def start():
"""
This method is called asynchronously via AJAX by the batch signature page
for each document being signed. It receives the ID of the document and
initiates a PAdES signature using PKI Express and returns a JSON with the
data needed in the next signature steps (see batch-signature-form.js).
"""
# Recover variables from the POST arguments to be used in this step.
file_id = request.form['id']
cert_content = request.form['certContent']
# Get an instance of the PadesSignatureStarter, responsible for receiving
# the signature elements and start the signature process.
signature_starter = PadesSignatureStarter()
# Set PKI default options (see utils.py).
set_pki_defaults(signature_starter)
# Set signature policy.
signature_starter.signature_policy = \
standard_signature_policies.PADES_BASIC_WITH_LTV
# Set PDF to be signed based on its ID.
signature_starter.set_pdf_to_sign_from_path(
get_sample_batch_doc_path(file_id))
# Set Base64-encoded certificate's content to signature starter.
signature_starter.set_certificate_from_base64(cert_content)
# Set a file reference for the stamp file. Note that this file can be
# referenced later by "fref://{alias}" at the "url" field on the visual
# representation (see static/vr.json or get_visual_representation()
# method).
signature_starter.add_file_reference('stamp', get_pdf_stamp_path())
# Set the visual representation. We provided a dictionary that
# represents the visual representation JSON model.
signature_starter.set_visual_representation(get_visual_representation())
# Start the signature process. Receive as response the following fields:
# - to_sign_hash: The hash to be signed.
# - digest_algorithm: The digest algorithm that will inform the Web PKI
# component to compute the signature.
# - transfer_file: A temporary file to be passed to "complete" step.
response = signature_starter.start()
return jsonify(response)
def start(file_id=None):
"""
This function is called asynchonously via AJAX by the batch signature page
for each document being signed. It receives the ID of the document and
initiates a CAdES signature using REST PKI and returns a JSON with the
token, which identifies this signature process, to be used in the next
signature steps (see batch-signature-form.js).
"""
# Get an instantiate of the CadesSignatureStarter class, responsible for
# receiving the signature elements and start the signature process.
signature_starter = CadesSignatureStarter(get_restpki_client())
# Set the document to be signed based on its ID.
signature_starter.set_file_to_sign_path(get_sample_batch_doc_path(file_id))
# Set the signature policy.
signature_starter.signature_policy = \
StandardSignaturePolicies.PKI_BRAZIL_CADES_ADR_BASICA
# Set a security context. We have encapsulated the security context
# choice on util.py.
signature_starter.security_context = get_security_context_id()
# Optionally, set whether the content should be encapsulated in the
# resulting CMS. If this parameter is ommitted, the following rules
# apply:
# - If no CmsToCoSign is given, the resulting CMS will include the
# content.
# - If a CmsToCoSign is given, the resulting CMS will include the
# content if and only if the CmsToCoSign also includes the content.
#
signature_starter.encapsulate_content = True
# Call the start_with_webpki() method, which initiates the signature.
# This yields the token, a 43-character case-sensitive URL-safe string,
# which identifies this signature process. We'll use this value to call
# the signWithRestPki() method on the Web PKI component (see
# signature-form.js) and also to complete the signature after
# the form is submitted (see method action()). This should not be
# mistaken with the API access token.
result = signature_starter.start_with_webpki()
# Return a JSON with the token obtained from REST PKI (the page will use
# jQuery to decode this value).
return jsonify(result.token)
def start():
"""
This method is called asynchronously via AJAX by the batch signature page
for each document being signed. It initiates a CAdES signature using
PKI Express and returns a JSON with the values to be used in the next
signature steps (see batch-signature-form.js).
"""
# Recover variables from the POST arguments to be used in this step.
file_id = request.form['id']
cert_content = request.form['certContent']
# Get an instance of the CadesSignatureStarter class, responsible for
# receiving the signature elements and start the signature process.
signature_starter = CadesSignatureStarter()
# Set PKI default options (see utils.py).
set_pki_defaults(signature_starter)
# Set signature policy.
signature_starter.signature_policy = \
standard_signature_policies.PKI_BRAZIL_CADES_ADR_BASICA
# Set file to be signed based on its ID.
signature_starter.set_file_to_sign_from_path(
get_sample_batch_doc_path(file_id))
# Set Base64-encoded certificate's content to signature starter.
signature_starter.set_certificate_from_base64(cert_content)
# Set 'encapsulated content' option (default: True).
signature_starter.encapsulated_content = True
# Start the signature process. Receive as response the following fields:
# - to_sign_hash: The hash to be signed.
# - digest_algorithm: The digest algorithm that will inform the Web PKI
# component to compute the signature.
# - transfer_file: A temporary file to be passed to "complete" step.
response = signature_starter.start()
return jsonify(response)
def complete():
"""
This method is called asynchronously via AJAX by the batch signature page
for each document being signed. It completes the CAdES signature using
PKI Express and returns a JSON with the saved filename so that the page can
render a link to it.
"""
# Recover variables from the POST arguments to be used on this step.
file_id = request.form['id']
transfer_file = request.form['transferFile']
signature = request.form['signature']
# Get an instance of the SignatureFinisher class, responsible for completing
# the signature process.
signature_finisher = SignatureFinisher()
# Set PKI default options (see utils.py).
set_pki_defaults(signature_finisher)
# Set the file to be signed. It's the same file we use don "start" method.
signature_finisher.set_file_to_sign_from_path(
get_sample_batch_doc_path(file_id))
# Set the transfer file.
signature_finisher.set_transfer_file_from_path(transfer_file)
# Set the signature file.
signature_finisher.signature = signature
# Generate path for output file and add to the signature finisher.
create_app_data() # Guarantees that "app data" folder exists.
filename = '%s.p7s' % (str(uuid.uuid4()))
signature_finisher.output_file = \
os.path.join(current_app.config['APPDATA_FOLDER'], filename)
# Complete the signature process.
signature_finisher.complete()
return jsonify(filename)