// GET: CheckPadesRest?c={id}
public ActionResult Index(string c)
{
// On PrinterFriendlyVersionController, we stored the unformatted version of the verification
// code (without hyphens) but used the formatted version (with hiphens) on the printer-friendly
// PDF. Now, we remove the hyphens before looking it up.
var verificationCode = AlphaCode.Parse(c);
// Get document associated with verification code.
var fileId = StorageMock.LookupVerificationCode(verificationCode);
if (fileId == null)
{
// Invalid code give!
// Small delay to slow down brute-force attacks (if you want to be extra careful you might
// want to add a CAPTCHA to the process).
Thread.Sleep(TimeSpan.FromSeconds(2));
// Return Not Found
return(HttpNotFound());
}
// Read document from storage.
var fileContent = StorageMock.Read(fileId);
// Get an instance of the PadesSignatureExplorer class, used to open/validate PDF signatures.
var sigExplorer = new PadesSignatureExplorer(Util.GetRestPkiClient())
{
// Specify that we want to validate the signatures in the file, not only inspect them.
Validate = true,
// Specify the parameters for the signature validation:
// Accept any PAdES signature as long as the signer has an ICP-Brasil certificate.
DefaultSignaturePolicyId = StandardPadesSignaturePolicies.Basic,
// Specify the security context to be used to determine trust in the certificate chain. We
// have encapsulated the security context choice on Util.cs.
SecurityContextId = Util.GetSecurityContextId()
};
// Set the PDF file.
sigExplorer.SetSignatureFile(fileContent);
// Call the Open() method, which returns the signature file's information.
var signature = sigExplorer.Open();
// Render the information (see file Check/Index.html for more information on
// the information returned).
return(View(new OpenPadesSignatureModel()
{
Signature = signature,
File = fileId
}));
}
// GET: CheckCadesSdk?c={id}
public ActionResult Index(string c)
{
// On PrinterFriendlyVersionController, we stored the unformatted version of the verification
// code (without hyphens) but used the formatted version (with hiphens) on the printer-friendly
// PDF. Now, we remove the hyphens before looking it up.
var verificationCode = AlphaCode.Parse(c);
// Get document associated with verification code.
var fileId = StorageMock.LookupVerificationCode(verificationCode);
if (fileId == null)
{
// Invalid code give!
// Small delay to slow down brute-force attacks (if you want to be extra careful you might
// want to add a CAPTCHA to the process).
Thread.Sleep(TimeSpan.FromSeconds(2));
// Return Not Found
return(HttpNotFound());
}
// Read document from storage.
var fileContent = StorageMock.Read(fileId);
var signature = CadesSignature.Open(fileContent);
// Specify the parameters for the signature validation:
// Define the trust arbitrator used to validate the certificate.
var trustArbitrator = Util.GetTrustArbitrator();
var policyMapper = CadesPoliciesForValidation.GetCadesBasic(trustArbitrator);
// Render the information (see file Check/Index.html for more information on
// the information returned).
return(View(new OpenCadesSignatureModel()
{
Signature = new CadesSignatureModel(signature, policyMapper),
File = fileId
}));
}
