.
                byte[] transferDataContent;
                if (!StorageMock.TryGetFile(model.TransferDataFileId, out transferDataContent))
                {
                    return(HttpNotFound());
                }

                // Get an instance of the XmlElementSigner class.
                var signer = new XmlElementSigner();

                // Set the document to be signed and the policy, exactly like in the SignCodeh method
                signer.SetXml(content);
                signer.SetPolicy(getSignaturePolicy());

                // Set the signature computed on the client-side, along with the "transfer data"
                signer.SetPrecomputedSignature(model.Signature, transferDataContent);

                // Call ComputeSignature(), which validates the signature of the "to-sign-hash" and finishes the signature process
                signer.ComputeSignature();

                // Get the signed XML as an array of bytes
                signatureContent = signer.GetSignedXml();
            } catch (ValidationException ex) {
                // Some of the operations above may throw a ValidationException, for instance if the certificate is revoked.
                ModelState.AddModelError("", ex.ValidationResults.ToString());
                return(View());
            }

            // On the next step (SignatureInfo action), we'll render the following information:
            // - The filename to be available to download in next action.
            // We'll store these values on TempData, which is a dictionary shared between actions.
            TempData["SignatureInfoModel"] = new SignatureInfoModel()
            {
                // Store the signature file on the folder "App_Data/" and redirect to the SignCodehResult action with the filename.
                File = StorageMock.Store(signatureContent, ".xml")
            };

            return(RedirectToAction("SignCodehSignatureInfo"));
        }
        public ActionResult Index(SignatureStartModel model)
        {
            byte[]             toSignHash, transferData;
            SignatureAlgorithm signatureAlg;

            try {
                // Instantiate a XmlElementSigner class
                var signer = new XmlElementSigner();

                // Set the data to sign, which in the case of this example is a fixed sample document
                signer.SetXml(Storage.GetSampleNFeContent());

                // static Id from node <infNFe> from SampleNFe.xml document
                signer.SetToSignElementId("NFe35141214314050000662550010001084271182362300");

                // Decode the user's certificate and set as the signer certificate
                signer.SetSigningCertificate(PKCertificate.Decode(model.CertContent));

                // Set the signature policy
                signer.SetPolicy(getSignaturePolicy());

                // Generate the "to-sign-hash". This method also yields the signature algorithm that must
                // be used on the client-side, based on the signature policy.
                toSignHash = signer.GenerateToSignHash(out signatureAlg, out transferData);
            } catch (ValidationException ex) {
                // Some of the operations above may throw a ValidationException, for instance if the certificate
                // encoding cannot be read or if the certificate is expired.
                ModelState.AddModelError("", ex.ValidationResults.ToString());
                return(View());
            }

            // On the next step (Complete action), we'll need once again some information:
            // - The content of the selected certificate only used to render the user's certificate information
            //  after the signature is completed. It is no longer needed for the signature process.
            // - The thumpprint of the selected certificate.
            // - The "transfer data" used to validate the signature in complete action.
            // - The "to-sign-hash" to be signed. (see signature-complete-form.js)
            // - The OID of the digest algorithm to be used during the signature operation.
            // We'll store this value on TempData, that will store in dictionary shared between actions.
            TempData["SignatureCompleteModel"] = new SignatureCompleteModel()
            {
                CertContent        = model.CertContent,
                CertThumb          = model.CertThumb,
                TransferData       = transferData,
                ToSignHash         = toSignHash,
                DigestAlgorithmOid = signatureAlg.DigestAlgorithm.Oid
            };

            return(RedirectToAction("Complete"));
        }
Exemple #5
0
        public IHttpActionResult Start(SignatureStartRequest request)
        {
            byte[]             toSignHash, transferData;
            SignatureAlgorithm signatureAlg;

            try {
                // Decode the user's certificate
                var cert = PKCertificate.Decode(request.Certificate);

                // Instantiate a XmlElementSigner class
                var signer = new XmlElementSigner();

                // Set the data to sign, which in the case of this example is a fixed sample document
                signer.SetXml(Storage.GetSampleNFeContent());

                // static Id from node <infNFe> from SampleNFe.xml document
                signer.SetToSignElementId("NFe35141214314050000662550010001084271182362300");

                // Set the signer certificate decoded
                signer.SetSigningCertificate(cert);

                // Set the signature policy
                signer.SetPolicy(getSignaturePolicy());

                // Generate the "to-sign-hash". This method also yields the signature algorithm that must
                // be used on the client-side, based on the signature policy. As well as the "transfer data",
                // a byte-array that will be needed on the next step.
                toSignHash = signer.GenerateToSignHash(out signatureAlg, out transferData);
            } catch (ValidationException ex) {
                // Some of the operations above may throw a ValidationException, for instance if the certificate
                // encoding cannot be read or if the certificate is expired.
                return(new ResponseMessageResult(Request.CreateResponse(HttpStatusCode.BadRequest, new ValidationErrorModel(ex.ValidationResults))));
            }

            // Create response with some informations that we'll use on Complete action and on client-side.
            var response = new SignatureStartResponse()
            {
                // The "transfer data" for Xml signatyures are not so big. Therefore, we can easily send it as one of
                // response fields.
                TransferData = transferData,

                // Send to the javascript the "to sign hash" of the document and the digest algorithm that must
                // be used on the signature algorithm computation
                ToSignHash         = toSignHash,
                DigestAlgorithmOid = signatureAlg.DigestAlgorithm.Oid
            };

            return(Ok(response));
        }
Exemple #6
0
        public ActionResult Index(SignatureStartModel model)
        {
            byte[]             toSignHash, transferData;
            SignatureAlgorithm signatureAlg;

            try {
                // Instantiate a CadesSigner class
                var signer = new XmlElementSigner();

                // Set the data to sign, which in the case of this example is a fixed sample "COD envelope"
                signer.SetXml(StorageMock.GetSampleCodEnvelopeContent());

                // Set the ID of the COD element
                signer.SetToSignElementId("COD");

                // Decode the user's certificate and set as the signer certificate
                signer.SetSigningCertificate(PKCertificate.Decode(model.CertContent));

                // Set the signature policy
                signer.SetPolicy(getSignaturePolicy());

                // Generate the "to-sign-hash". This method also yields the signature algorithm that must
                // be used on the client-side, based on the signature policy.
                toSignHash = signer.GenerateToSignHash(out signatureAlg, out transferData);
            } catch (ValidationException ex) {
                // Some of the operations above may throw a ValidationException, for instance if the certificate
                // encoding cannot be read or if the certificate is expired.
                ModelState.AddModelError("", ex.ValidationResults.ToString());
                return(View());
            }

            // On the next step (SignCodComplete action), we'll need once again some information:
            // - The thumpprint of the selected certificate
            // - The "to-sign-hash"
            // - The OID of the digest algorithm to be used during the signature operation
            // - The "transfer data" used to validate the signature in complete action.Its content is stored in
            //   a temporary file (with extension .bin) to be shared with the Complete action.
            TempData["SignatureCompleteModel"] = new SignatureCompleteModel()
            {
                CertThumb          = model.CertThumb,
                ToSignHash         = toSignHash,
                DigestAlgorithmOid = signatureAlg.DigestAlgorithm.Oid,
                TransferDataFileId = StorageMock.Store(transferData, ".bin"),
            };

            return(RedirectToAction("Complete"));
        }
Exemple #7
0
        public ActionResult Complete(SignatureCompleteModel model)
        {
            byte[] signatureContent;

            try {
                // Recover the "transfer data" content stored in a temporary file.
                byte[] transferDataContent;
                if (!StorageMock.TryGetFile(model.TransferDataFileId, out transferDataContent))
                {
                    return(HttpNotFound());
                }

                // Instantiate a XmlElementSigner class
                var signer = new XmlElementSigner();

                // Set the document to be signed and the policy, exactly like in the Start method
                signer.SetXml(StorageMock.GetSampleNFeContent());
                signer.SetPolicy(getSignaturePolicy());

                // Set the signature computed on the client-side, along with the "transfer data" (rendered in a hidden field, see the view)
                signer.SetPrecomputedSignature(model.Signature, transferDataContent);

                // Call ComputeSignature(), which does all the work, including validation of the signer's certificate and of the resulting signature
                signer.ComputeSignature();

                // Get the signed XML as an array of bytes
                signatureContent = signer.GetSignedXml();
            } catch (ValidationException ex) {
                // Some of the operations above may throw a ValidationException, for instance if the certificate is revoked.
                ModelState.AddModelError("", ex.ValidationResults.ToString());
                return(View());
            }

            // On the next step (SignatureInfo action), we'll render the following information:]
            // - The filename to be available to download in next action.
            // - The signer's certificate information to be rendered.
            // We'll store these values on TempData, which is a dictionary shared between actions.
            TempData["SignatureInfoModel"] = new SignatureInfoModel()
            {
                // Store the signature file on the folder "App_Data/" and redirects to the SignatureInfo action with the filename.
                // With this filename, it can show a link to download the signature file.
                File = StorageMock.Store(signatureContent, ".xml")
            };

            return(RedirectToAction("SignatureInfo"));
        }
Exemple #8
0
        protected void SubmitCertificateButton_Click(object sender, EventArgs e)
        {
            byte[]             toSignHash, transferData;
            SignatureAlgorithm signatureAlg;

            try {
                // Decode the user's certificate.
                var cert = PKCertificate.Decode(Convert.FromBase64String(CertificateField.Value));

                // Instantiate a XmlElementSigner class.
                var signer = new XmlElementSigner();

                // Set the data to sign, which in the case of this example is a fixed sample document.
                signer.SetXml(Storage.GetSampleNFeContent());

                // static Id from node <infNFe> from SampleNFe.xml document.
                signer.SetToSignElementId("NFe35141214314050000662550010001084271182362300");

                // Set as the signer certificate.
                signer.SetSigningCertificate(cert);

                // Set the signature policy.
                signer.SetPolicy(getSignaturePolicy());

                // Generate the "to-sign-hash". This method also yields the signature algorithm that must
                // be used on the client-side, based on the signature policy. as well as the "transfer data",
                // a byte-array that will be needed on the next step.
                toSignHash = signer.GenerateToSignHash(out signatureAlg, out transferData);
            }
            catch (ValidationException ex) {
                // Some of the operations above may throw a ValidationException, for instance if the certificate
                // encoding cannot be read or if the certificate is expired.
                ex.ValidationResults.Errors.ForEach(ve => ModelState.AddModelError("", ve.ToString()));
                return;
            }

            // The "transfer data" for Xml signatures are not so big. Therefore, we can easily store it in a
            // hidden field.
            TransferDataField.Value = Convert.ToBase64String(transferData);

            // Send to the javascript the "to sign hash" of the document and the digest algorithm that must
            // be used on the signature algorithm computation.
            ToSignHashField.Value      = Convert.ToBase64String(toSignHash);
            DigestAlgorithmField.Value = signatureAlg.DigestAlgorithm.Oid;
        }
Exemple #9
0
        protected void SubmitSignatureButton_Click(object sender, EventArgs e)
        {
            byte[] signatureContent;

            try {
                // Instantiate a XmlElementSigner class.
                var signer = new XmlElementSigner();

                // Set the document to be signed and the policy, exactly like in the previous event
                // (SubmitCertificateButton_Click).
                signer.SetXml(Storage.GetSampleNFeContent());
                signer.SetPolicy(getSignaturePolicy());

                // Set the signature computed on the client-side, along with the "transfer data".
                signer.SetPrecomputedSignature(Convert.FromBase64String(SignatureField.Value), Convert.FromBase64String(TransferDataField.Value));

                // Call ComputeSignature(), which does all the work, including validation of the signer's
                // certificate and of the resulting signature.
                signer.ComputeSignature();

                // Get the signed XML as an array of bytes
                signatureContent = signer.GetSignedXml();
            }
            catch (ValidationException ex) {
                // Some of the operations above may throw a ValidationException, for instance if the certificate
                // is revoked.
                ex.ValidationResults.Errors.ForEach(ve => ModelState.AddModelError("", ve.ToString()));
                CertificateField.Value = "";
                ToSignHashField.Value  = "";
                return;
            }

            // Pass the following fields to be used on XmlElementSignatureInfo page:
            // - The signature file will be stored on the folder "App_Data/". Its name will be passed by
            //   SignatureFile field.
            // - The user's certificate
            this.SignatureFile = Storage.StoreFile(signatureContent, ".xml");
            this.Certificate   = PKCertificate.Decode(Convert.FromBase64String(CertificateField.Value));

            Server.Transfer("XmlElementSignatureInfo.aspx");
        }
Exemple #10
0
        public IHttpActionResult Complete(SignatureCompleteRequest request)
        {
            byte[] signatureContent;

            try {
                // Instantiate a XmlElementSigner class
                var signer = new XmlElementSigner();

                // Set the document to be signed and the policy, exactly like in the Start action
                signer.SetXml(Storage.GetSampleNFeContent());
                signer.SetPolicy(getSignaturePolicy());

                // Set the signature computed on the client-side, along with the "transfer data"
                signer.SetPrecomputedSignature(request.Signature, request.TransferData);

                // Call ComputeSignature(), which does all the work, including validation of the signer's certificate and of the resulting signature
                signer.ComputeSignature();

                // Get the signed XML as an array of bytes
                signatureContent = signer.GetSignedXml();
            } catch (ValidationException ex) {
                // Some of the operations above may throw a ValidationException, for instance if the certificate is revoked.
                return(new ResponseMessageResult(Request.CreateResponse(HttpStatusCode.BadRequest, new ValidationErrorModel(ex.ValidationResults))));
            }

            // Pass the following fields to be used on signature-results template:
            // - The signature file will be stored on the folder "App_Data/". Its name will be passed by Filename field.
            // - The user's certificate
            var response = new SignatureCompleteResponse()
            {
                Filename    = Storage.StoreFile(signatureContent, ".xml"),
                Certificate = new CertificateModel(PKCertificate.Decode(request.Certificate))
            };

            return(Ok(response));
        }