protected void Page_Load(object sender, EventArgs e)
{
Document document = new Document();
document.MimeType = "application/pdf";
document.Content = File.OpenRead(Path.Combine(HostingEnvironment.ApplicationPhysicalPath, @"App_Data\dssp-specs.pdf"));
DsspClient dsspClient = new DsspClient("https://www.e-contract.be/dss-ws/dss");
dsspClient.ApplicationName = Settings.Default.AppName;
dsspClient.ApplicationPassword = Settings.Default.AppPwd;
DsspSession dsspSession = dsspClient.UploadDocument(document);
Session["dsspSession"] = dsspSession;
VisibleSignatureProperties visibleSignature = null;
if (Session["Visible"] == "Photo")
{
visibleSignature = new ImageVisibleSignature()
{
Page = (int) Session["Page"],
X = (int) Session["X"],
Y = (int) Session["Y"]
};
} else if (Session["Visible"] == "Photo and Signer Info")
{
visibleSignature = new ImageVisibleSignature()
{
Page = (int)Session["Page"],
X = (int)Session["X"],
Y = (int)Session["Y"],
ValueUri = "urn:be:e-contract:dssp:1.0:vs:si:eid-photo:signer-info",
CustomText = (string)Session["CustomText"]
};
}
// verify whether DsspSession is serializable
BinaryFormatter binaryFormatter = new BinaryFormatter();
MemoryStream memoryStream = new MemoryStream();
binaryFormatter.Serialize(memoryStream, dsspSession);
memoryStream.Seek(0, SeekOrigin.Begin);
dsspSession = (DsspSession) binaryFormatter.Deserialize(memoryStream);
Authorization authorization = new Authorization();
//authorization.AddAuthorizedCardNumber("591937284531");
//authorization.AddAuthorizedSubjectName("SERIALNUMBER=79102520991, GIVENNAME=Frank Henri, SURNAME=Cornelis, CN=Frank Cornelis (Signature), C=BE");
//authorization.AddNonAuthorizedSubjectName("SERIALNUMBER=79102520991, GIVENNAME=Frank Henri, SURNAME=Cornelis, CN=Frank Cornelis (Signature), C=BE");
this.PendingRequest.Value = dsspSession.GeneratePendingRequest(
new Uri(Request.Url, ResolveUrl("~/Signed.aspx")),
Settings.Default.Language,
new SignatureRequestProperties()
{
SignerRole = (string)Session["Role"],
SignatureProductionPlace = (string)Session["Location"],
VisibleSignature = visibleSignature
},
authorization
);
}
public static Authorization DenyDssSignIfMatchSubjectRegex(string regex)
{
Authorization authorization = new Authorization();
authorization.nonAuthorizedSubjectRegexps.Add(regex);
return authorization;
}
public static Authorization DenyDssSignIfMatchSubject(string subjectName)
{
Authorization authorization = new Authorization();
authorization.nonAuthorizedSubjectNames.Add(subjectName);
return authorization;
}
/// <summary>
/// Generates the html page that initiates the BROWSER/POST request for the current session.
/// </summary>
/// <param name="postAddress">The e-contract.be address, normally "https://www.e-contract.be/dss-ws/start"</param>
/// <param name="landingUrl">Own url for the BROWSER/POST "SignResponse" response</param>
/// <param name="language">The language of the e-contract.be pages, <c>null</c> for the default language</param>
/// <param name="authorization">The authorization that the signer must match too to be authorized</param>
/// <returns>The html page in the form of a string</returns>
public string GeneratePendingRequestPage(Uri postAddress, Uri landingUrl, string language, Authorization authorization)
{
return GeneratePendingRequestPage(postAddress, landingUrl, language, null, authorization);
}
/// <summary>
/// Generates the html page that initiates the BROWSER/POST request for the current session.
/// </summary>
/// <param name="postAddress">The e-contract.be address, normally "https://www.e-contract.be/dss-ws/start"</param>
/// <param name="landingUrl">Own url for the BROWSER/POST "SignResponse" response</param>
/// <param name="language">The language of the e-contract.be pages, <c>null</c> for the default language</param>
/// <param name="properties">Additional properties (location, role, visibility info, ...) for the signature request</param>
/// <param name="authorization">The authorization that the signer must match too to be authorized</param>
/// <returns>The html page in the form of a string</returns>
public string GeneratePendingRequestPage(Uri postAddress, Uri landingUrl, string language, SignatureRequestProperties properties, Authorization authorization)
{
var builder = new StringBuilder();
builder.AppendLine("<html>");
builder.AppendLine("<head><title>DSS-P Browser POST</title></head>");
builder.AppendLine("<body>");
builder.AppendLine("<p>Redirecting to the DSS-P Server...</p>");
builder.AppendLine("<form name=\"dsspform\" method=\"post\" action=\"" + postAddress.ToString() + "\">");
builder.Append("<input type=\"hidden\" name=\"PendingRequest\" value=\"");
builder.Append(GeneratePendingRequest(landingUrl, language, properties, authorization));
builder.AppendLine("\"/>");
builder.AppendLine("</form>");
builder.AppendLine("<script type=\"text/javascript\">");
builder.AppendLine("window.onload = function() { document.forms[\"dsspform\"].submit(); };");
builder.AppendLine("</script>");
builder.AppendLine("</body>");
builder.AppendLine("</html>");
return builder.ToString();
}
/// <summary>
/// Creates a new pending request for the current session.
/// </summary>
/// <param name="landingUrl">The landing page of the SignResponse</param>
/// <param name="language">The language of the e-contract.be pages, <c>null</c> for the default language</param>
/// <param name="authorization">The authorization that the signer must match too to be authorized</param>
/// <returns>The base64 encoded PendingRequest, to be used as value for the "PendingRequest"-input</returns>
public string GeneratePendingRequest(Uri landingUrl, string language, Authorization authorization)
{
return GeneratePendingRequest(landingUrl, language, null, authorization);
}
/// <summary>
/// Creates a new pending request for the current session.
/// </summary>
/// <param name="landingUrl">The landing page of the SignResponse</param>
/// <param name="language">The language of the e-contract.be pages, <c>null</c> for the default language</param>
/// <param name="properties">Additional properties (location, role, visibility info, ...) for the signature request</param>
/// <param name="authorization">The optional authorization that the signer must match too to be authorized</param>
/// <returns>The base64 encoded PendingRequest, to be used as value for the "PendingRequest"-input</returns>
public string GeneratePendingRequest(Uri landingUrl, string language, SignatureRequestProperties properties, Authorization authorization)
{
if (landingUrl == null) throw new ArgumentNullException("landingUrl");
//Prepare browser post message (to return)
var pendingRequest = new PendingRequest();
pendingRequest.OptionalInputs = new OptionalInputs();
pendingRequest.OptionalInputs.AdditionalProfile = "urn:oasis:names:tc:dss:1.0:profiles:asynchronousprocessing";
pendingRequest.OptionalInputs.ResponseID = this.ServerId;
pendingRequest.OptionalInputs.MessageID = new AttributedURIType();
pendingRequest.OptionalInputs.MessageID.Value = this.ClientId;
pendingRequest.OptionalInputs.Timestamp = new TimestampType();
pendingRequest.OptionalInputs.Timestamp.Created = new AttributedDateTime();
pendingRequest.OptionalInputs.Timestamp.Created.Value = DateTime.UtcNow;
pendingRequest.OptionalInputs.Timestamp.Expires = new AttributedDateTime();
pendingRequest.OptionalInputs.Timestamp.Expires.Value = DateTime.UtcNow.AddMinutes(10);
pendingRequest.OptionalInputs.ReplyTo = new EndpointReferenceType();
pendingRequest.OptionalInputs.ReplyTo.Address = new AttributedURIType();
pendingRequest.OptionalInputs.ReplyTo.Address.Value = landingUrl.AbsoluteUri;
pendingRequest.OptionalInputs.ReturnSignerIdentity = new ReturnSignerIdentity();
pendingRequest.OptionalInputs.Language = string.IsNullOrEmpty(language) ? null : language;
if (properties != null && (!string.IsNullOrEmpty(properties.SignerRole)
|| !string.IsNullOrEmpty(properties.SignatureProductionPlace)
|| properties.VisibleSignature != null))
{
var items = new List<VisibleSignatureItemType>();
PixelVisibleSignaturePositionType pixelVisibleSignaturePosition = null;
if (!string.IsNullOrEmpty(properties.SignerRole))
{
var stringItem = new ItemValueStringType();
stringItem.ItemValue = properties.SignerRole;
var item = new VisibleSignatureItemType();
item.ItemName = ItemNameEnum.SignatureReason;
item.ItemValue = stringItem;
items.Add(item);
}
if (!string.IsNullOrEmpty(properties.SignatureProductionPlace))
{
var stringItem = new ItemValueStringType();
stringItem.ItemValue = properties.SignatureProductionPlace;
var item = new VisibleSignatureItemType();
item.ItemName = ItemNameEnum.SignatureProductionPlace;
item.ItemValue = stringItem;
items.Add(item);
}
if (properties.VisibleSignature != null)
{
var photoProp = properties.VisibleSignature as ImageVisibleSignature;
if (photoProp != null)
{
var uriItem = new ItemValueURIType();
uriItem.ItemValue = photoProp.ValueUri;
var item = new VisibleSignatureItemType();
item.ItemName = ItemNameEnum.SignerImage;
item.ItemValue = uriItem;
items.Add(item);
var customText = photoProp.CustomText;
if (!string.IsNullOrEmpty(customText))
{
var customTextItem = new VisibleSignatureItemType();
customTextItem.ItemName = ItemNameEnum.CustomText;
var customTextItemValue = new ItemValueStringType();
customTextItemValue.ItemValue = customText;
customTextItem.ItemValue = customTextItemValue;
items.Add(customTextItem);
}
}
else
{
throw new ArgumentException("The type of VisibleSignatureProperties (field of SignatureRequestProperties) is unsupported", "properties");
}
pixelVisibleSignaturePosition = new PixelVisibleSignaturePositionType();
pixelVisibleSignaturePosition.PageNumber = properties.VisibleSignature.Page;
pixelVisibleSignaturePosition.x = properties.VisibleSignature.X;
pixelVisibleSignaturePosition.y = properties.VisibleSignature.Y;
}
pendingRequest.OptionalInputs.VisibleSignatureConfiguration = new VisibleSignatureConfigurationType();
pendingRequest.OptionalInputs.VisibleSignatureConfiguration.VisibleSignaturePolicy = VisibleSignaturePolicyType.DocumentSubmissionPolicy;
pendingRequest.OptionalInputs.VisibleSignatureConfiguration.VisibleSignatureItemsConfiguration = new VisibleSignatureItemsConfigurationType();
pendingRequest.OptionalInputs.VisibleSignatureConfiguration.VisibleSignatureItemsConfiguration.VisibleSignatureItem = items.ToArray<VisibleSignatureItemType>();
pendingRequest.OptionalInputs.VisibleSignatureConfiguration.VisibleSignaturePosition = pixelVisibleSignaturePosition;
}
if (authorization != null)
{
pendingRequest.OptionalInputs.Policy = authorization.getPolicy();
}
//Prepare Sign
var pendingRequestXml = new XmlDocument();
pendingRequestXml.PreserveWhitespace = true;
if (null == requestSerializer)
{
requestSerializer = new XmlSerializer(typeof(PendingRequest), "urn:oasis:names:tc:dss:1.0:profiles:asynchronousprocessing:1.0");
}
using (var pendingRequestWriter = pendingRequestXml.CreateNavigator().AppendChild())
{
requestSerializer.Serialize(pendingRequestWriter, pendingRequest);
}
var signedXml = new SignedXml(pendingRequestXml);
signedXml.SignedInfo.CanonicalizationMethod = SignedXml.XmlDsigExcC14NTransformUrl;
signedXml.SignedInfo.SignatureMethod = SignedXml.XmlDsigHMACSHA1Url;
var docRef = new Reference("");
docRef.DigestMethod = "http://www.w3.org/2000/09/xmldsig#sha1";
docRef.AddTransform(new XmlDsigEnvelopedSignatureTransform());
docRef.AddTransform(new XmlDsigExcC14NTransform());
signedXml.AddReference(docRef);
//Add Key Info
var keyRefXml = new XmlDocument();
keyRefXml.PreserveWhitespace = true;
if (null == tRefSerializer)
{
tRefSerializer = new XmlSerializer(typeof(SecurityTokenReferenceType), null, new Type[0], new XmlRootAttribute("SecurityTokenReference"), "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd");
}
using (var keyRefXmlWriter = keyRefXml.CreateNavigator().AppendChild())
{
tRefSerializer.Serialize(keyRefXmlWriter, this.KeyReference);
}
signedXml.KeyInfo = new KeyInfo();
signedXml.KeyInfo.AddClause(new KeyInfoNode(keyRefXml.DocumentElement));
//Compute signature
signedXml.ComputeSignature(new HMACSHA1(this.KeyValue));
//Append signature to document
var nsmgr = new XmlNamespaceManager(pendingRequestXml.NameTable);
nsmgr.AddNamespace("async", "urn:oasis:names:tc:dss:1.0:profiles:asynchronousprocessing:1.0");
nsmgr.AddNamespace("dss", "urn:oasis:names:tc:dss:1.0:core:schema");
pendingRequestXml.SelectSingleNode("/async:PendingRequest/dss:OptionalInputs", nsmgr).AppendChild(signedXml.GetXml());
//Serialize and encode
var stream = new MemoryStream();
pendingRequestXml.Save(stream);
return Convert.ToBase64String(stream.ToArray());
}
/// <summary>
/// Creates a new pending request for the current session.
/// </summary>
/// <param name="landingUrl">The landing page of the SignResponse</param>
/// <param name="language">The language of the e-contract.be pages, <c>null</c> for the default language</param>
/// <param name="properties">Additional properties (location, role, visibility info, ...) for the signature request</param>
/// <param name="authorization">The optional authorization that the signer must match too to be authorized</param>
/// <returns>The base64 encoded PendingRequest, to be used as value for the "PendingRequest"-input</returns>
public string GeneratePendingRequest(Uri landingUrl, string language, SignatureRequestProperties properties, Authorization authorization)
{
if (landingUrl == null)
{
throw new ArgumentNullException("landingUrl");
}
//Prepare browser post message (to return)
var pendingRequest = new PendingRequest()
{
OptionalInputs = new OptionalInputs()
{
AdditionalProfile = "urn:oasis:names:tc:dss:1.0:profiles:asynchronousprocessing",
ResponseID = this.ServerId,
MessageID = new AttributedURIType()
{
Value = this.ClientId
},
Timestamp = new TimestampType()
{
Created = new AttributedDateTime()
{
Value = DateTime.UtcNow
},
Expires = new AttributedDateTime()
{
Value = DateTime.UtcNow.AddMinutes(10)
}
},
ReplyTo = new EndpointReferenceType()
{
Address = new AttributedURIType()
{
Value = landingUrl.AbsoluteUri
}
},
ReturnSignerIdentity = new ReturnSignerIdentity(),
Language = string.IsNullOrEmpty(language) ? null : language,
VisibleSignatureConfiguration = properties?.Configuration,
Policy = authorization?.Policy
},
};
//Prepare Sign
var pendingRequestXml = new XmlDocument()
{
PreserveWhitespace = true
};
using (var pendingRequestWriter = pendingRequestXml.CreateNavigator().AppendChild())
{
requestSerializer.Serialize(pendingRequestWriter, pendingRequest);
}
var signedXml = new SignedXml(pendingRequestXml);
signedXml.SignedInfo.CanonicalizationMethod = SignedXml.XmlDsigExcC14NTransformUrl;
signedXml.SignedInfo.SignatureMethod = SignedXml.XmlDsigHMACSHA1Url;
var docRef = new Reference("")
{
DigestMethod = "http://www.w3.org/2000/09/xmldsig#sha1"
};
docRef.AddTransform(new XmlDsigEnvelopedSignatureTransform());
docRef.AddTransform(new XmlDsigExcC14NTransform());
signedXml.AddReference(docRef);
//Add Key Info
var keyRefXml = new XmlDocument()
{
PreserveWhitespace = true
};
if (null == tRefSerializer)
{
tRefSerializer = new XmlSerializer(typeof(SecurityTokenReferenceType), null, new Type[0], new XmlRootAttribute("SecurityTokenReference"), "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd");
}
using (var keyRefXmlWriter = keyRefXml.CreateNavigator().AppendChild())
{
tRefSerializer.Serialize(keyRefXmlWriter, this.KeyReference);
}
signedXml.KeyInfo = new KeyInfo();
signedXml.KeyInfo.AddClause(new KeyInfoNode(keyRefXml.DocumentElement));
//Compute signature
signedXml.ComputeSignature(new HMACSHA1(this.KeyValue));
//Append signature to document
var nsmgr = new XmlNamespaceManager(pendingRequestXml.NameTable);
nsmgr.AddNamespace("async", "urn:oasis:names:tc:dss:1.0:profiles:asynchronousprocessing:1.0");
nsmgr.AddNamespace("dss", "urn:oasis:names:tc:dss:1.0:core:schema");
pendingRequestXml.SelectSingleNode("/async:PendingRequest/dss:OptionalInputs", nsmgr).AppendChild(signedXml.GetXml());
trace.TraceEvent(TraceEventType.Information, 0, "Generated pending request");
msgTrace.TraceData(TraceEventType.Information, 0, pendingRequestXml.CreateNavigator());
//Serialize and encode
var stream = new MemoryStream();
pendingRequestXml.Save(stream);
return(Convert.ToBase64String(stream.ToArray()));
}
/// <summary>
/// Creates a new pending request for the current session.
/// </summary>
/// <param name="landingUrl">The landing page of the SignResponse</param>
/// <param name="language">The language of the e-contract.be pages, <c>null</c> for the default language</param>
/// <param name="authorization">The authorization that the signer must match too to be authorized</param>
/// <returns>The base64 encoded PendingRequest, to be used as value for the "PendingRequest"-input</returns>
public string GeneratePendingRequest(Uri landingUrl, string language, Authorization authorization)
{
return(GeneratePendingRequest(landingUrl, language, null, authorization));
}
/// <summary>
/// Generates the html page that initiates the BROWSER/POST request for the current session.
/// </summary>
/// <param name="postAddress">The e-contract.be address, normally "https://www.e-contract.be/dss-ws/start"</param>
/// <param name="landingUrl">Own url for the BROWSER/POST "SignResponse" response</param>
/// <param name="language">The language of the e-contract.be pages, <c>null</c> for the default language</param>
/// <param name="properties">Additional properties (location, role, visibility info, ...) for the signature request</param>
/// <param name="authorization">The authorization that the signer must match too to be authorized</param>
/// <returns>The html page in the form of a string</returns>
public string GeneratePendingRequestPage(Uri postAddress, Uri landingUrl, string language, SignatureRequestProperties properties, Authorization authorization)
{
var builder = new StringBuilder();
builder.AppendLine("<html>");
builder.AppendLine("<head><title>DSS-P Browser POST</title></head>");
builder.AppendLine("<body>");
builder.AppendLine("<p>Redirecting to the DSS-P Server...</p>");
builder.AppendLine("<form name=\"dsspform\" method=\"post\" action=\"" + postAddress.ToString() + "\">");
builder.Append("<input type=\"hidden\" name=\"PendingRequest\" value=\"");
builder.Append(GeneratePendingRequest(landingUrl, language, properties, authorization));
builder.AppendLine("\"/>");
builder.AppendLine("</form>");
builder.AppendLine("<script type=\"text/javascript\">");
builder.AppendLine("window.onload = function() { document.forms[\"dsspform\"].submit(); };");
builder.AppendLine("</script>");
builder.AppendLine("</body>");
builder.AppendLine("</html>");
return(builder.ToString());
}
/// <summary>
/// Generates the html page that initiates the BROWSER/POST request for the current session.
/// </summary>
/// <param name="postAddress">The e-contract.be address, normally "https://www.e-contract.be/dss-ws/start"</param>
/// <param name="landingUrl">Own url for the BROWSER/POST "SignResponse" response</param>
/// <param name="language">The language of the e-contract.be pages, <c>null</c> for the default language</param>
/// <param name="properties">Additional properties (location, role, visibility info, ...) for the signature request</param>
/// <param name="subjectRegex">Regular expression of the eID subject that the signer must match too to be authorized</param>
/// <returns>The html page in the form of a string</returns>
public string GeneratePendingRequestPage(Uri postAddress, Uri landingUrl, string language, SignatureRequestProperties properties, string subjectRegex)
{
if (String.IsNullOrEmpty(subjectRegex))
{
return(GeneratePendingRequestPage(postAddress, landingUrl, language, properties, (Authorization)null));
}
else
{
return(GeneratePendingRequestPage(postAddress, landingUrl, language, properties, Authorization.AllowDssSignIfMatchSubjectRegex(subjectRegex)));
}
}
/// <summary>
/// Generates the html page that initiates the BROWSER/POST request for the current session.
/// </summary>
/// <param name="postAddress">The e-contract.be address, normally "https://www.e-contract.be/dss-ws/start"</param>
/// <param name="landingUrl">Own url for the BROWSER/POST "SignResponse" response</param>
/// <param name="language">The language of the e-contract.be pages, <c>null</c> for the default language</param>
/// <param name="authorization">The authorization that the signer must match too to be authorized</param>
/// <returns>The html page in the form of a string</returns>
public string GeneratePendingRequestPage(Uri postAddress, Uri landingUrl, string language, Authorization authorization)
{
return(GeneratePendingRequestPage(postAddress, landingUrl, language, null, authorization));
}
