EldoS | Feel safer!

Software components for data protection, secure storage and transfer

signing a XML file via WEB in ASP.net c#

Also by EldoS: Callback File System
Create virtual file systems and disks, expose and manage remote data as if they were files on the local disk.
#21824
Posted: 10/04/2012 11:25:26
by Hans Altaner (Basic support level)
Joined: 10/04/2012
Posts: 9

Hi,

I need an example for signing a XML file via WEB in ASP.net c# , the files are in web server and each user has his own certificates(etoken) to sign the XML file.

I need to select the signature from the System CertStorage of the user signing the doc and then sign and save the doc again, adding a new sign each time.

Thanks a lot!
#21826
Posted: 10/04/2012 11:31:57
by Vsevolod Ievgiienko (EldoS Corp.)

Thank you for contacting us.

You need our Distributes Crypto module for your task. We don't have samples for XML, but you can use \EldoS\SecureBlackbox.NET\Samples\C#\PDFBlackbox\ASPNet_Distributed sample as a reference because the general idea is the same.
#21829
Posted: 10/04/2012 11:41:55
by Hans Altaner (Basic support level)
Joined: 10/04/2012
Posts: 9

I tried to change the code but I am a rookie, you can support me please. We will buy SecureBlackbox but I have to have an example to show before. I have class Presigner. Code no work.
Code
        protected virtual void Page_Load(object sender, EventArgs e)
        {
  



            string SourceFileName = @"C:\DocumentosPrueba\xmlTest.xml";
            string TempFileName = @"C:\DocumentosPrueba\xmlTestTemp.xml";
            string StateFileName = @"C:\DocumentosPrueba\xmlTestState.xml";

            SBDC.TElDCAsyncState State = null;
            using (TElXMLDOMDocument Doc = new TElXMLDOMDocument())
            {
                using (FileStream F = new FileStream(SourceFileName, FileMode.Open, FileAccess.Read))
                {
                    Doc.LoadFromStream(F);
                }

                TElXMLSigner Signer = new TElXMLSigner();

                try
                {
                    Signer.SignatureType = SBXMLSec.Unit.xstEnveloped;
                    Signer.SignatureMethodType = SBXMLSec.Unit.xmtSig;

                    Signer.SignatureMethod = SBXMLSec.Unit.xsmRSA_SHA256;

                    Signer.IncludeKey = false;


                    TElXMLReference Ref = new TElXMLReference();
                    Ref.DigestMethod = SBXMLSec.Unit.xdmSHA256;
                    Ref.URINode = Doc.DocumentElement;
                    Ref.URI = "";
                    Ref.TransformChain.Add(new SBXMLTransform.TElXMLEnvelopedSignatureTransform());


                    Signer.References.Add(Ref);

                    Signer.UpdateReferencesDigest();
                    Signer.GenerateSignatureAsync();
                    TElXMLDOMNode SigNode = Doc.DocumentElement;

                    State = Signer.InitiateAsyncSign(ref SigNode);
              

                }
                finally
                {
                    Signer.Dispose();

                }
                using (FileStream F = new FileStream(TempFileName, FileMode.Create, FileAccess.ReadWrite))
                {
                    Doc.SaveToStream(F, SBXMLDefs.Unit.xcmNone, "");
                }
            }
            output = new MemoryStream();
            State.SaveToStream(output, SBDCXMLEnc.__Global.DCXMLEncoding());
        }
#21833
Posted: 10/04/2012 12:24:00
by Vsevolod Ievgiienko (EldoS Corp.)

You are missing TElXMLSigner.CompleteAsyncSign that should be called to finalize the process.
#21834
Posted: 10/04/2012 12:27:13
by Hans Altaner (Basic support level)
Joined: 10/04/2012
Posts: 9

I can give a more complete example, please. I'm learning recently
#21836
Posted: 10/04/2012 14:12:48
by Hans Altaner (Basic support level)
Joined: 10/04/2012
Posts: 9

I get the following error "500 - Pre-signed Signature Element not found".
Code
PRESIGNER.CS
Code
        protected virtual void Page_Load(object sender, EventArgs e)
        {
            SBUtils.Unit.SetLicenseKey("AF47...A57A");

            string signedFile = Server.MapPath("../Data/" + Session.SessionID + ".tmp");
            string preSignedFile = Server.MapPath("../Data/" + Session.SessionID + "pre.tmp");
            Cache[Session.SessionID] = signedFile;
            File.Copy(Server.MapPath("../Data/sample.xml"), signedFile, true);

            TElDCAsyncState state;

            TElXMLDOMDocument doc = new TElXMLDOMDocument();
            //TElPDFPublicKeySecurityHandler handler = new TElPDFPublicKeySecurityHandler();

            TElXMLSigner signer = new TElXMLSigner();
            FileStream input = new FileStream(signedFile, FileMode.Open, FileAccess.ReadWrite);
            try
            {
                doc.LoadFromStream(input);

                signer.SignatureType = SBXMLSec.Unit.xstEnveloped;
                signer.SignatureMethodType = SBXMLSec.Unit.xmtSig;

                signer.SignatureMethod = SBXMLSec.Unit.xsmRSA_SHA256;

                signer.IncludeKey = false;

                TElXMLReference refr = new TElXMLReference();
                refr.DigestMethod = SBXMLSec.Unit.xdmSHA256;
                refr.URINode = doc.DocumentElement;
                refr.URI = "";
                refr.TransformChain.Add(new SBXMLTransform.TElXMLEnvelopedSignatureTransform());


                signer.References.Add(refr);

                signer.UpdateReferencesDigest();
                signer.GenerateSignatureAsync();
                TElXMLDOMNode sigNode = doc.DocumentElement;

                state = signer.InitiateAsyncSign(ref sigNode);

                using (FileStream F = new FileStream(preSignedFile, FileMode.Create, FileAccess.ReadWrite))
                {
                    doc.SaveToStream(F, SBXMLDefs.Unit.xcmNone, "");
                }

                //state = doc.InitiateAsyncOperation();
            }
            finally
            {
                input.Close();
            }

            output = new MemoryStream();
            state.SaveToStream(output, SBDCXMLEnc.__Global.DCXMLEncoding());
        }

RESULT.ASPX
Code
protected void FinishSigning(ref String fileName, byte[] signature)
        {
            TElDCAsyncState state = new TElDCAsyncState();
            MemoryStream input = new MemoryStream(signature);
            state.LoadFromStream(input, SBDCXMLEnc.__Global.DCXMLEncoding());
            TElXMLDOMDocument doc = new TElXMLDOMDocument();
            TElXMLSigner handler = new TElXMLSigner();

            //TElPDFDocument doc = new TElPDFDocument();
            //TElPDFPublicKeySecurityHandler handler = new TElPDFPublicKeySecurityHandler();
            //handler.SignatureType = TSBPDFPublicKeySignatureType.pstPKCS7SHA1;

            FileStream file = new FileStream(fileName, FileMode.Open, FileAccess.ReadWrite);
            try
            {
                //doc.CompleteAsyncOperation(file, state, handler);
                handler.CompleteAsyncSign(doc, state);
                doc.SaveToStream(file, SBXMLDefs.Unit.xcmNone, "");
            }
            finally
            {
                file.Close();
            }

            File.Move(fileName, Path.ChangeExtension(fileName, ".xml"));
            fileName = Path.ChangeExtension(fileName, ".xml");
        }

RESULT.ASPX
protected void FinishSigning(ref String fileName, byte[] signature)
{
TElDCAsyncState state = new TElDCAsyncState();
MemoryStream input = new MemoryStream(signature);
state.LoadFromStream(input, SBDCXMLEnc.__Global.DCXMLEncoding());
TElXMLDOMDocument doc = new TElXMLDOMDocument();
TElXMLSigner handler = new TElXMLSigner();


FileStream file = new FileStream(fileName, FileMode.Open, FileAccess.ReadWrite);
try
{
//doc.CompleteAsyncOperation(file, state, handler);
handler.CompleteAsyncSign(doc, state);
doc.SaveToStream(file, SBXMLDefs.Unit.xcmNone, "");
}
finally
{
file.Close();
}

File.Move(fileName, Path.ChangeExtension(fileName, ".xml"));
fileName = Path.ChangeExtension(fileName, ".xml");
}
[code]

That may be missing?
#21837
Posted: 10/04/2012 14:18:42
by Dmytro Bogatskyy (EldoS Corp.)

Quote
That may be missing?

The code above is missing doc.LoadFromStream call

Please check the following sample:
https://www.eldos.com/forum/read.php?F...ssage20153
Also by EldoS: Solid File System
A virtual file system that offers a feature-rich storage for application documents and data with built-in compression and encryption.

Reply

Statistics

Topic viewed 2103 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!