public async Task <ActionResult> Index(string userfile, string cmsfile) { // Get an instance of the CadesSignatureStarter class, responsible for receiving the signature // elements and start the signature process. var signatureStarter = new CadesSignatureStarter(Util.GetRestPkiClient()) { // Set the signature policy. SignaturePolicyId = StandardCadesSignaturePolicies.PkiBrazil.AdrBasica, // Set the security context to be used to determine trust in the certificate chain. We have // encapsulated the security context choice on Util.cs. SecurityContextId = Util.GetSecurityContextId(), // Optionally, set whether the content should be encapsulated in the resulting CMS. If this // parameter is ommitted, the following rules apply: // - If no CmsToCoSign is given, the resulting CMS will include the content. // - If a CmsToCoSign is given, the resulting CMS will include the content if and only if the // CmsToCoSign also includes the content. EncapsulateContent = true }; if (!string.IsNullOrEmpty(cmsfile)) { // Verify if the cmsfile exists and get the absolute path of the cmsfile. string cmsfilePath; if (!StorageMock.TryGetFile(cmsfile, out cmsfilePath)) { return(HttpNotFound()); } /* * If the URL argument "cmsfile" is filled, the user has asked to co-sign a previously signed * CMS. We'll set the path to the CMS to be co-signed, which was perviously saved in the * App_Data folder by the POST action on this controller. Note two important things: * * 1. The CMS to be co-signed must be set using the method "SetCmsToCoSign", not the * method "SetContentToSign" nor "SetFileToSign". * * 2. Since we're creating CMSs with encapsulated content (see call to * SetEncapsulateContent below), we don't need to set the content to be signed, * REST PKI will get the content from the CMS being co-signed. */ signatureStarter.SetCmsToCoSign(cmsfilePath); } else { // Verify if the userfile exists and get the absolute path of the userfile. string userfilePath; if (!StorageMock.TryGetFile(userfile, out userfilePath)) { return(HttpNotFound()); } // If the URL argument "userfile" is filled, it means the user was redirected here by // UploadController (signature with file uploaded by user). We'll set the path of the file to // be signed, which was saved in the App_Data folder by UploadController. signatureStarter.SetFileToSign(userfilePath); } // Call the StartWithWebPki() method, which initiates the signature. This yields the token, a // 43-character case-sensitive URL-safe string, which identifies this signature process. We'll // use this value to call the signWithRestPki() method on the Web PKI component // (see signature-form.js) and also to complete the signature on the POST action below (this // should not be mistaken with the API access token). var token = await signatureStarter.StartWithWebPkiAsync(); // The token acquired above can only be used for a single signature attempt. In order to retry // the signature it is necessary to get a new token. This can be a problem if the user uses the // back button of the browser, since the browser might show a cached page that we rendered // previously, with a now stale token. To prevent this from happening, we call the method // SetNoCacheHeaders() (in BaseController) which sets HTTP headers to prevent caching of the // page. base.SetNoCacheHeaders(); // Render the signature page with the token obtained from REST PKI. return(View(new SignatureModel() { Token = token, UserFile = userfile, CmsFile = cmsfile })); }
public ActionResult Index(string userfile, string cmsfile) { // Get an instance of the CadesSignatureStarter class, responsible for receiving the signature elements and start the // signature process var signatureStarter = new CadesSignatureStarter(Util.GetRestPkiClient()) { // Set the signature policy SignaturePolicyId = StandardCadesSignaturePolicies.PkiBrazil.AdrBasica, // Optionally, set a SecurityContext to be used to determine trust in the certificate chain //SecurityContextId = StandardSecurityContexts.PkiBrazil, // Note: Depending on the signature policy chosen above, setting the security context may be mandatory (this is not // the case for ICP-Brasil policies, which will automatically use the PkiBrazil security context if none is passed) // Optionally, set whether the content should be encapsulated in the resulting CMS. If this parameter is ommitted, // the following rules apply: // - If no CmsToSign is given, the resulting CMS will include the content // - If a CmsToCoSign is given, the resulting CMS will include the content if and only if the CmsToCoSign also includes the content EncapsulateContent = true }; if (!string.IsNullOrEmpty(userfile)) { // If the URL argument "userfile" is filled, it means the user was redirected here by UploadController (signature with file uploaded by user). // We'll set the path of the file to be signed, which was saved in the App_Data folder by UploadController signatureStarter.SetFileToSign(Server.MapPath("~/App_Data/" + userfile.Replace("_", "."))); // Note: we're passing the filename argument with "." as "_" because of limitations of ASP.NET MVC } else if (!string.IsNullOrEmpty(cmsfile)) { /* * If the URL argument "cmsfile" is filled, the user has asked to co-sign a previously signed CMS. We'll set the path to the CMS * to be co-signed, which was perviously saved in the App_Data folder by the POST action on this controller. Note two important things: * * 1. The CMS to be co-signed must be set using the method "SetCmsToCoSign", not the method "SetContentToSign" nor "SetFileToSign" * * 2. Since we're creating CMSs with encapsulated content (see call to SetEncapsulateContent below), we don't need to set the content * to be signed, REST PKI will get the content from the CMS being co-signed. */ signatureStarter.SetCmsToCoSign(Server.MapPath("~/App_Data/" + cmsfile.Replace("_", "."))); // Note: we're passing the filename argument with "." as "_" because of limitations of ASP.NET MVC } else { // If both userfile and cmsfile are null, this is the "signature with server file" case. We'll set the path of the file to be signed signatureStarter.SetFileToSign(Util.GetSampleDocPath()); } // Call the StartWithWebPki() method, which initiates the signature. This yields the token, a 43-character // case-sensitive URL-safe string, which identifies this signature process. We'll use this value to call the // signWithRestPki() method on the Web PKI component (see javascript on the view) and also to complete the signature // on the POST action below (this should not be mistaken with the API access token). var token = signatureStarter.StartWithWebPki(); // The token acquired above can only be used for a single signature attempt. In order to retry the signature it is // necessary to get a new token. This can be a problem if the user uses the back button of the browser, since the // browser might show a cached page that we rendered previously, with a now stale token. To prevent this from happening, // we call the method SetNoCacheHeaders() (in BaseController) which sets HTTP headers to prevent caching of the page. base.SetNoCacheHeaders(); // Render the signature page with the token obtained from REST PKI return View(new CadesSignatureModel() { Token = token, UserFile = userfile, CmsFile = cmsfile }); }
public async Task <string> Start(string userfile, string cmsfile) { var storage = new Storage(hostingEnvironment); var client = Util.GetRestPkiClient(restPkiConfig); // Get an instance of the CadesSignatureStarter class, responsible for receiving the signature elements and start the // signature process var signatureStarter = new CadesSignatureStarter(client) { // Set the signature policy SignaturePolicyId = StandardCadesSignaturePolicies.PkiBrazil.AdrBasica, // Note: Depending on the signature policy chosen above, setting the security context below may be mandatory (this is not // the case for ICP-Brasil policies, which will automatically use the PkiBrazil security context if none is passed) // Optionally, set a SecurityContext to be used to determine trust in the certificate chain //SecurityContextId = new Guid("ID OF YOUR CUSTOM SECURITY CONTEXT"), // For instance, to use the test certificates on Lacuna Test PKI (for development purposes only!): //SecurityContextId = new Guid("803517ad-3bbc-4169-b085-60053a8f6dbf"), }; // Below we'll either set the file to be signed or the CMS to be co-signed. Prefer passing a path or a stream instead of // the file's contents as a byte array to prevent memory allocation issues with large files. if (!string.IsNullOrEmpty(userfile)) { // If the URL argument "userfile" is filled (signature with file uploaded by user). We'll set the file to be signed Stream userFileStream; if (!storage.TryOpenRead(userfile, out userFileStream)) { throw new Exception("File not found"); } signatureStarter.SetContentToSign(userFileStream); } else if (!string.IsNullOrEmpty(cmsfile)) { /* * If the URL argument "cmsfile" is filled, the user has asked to co-sign a previously signed CMS. We'll set the CMS * to be co-signed, which was perviously saved in the App_Data folder by the POST action on this controller. Note two important things: * * 1. The CMS to be co-signed must be set using the method "SetCmsToCoSign", not the method "SetContentToSign" nor "SetFileToSign" * * 2. Since we're creating CMSs with encapsulated content (see call to SetEncapsulateContent below), we don't need to set the content * to be signed, REST PKI will get the content from the CMS being co-signed. */ Stream cmsFileStream; if (!storage.TryOpenRead(cmsfile, out cmsFileStream)) { throw new Exception("File not found"); } signatureStarter.SetCmsToCoSign(cmsFileStream); } else { // If both userfile and cmsfile are null, this is the "signature with server file" case. We'll set the path of the file to be signed signatureStarter.SetFileToSign(storage.GetSampleDocPath()); } // Call the StartWithWebPkiAsync() method, which initiates the signature. This yields the token, a 43-character // case-sensitive URL-safe string, which identifies this signature process. We'll use this value to call the // signWithRestPki() method on the Web PKI component (see javascript on the angular controller) and also to complete // the signature on the POST action below (this should not be mistaken with the API access token). var token = await signatureStarter.StartWithWebPkiAsync(); return(token); }
public ActionResult Index(string userfile, string cmsfile) { // Get an instance of the CadesSignatureStarter class, responsible for receiving the signature elements and start the // signature process var signatureStarter = new CadesSignatureStarter(Util.GetRestPkiClient()) { // Set the signature policy SignaturePolicyId = StandardCadesSignaturePolicies.PkiBrazil.AdrBasica, // Optionally, set a SecurityContext to be used to determine trust in the certificate chain //SecurityContextId = StandardSecurityContexts.PkiBrazil, // Note: Depending on the signature policy chosen above, setting the security context may be mandatory (this is not // the case for ICP-Brasil policies, which will automatically use the PkiBrazil security context if none is passed) // Optionally, set whether the content should be encapsulated in the resulting CMS. If this parameter is ommitted, // the following rules apply: // - If no CmsToSign is given, the resulting CMS will include the content // - If a CmsToCoSign is given, the resulting CMS will include the content if and only if the CmsToCoSign also includes the content EncapsulateContent = true }; if (!string.IsNullOrEmpty(userfile)) { // If the URL argument "userfile" is filled, it means the user was redirected here by UploadController (signature with file uploaded by user). // We'll set the path of the file to be signed, which was saved in the App_Data folder by UploadController signatureStarter.SetFileToSign(Server.MapPath("~/App_Data/" + userfile.Replace("_", "."))); // Note: we're passing the filename argument with "." as "_" because of limitations of ASP.NET MVC } else if (!string.IsNullOrEmpty(cmsfile)) { /* * If the URL argument "cmsfile" is filled, the user has asked to co-sign a previously signed CMS. We'll set the path to the CMS * to be co-signed, which was perviously saved in the App_Data folder by the POST action on this controller. Note two important things: * * 1. The CMS to be co-signed must be set using the method "SetCmsToCoSign", not the method "SetContentToSign" nor "SetFileToSign" * * 2. Since we're creating CMSs with encapsulated content (see call to SetEncapsulateContent below), we don't need to set the content * to be signed, REST PKI will get the content from the CMS being co-signed. */ signatureStarter.SetCmsToCoSign(Server.MapPath("~/App_Data/" + cmsfile.Replace("_", "."))); // Note: we're passing the filename argument with "." as "_" because of limitations of ASP.NET MVC } else { // If both userfile and cmsfile are null, this is the "signature with server file" case. We'll set the path of the file to be signed signatureStarter.SetFileToSign(Util.GetSampleDocPath()); } // Call the StartWithWebPki() method, which initiates the signature. This yields the token, a 43-character // case-sensitive URL-safe string, which identifies this signature process. We'll use this value to call the // signWithRestPki() method on the Web PKI component (see javascript on the view) and also to complete the signature // on the POST action below (this should not be mistaken with the API access token). var token = signatureStarter.StartWithWebPki(); // The token acquired above can only be used for a single signature attempt. In order to retry the signature it is // necessary to get a new token. This can be a problem if the user uses the back button of the browser, since the // browser might show a cached page that we rendered previously, with a now stale token. To prevent this from happening, // we call the method SetNoCacheHeaders() (in BaseController) which sets HTTP headers to prevent caching of the page. base.SetNoCacheHeaders(); // Render the signature page with the token obtained from REST PKI return(View(new CadesSignatureModel() { Token = token, UserFile = userfile, CmsFile = cmsfile })); }