EldoS | Feel safer!

Software components for data protection, secure storage and transfer

signing a XML file via WEB in ASP.net c#

Also by EldoS: RawDisk
Access locked and protected files in Windows, read and write disks and partitions and more.
#21824
Posted: 10/04/2012 11:25:26
by Hans Altaner (Basic support level)
Joined: 10/04/2012
Posts: 9

Hi,

I need an example for signing a XML file via WEB in ASP.net c# , the files are in web server and each user has his own certificates(etoken) to sign the XML file.

I need to select the signature from the System CertStorage of the user signing the doc and then sign and save the doc again, adding a new sign each time.

Thanks a lot!
#21826
Posted: 10/04/2012 11:31:57
by Vsevolod Ievgiienko (EldoS Corp.)

Thank you for contacting us.

You need our Distributes Crypto module for your task. We don't have samples for XML, but you can use \EldoS\SecureBlackbox.NET\Samples\C#\PDFBlackbox\ASPNet_Distributed sample as a reference because the general idea is the same.
#21829
Posted: 10/04/2012 11:41:55
by Hans Altaner (Basic support level)
Joined: 10/04/2012
Posts: 9

I tried to change the code but I am a rookie, you can support me please. We will buy SecureBlackbox but I have to have an example to show before. I have class Presigner. Code no work.
Code
        protected virtual void Page_Load(object sender, EventArgs e)
        {
  



            string SourceFileName = @"C:\DocumentosPrueba\xmlTest.xml";
            string TempFileName = @"C:\DocumentosPrueba\xmlTestTemp.xml";
            string StateFileName = @"C:\DocumentosPrueba\xmlTestState.xml";

            SBDC.TElDCAsyncState State = null;
            using (TElXMLDOMDocument Doc = new TElXMLDOMDocument())
            {
                using (FileStream F = new FileStream(SourceFileName, FileMode.Open, FileAccess.Read))
                {
                    Doc.LoadFromStream(F);
                }

                TElXMLSigner Signer = new TElXMLSigner();

                try
                {
                    Signer.SignatureType = SBXMLSec.Unit.xstEnveloped;
                    Signer.SignatureMethodType = SBXMLSec.Unit.xmtSig;

                    Signer.SignatureMethod = SBXMLSec.Unit.xsmRSA_SHA256;

                    Signer.IncludeKey = false;


                    TElXMLReference Ref = new TElXMLReference();
                    Ref.DigestMethod = SBXMLSec.Unit.xdmSHA256;
                    Ref.URINode = Doc.DocumentElement;
                    Ref.URI = "";
                    Ref.TransformChain.Add(new SBXMLTransform.TElXMLEnvelopedSignatureTransform());


                    Signer.References.Add(Ref);

                    Signer.UpdateReferencesDigest();
                    Signer.GenerateSignatureAsync();
                    TElXMLDOMNode SigNode = Doc.DocumentElement;

                    State = Signer.InitiateAsyncSign(ref SigNode);
              

                }
                finally
                {
                    Signer.Dispose();

                }
                using (FileStream F = new FileStream(TempFileName, FileMode.Create, FileAccess.ReadWrite))
                {
                    Doc.SaveToStream(F, SBXMLDefs.Unit.xcmNone, "");
                }
            }
            output = new MemoryStream();
            State.SaveToStream(output, SBDCXMLEnc.__Global.DCXMLEncoding());
        }
#21833
Posted: 10/04/2012 12:24:00
by Vsevolod Ievgiienko (EldoS Corp.)

You are missing TElXMLSigner.CompleteAsyncSign that should be called to finalize the process.
#21834
Posted: 10/04/2012 12:27:13
by Hans Altaner (Basic support level)
Joined: 10/04/2012
Posts: 9

I can give a more complete example, please. I'm learning recently
#21836
Posted: 10/04/2012 14:12:48
by Hans Altaner (Basic support level)
Joined: 10/04/2012
Posts: 9

I get the following error "500 - Pre-signed Signature Element not found".
Code
PRESIGNER.CS
Code
        protected virtual void Page_Load(object sender, EventArgs e)
        {
            SBUtils.Unit.SetLicenseKey("AF47...A57A");

            string signedFile = Server.MapPath("../Data/" + Session.SessionID + ".tmp");
            string preSignedFile = Server.MapPath("../Data/" + Session.SessionID + "pre.tmp");
            Cache[Session.SessionID] = signedFile;
            File.Copy(Server.MapPath("../Data/sample.xml"), signedFile, true);

            TElDCAsyncState state;

            TElXMLDOMDocument doc = new TElXMLDOMDocument();
            //TElPDFPublicKeySecurityHandler handler = new TElPDFPublicKeySecurityHandler();

            TElXMLSigner signer = new TElXMLSigner();
            FileStream input = new FileStream(signedFile, FileMode.Open, FileAccess.ReadWrite);
            try
            {
                doc.LoadFromStream(input);

                signer.SignatureType = SBXMLSec.Unit.xstEnveloped;
                signer.SignatureMethodType = SBXMLSec.Unit.xmtSig;

                signer.SignatureMethod = SBXMLSec.Unit.xsmRSA_SHA256;

                signer.IncludeKey = false;

                TElXMLReference refr = new TElXMLReference();
                refr.DigestMethod = SBXMLSec.Unit.xdmSHA256;
                refr.URINode = doc.DocumentElement;
                refr.URI = "";
                refr.TransformChain.Add(new SBXMLTransform.TElXMLEnvelopedSignatureTransform());


                signer.References.Add(refr);

                signer.UpdateReferencesDigest();
                signer.GenerateSignatureAsync();
                TElXMLDOMNode sigNode = doc.DocumentElement;

                state = signer.InitiateAsyncSign(ref sigNode);

                using (FileStream F = new FileStream(preSignedFile, FileMode.Create, FileAccess.ReadWrite))
                {
                    doc.SaveToStream(F, SBXMLDefs.Unit.xcmNone, "");
                }

                //state = doc.InitiateAsyncOperation();
            }
            finally
            {
                input.Close();
            }

            output = new MemoryStream();
            state.SaveToStream(output, SBDCXMLEnc.__Global.DCXMLEncoding());
        }

RESULT.ASPX
Code
protected void FinishSigning(ref String fileName, byte[] signature)
        {
            TElDCAsyncState state = new TElDCAsyncState();
            MemoryStream input = new MemoryStream(signature);
            state.LoadFromStream(input, SBDCXMLEnc.__Global.DCXMLEncoding());
            TElXMLDOMDocument doc = new TElXMLDOMDocument();
            TElXMLSigner handler = new TElXMLSigner();

            //TElPDFDocument doc = new TElPDFDocument();
            //TElPDFPublicKeySecurityHandler handler = new TElPDFPublicKeySecurityHandler();
            //handler.SignatureType = TSBPDFPublicKeySignatureType.pstPKCS7SHA1;

            FileStream file = new FileStream(fileName, FileMode.Open, FileAccess.ReadWrite);
            try
            {
                //doc.CompleteAsyncOperation(file, state, handler);
                handler.CompleteAsyncSign(doc, state);
                doc.SaveToStream(file, SBXMLDefs.Unit.xcmNone, "");
            }
            finally
            {
                file.Close();
            }

            File.Move(fileName, Path.ChangeExtension(fileName, ".xml"));
            fileName = Path.ChangeExtension(fileName, ".xml");
        }

RESULT.ASPX
protected void FinishSigning(ref String fileName, byte[] signature)
{
TElDCAsyncState state = new TElDCAsyncState();
MemoryStream input = new MemoryStream(signature);
state.LoadFromStream(input, SBDCXMLEnc.__Global.DCXMLEncoding());
TElXMLDOMDocument doc = new TElXMLDOMDocument();
TElXMLSigner handler = new TElXMLSigner();


FileStream file = new FileStream(fileName, FileMode.Open, FileAccess.ReadWrite);
try
{
//doc.CompleteAsyncOperation(file, state, handler);
handler.CompleteAsyncSign(doc, state);
doc.SaveToStream(file, SBXMLDefs.Unit.xcmNone, "");
}
finally
{
file.Close();
}

File.Move(fileName, Path.ChangeExtension(fileName, ".xml"));
fileName = Path.ChangeExtension(fileName, ".xml");
}
[code]

That may be missing?
#21837
Posted: 10/04/2012 14:18:42
by Dmytro Bogatskyy (EldoS Corp.)

Quote
That may be missing?

The code above is missing doc.LoadFromStream call

Please check the following sample:
https://www.eldos.com/forum/read.php?F...ssage20153
Also by EldoS: CallbackFilter
A component to monitor and control disk activity, track file and directory operations (create, read, write, rename etc.), alter file data, encrypt files, create virtual files.

Reply

Statistics

Topic viewed 2169 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!