Need to create a digital signed excel file and then validate the signature when uploaded in C#.
On its own, the SpreadsheetDocument.AddDigitalSignatureOriginPart() method does not secure an Excel file. The same is true for the corresponding methods of the WordprocessingDocument and PresentationDocument classes. Those methods only add an empty DigitalSignatureOriginPart that serves as the origin of one or more XmlSignaturePart instances, each of which contains a ds:Signature element based on the W3C Recommendation XML Signature Syntax and Processing Version 1.1 (XMLDSIG).
To secure an Excel file, or any file based on the Open Packaging Conventions (OPC), the most straightforward approach is to use the PackageDigitalSignatureManager class, which is contained in the System.IO.Packaging namespace as provided by the WindowsBase.dll assembly. Thus, if you are targeting the full .NET Framework (e.g., net471), you can use it. However, if you are targeting .Net Core, you need to implement that functionality yourself.
The following code example shows how you can use the PackageDigitalSignatureManager class:
using System;
using System.Collections.Generic;
using System.IO.Packaging;
using System.Linq;
namespace CodeSnippets.Windows.IO.Packaging
{
public static class DigitalSignatureManager
{
public static void Sign(Package package)
{
var dsm = new PackageDigitalSignatureManager(package)
{
CertificateOption = CertificateEmbeddingOption.InSignaturePart
};
List<Uri> parts = package.GetParts()
.Select(part => part.Uri)
.Concat(new[]
{
// Include the DigitalSignatureOriginPart and corresponding
// relationship part, since those will only be added when
// signing.
dsm.SignatureOrigin,
PackUriHelper.GetRelationshipPartUri(dsm.SignatureOrigin)
})
.ToList();
dsm.Sign(parts);
}
public static VerifyResult VerifySignature(Package package)
{
var dsm = new PackageDigitalSignatureManager(package);
return dsm.VerifySignatures(true);
}
}
}
In case you need to implement that functionality yourself, it helps to make yourself familiar with a number of sources:
The Digital Signing Framework of the Open Packaging Conventions
How to: Sign XML Documents with Digital Signatures
System.Security.Cryptography.Xml Namespace
Based on those sources, I created a partial sample implementation that works with .Net Core. The following snippet shows the void Sign(OpenXmlPackage, X509Certificate2) method that takes an OpenXmlPackage and an X509Certificate2 and creates a valid signature:
public static void Sign(OpenXmlPackage openXmlPackage, X509Certificate2 certificate)
{
if (openXmlPackage == null) throw new ArgumentNullException(nameof(openXmlPackage));
if (certificate == null) throw new ArgumentNullException(nameof(certificate));
RSA privateKey = certificate.GetRSAPrivateKey();
using SHA256 hashAlgorithm = SHA256.Create();
// Create KeyInfo.
var keyInfo = new KeyInfo();
keyInfo.AddClause(new KeyInfoX509Data(certificate));
// Create a Signature XmlElement.
var signedXml = new SignedXml { SigningKey = privateKey, KeyInfo = keyInfo };
signedXml.Signature.Id = Constants.PackageSignatureId;
signedXml.SignedInfo.SignatureMethod = Constants.SignatureMethod;
signedXml.AddReference(CreatePackageObjectReference());
signedXml.AddObject(CreatePackageObject(openXmlPackage.Package, hashAlgorithm));
signedXml.ComputeSignature();
XmlElement signature = signedXml.GetXml();
// Get or create the DigitalSignatureOriginPart.
DigitalSignatureOriginPart dsOriginPart =
openXmlPackage.GetPartsOfType<DigitalSignatureOriginPart>().FirstOrDefault() ??
openXmlPackage.AddNewPart<DigitalSignatureOriginPart>();
var xmlSignaturePart = dsOriginPart.AddNewPart<XmlSignaturePart>();
// Write the Signature XmlElement to the XmlSignaturePart.
using Stream stream = xmlSignaturePart.GetStream(FileMode.Create, FileAccess.Write);
using XmlWriter writer = XmlWriter.Create(stream);
signature.WriteTo(writer);
}
The full source code of the above void Sign(OpenXmlPackage, X509Certificate2) method can be found in my CodeSnippets GitHub repository. Look for the DigitalSignatureManager class in the CodeSnippets project.
Related
I have a dinky little web service written in Entity Framework Core that returns a list of coils that have been, are being or will be annealed. I don't care about the ones that have been annealed. How do I put filter out the finished ones?
The Inventory table includes a column archived. I want to query for those rows for which the archived column contains zero. How do I do that?
The query is being performed in an extension method on the IEndpointRouteBuilder interface:
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Routing;
using Microsoft.Extensions.DependencyInjection;
using System.Collections.Generic;
using System.Text.Json;
using CAPSWebServer.CapsDataModels;
namespace Microsoft.AspNetCore.Builder
{
public static class CAPSServiceEndpoint
{
public static void MapWebService(this IEndpointRouteBuilder app)
{
app.MapGet("caps/coils", async context =>
{
CapsDataContext data = context.RequestServices.GetService<CapsDataContext>();
var coils = data.Inventories;
context.Response.ContentType = "application/json";
await context.Response.WriteAsync(JsonSerializer.Serialize<IEnumerable<Inventory>>(data.Inventories));
});
}
}
}
Assuming archived is a bool, you should be able to do:
await data.Inventories.Where(inventory => !inventory.Archived).ToListAsync();.
You'll most likely need a using for System.Linq and Microsoft.EntityFrameworkCore
I am recording the application through Wiremock using JAVA DSL, Do we have the option to customize the mapping file names? instead of getting the filename which is generated from wiremock..
Example: searchpanel_arrivalairport_th-72f9b8b7-076f-4102-b6a8-aa38710fde1b.json (Generated form wiremock using java )
I am expecting the above file name with my desired naming convention like
seacrpanel_airport_LGW.json
Custom filenames can be added by customizing StubMappingJsonRecorder.
I added CustomStubMappingJsonRecorder and override writeToMappingAndBodyFile method.
if(fileName!=null && !fileName.equals("")){
mappingFileName=fileName+"-mapping.json";
bodyFileName=fileName+"-body.json";
}else {
mappingFileName = UniqueFilenameGenerator.generate(request.getUrl(),
"mapping", filed);
bodyFileName = UniqueFilenameGenerator.generate(request.getUrl(), "body",
fileId, ContentTypes.determineFileExtension(request.getUrl(),
response.getHeaders().getContentTypeHeader(), body));
}
There's no easy way to do this at the moment. It is however possible. As #santhiya-ps says you need to write your own implementation of RequestListener, probably using StubMappingJsonRecorder as a template.
You can't extend it and override writeToMappingAndBodyFile as that method is private, but that is the method you probably want to change.
import com.github.tomakehurst.wiremock.common.*;
import com.github.tomakehurst.wiremock.core.*;
import com.github.tomakehurst.wiremock.http.*;
import java.util.List;
import static com.github.tomakehurst.wiremock.core.WireMockApp.*;
class NameTemplateStubMappingJsonRecorder implements RequestListener {
private final FileSource mappingsFileSource;
private final FileSource filesFileSource;
private final Admin admin;
private final List<CaseInsensitiveKey> headersToMatch;
private final IdGenerator idGenerator = new VeryShortIdGenerator();
public NameTemplateStubMappingJsonRecorder(Admin admin) {
this.mappingsFileSource = admin.getOptions().filesRoot().child(MAPPINGS_ROOT);
this.filesFileSource = admin.getOptions().filesRoot().child(FILES_ROOT);
this.admin = admin;
this.headersToMatch = admin.getOptions().matchingHeaders();
}
#Override
public void requestReceived(Request request, Response response) {
// TODO copy StubMappingJsonRecorder changing as required...
}
}
You can then register your RequestListener as so:
WireMockServer wireMockServer = new WireMockServer();
wireMockServer.addMockServiceRequestListener(
new NameTemplateStubMappingJsonRecorder(wireMockServer)
);
wireMockServer.start();
So long as you still store the mapping files in the expected directory (stored in FileSource mappingsFileSource above, which will be ${rootDir}/mappings, where rootDir is configured as explained in Configuration - File Locations) they should be loaded successfully as all files with extension json in that dir are loaded as mappings.
It would be much easier if StubMappingJsonRecorder took a strategy for generating these names - it might be worth creating an issue on the WireMock repo asking for an easier way to do this. I'd suggest getting an agreement on a basic design before raising a PR though.
My application is a restful api and its integrated with Swagger and OpenAPI.
I have generated all Java stubs using OpenAPI YAML file and everything is working fine.
But when i try o drill down model objects on Swagger then it cannot locate some of objects although there are part of project as project compiles fine.
As shown in below screenshot, drilldown fails to locate COnfiguration object.
Any ideas on how to resolve this.
Edit:
I have a restful webservice and i generate all the java stubs [Data transfer objects] from a YAML file using openapi-generator plugin. This plugin automatically generates a class OpenAPIDocumentationConfig and following are the details of the class. After this setup, models are automatically generated in Swagger UI.
Also want to add that I am using OpenAPI 3.0 but i need to split Object definitions into multiple files. So i am referring to them using definitions as i don't believe component schemas can be split into multiple files.
#Configuration
#EnableSwagger2
public class OpenAPIDocumentationConfig {
ApiInfo apiInfo() {
return new ApiInfoBuilder()
.title("ABC Service")
.description("ABC Service")
.license("")
.licenseUrl("http://unlicense.org")
.termsOfServiceUrl("")
.version("1.0.0")
.contact(new Contact("","", "xyz#abc.com"))
.build();
}
#Bean
public Docket customImplementation(ServletContext servletContext, #Value("${openapi.studioVALService.base-path:}") String basePath) {
return new Docket(DocumentationType.SWAGGER_2)
.select()
.apis(RequestHandlerSelectors.basePackage("com.x.y.z"))
.build()
.pathProvider(new BasePathAwareRelativePathProvider(servletContext, basePath))
.directModelSubstitute(java.time.LocalDate.class, java.sql.Date.class)
.directModelSubstitute(java.time.OffsetDateTime.class, java.util.Date.class)
.apiInfo(apiInfo());
}
class BasePathAwareRelativePathProvider extends RelativePathProvider {
private String basePath;
public BasePathAwareRelativePathProvider(ServletContext servletContext, String basePath) {
super(servletContext);
this.basePath = basePath;
}
#Override
protected String applicationPath() {
return Paths.removeAdjacentForwardSlashes(UriComponentsBuilder.fromPath(super.applicationPath()).path(basePath).build().toString());
}
#Override
public String getOperationPath(String operationPath) {
UriComponentsBuilder uriComponentsBuilder = UriComponentsBuilder.fromPath("/");
return Paths.removeAdjacentForwardSlashes(
uriComponentsBuilder.path(operationPath.replaceFirst("^" + basePath, "")).build().toString());
}
}
}
EDIT 2:
I moved all definitions to components and schemas but they are still split in multiple files and are referring to components across files but still i get the same error.
If you are using OpenAPI 3 you should put schemas that you want to reuse inside components. To refeer to it you must use refs like:
$ref: "#/components/schemas/EquityOptionConfigurationDO"
How can I make a deep copy of an object graph that has been loaded by Entity Framework Code First with proxies enabled?
I'm using code like this:
static public T DeepCopy<T>(T obj)
{
BinaryFormatter s = new BinaryFormatter();
using (MemoryStream ms = new MemoryStream())
{
s.Serialize(ms, obj);
ms.Position = 0;
T t = (T)s.Deserialize(ms);
return t;
}
}
However, the serializer complains correctly that the proxy types are not known types.
UPDATE
Using DataContractSerializer with ProxyContractResolver does not work because my class is decorated with DataContract(IsReference = true).
See
Serialize EF Proxy when POCO has IsReference = true Attribute
I need a Win client for Amazon S3 that utilizes SOAP protocol for all transactions. As far as I see most solutions are REST based rather than SOAP. Any ideas?
EDIT:
Just want to clarify: please do not suggest using REST instead. I am perfectly aware of what can or cannot be done with either protocol. So if I ask for this specific solution, there is a reason for that.
What I need is a working software for Win platform that utilizes SOAP for Amazon S3, not suggestions how to do my job. Thank you.
Start Visual Studio 2008, create a new C# Windows console application.
Add the S3 WSDL as a service reference. In Solution Explorer, right click References, select Add Service Reference. Type in the S3 WSDL address in the Address box: http://s3.amazonaws.com/doc/2006-03-01/AmazonS3.wsdl. Click Go. "AmazonS3" should show in the Services box. Enter a namespace. I entered Amazon.S3. Click OK.
Modify Program.cs to look something like the following:
using System;
using System.Globalization;
using System.Text;
using System.Security.Cryptography;
using ConsoleApplication1.Amazon.S3;
namespace ConsoleApplication1 {
class Program {
private const string accessKeyId = "YOURACCESSKEYIDHERE0";
private const string secretAccessKey = "YOURSECRETACCESSKEYHEREANDYESITSTHATLONG";
public static DateTime LocalNow() {
DateTime now = DateTime.Now;
return new DateTime(now.Year, now.Month, now.Day, now.Hour, now.Minute, now.Second, now.Millisecond, DateTimeKind.Local);
}
public static string SignRequest(string secret, string operation, DateTime timestamp) {
HMACSHA1 hmac = new HMACSHA1(Encoding.UTF8.GetBytes(secret));
string isoTimeStamp = timestamp.ToUniversalTime().ToString("yyyy-MM-ddTHH:mm:ss.fffZ", CultureInfo.InvariantCulture);
string signMe = "AmazonS3" + operation + isoTimeStamp;
string signature = Convert.ToBase64String(hmac.ComputeHash(Encoding.UTF8.GetBytes(signMe)));
return signature;
}
static void Main(string[] args) {
DateTime now = LocalNow();
AmazonS3Client client = new AmazonS3Client();
var result = client.ListAllMyBuckets(
accessKeyId,
now,
SignRequest(secretAccessKey, "ListAllMyBuckets", now));
foreach (var bucket in result.Buckets) {
Console.WriteLine(bucket.Name);
}
}
}
}
If you now insert your access key ID and secret access key in the appropriate spots and run the program, you should get a listing of your S3 buckets.
The AmazonS3Client class has all the SOAP operations available as instance methods on it.
The Amazon website carries an older (VS2005 + WSE) C#/SOAP sample at http://developer.amazonwebservices.com/connect/entry.jspa?externalID=129&categoryID=47.
EDIT: posted a visual studio solution at http://flyingpies.wordpress.com/2009/08/04/the-shortest-ever-s3-csoapwcf-client/.