DocuSign：签名库 v3.0.0

Question

我正在为我们的演示产品评估 DocuSign。我在 ASP.Net MVC 项目中使用您的 RestApi 库创建了一个演示，并且工作正常。

我在我们的项目中使用了相同的代码，但代码崩溃并出现“无法加载程序集或引用”错误。经过大量的研发，我发现问题是因为DocuSign v3.0.0提供的库没有签名。

作为替代方案，我开始使用 v2.0.0，它是 DocuSign 提供的签名库。现在问题已解决，但现在尝试在信封中添加配置标头时出现异常“已添加具有相同密钥的项目”。我附上了代码示例供您参考。

    public void Main()
    {
        AccountID = DocLogin();
        EnvelopeID = CreateSendEnvelope(AccountID);

        // if (!string.IsNullOrEmpty(EnvelopeID))
            // EmbeddedSigning(AccountID, EnvelopeID);
    }

    private string DocLogin()
    {
        string accountId = null;
        try
        {
            ApiClient apiClient = new ApiClient("https://demo.docusign.net/restapi");
            Configuration cfi = new Configuration(apiClient);
            // configure 'X-DocuSign-Authentication' header
            string authHeader = "{\"Username\":\"" + username + "\", \"Password\":\"" + password + "\", \"IntegratorKey\":\"" + integratorKey + "\"}";
            cfi.AddDefaultHeader("X-DocuSign-Authentication", authHeader);
            // we will retrieve this from the login API call
            AuthenticationApi authApi = new AuthenticationApi(cfi);
            LoginInformation loginInfo = authApi.Login();
            accountId = loginInfo.LoginAccounts[0].AccountId;
        }
        catch (Exception ex)
        {
            string inner = ex.Message;
        }

        return accountId;
    }

    private string CreateSendEnvelope(string accountID)
    {
        string pdfPath = Server.MapPath("~/Documents/Document.docx");

        if (!string.IsNullOrEmpty(accountID))
        {
            if (System.IO.File.Exists(pdfPath))
            {
                byte[] fileBytes = System.IO.File.ReadAllBytes(pdfPath);
                EnvelopeDefinition envDef = new EnvelopeDefinition();
                envDef.EmailSubject = "[DocuSign C# SDK] - Please sign this doc";

                Document doc = new Document();
                doc.DocumentBase64 = System.Convert.ToBase64String(fileBytes);
                doc.Name = "Document.docx";
                doc.DocumentId = "1";
                doc.FileExtension = "docx";

                envDef.Documents = new List<Document>();
                envDef.Documents.Add(doc);

                Signer signer = new Signer();
                signer.Email = userEmail;
                signer.Name = userDisplayName;
                signer.RecipientId = "1";
                signer.ClientUserId = "1001";
                signer.Tabs = new Tabs();

                signer.Tabs.SignHereTabs = new List<SignHere>();
                SignHere signHere = new SignHere();
                signHere.DocumentId = "1";
                signHere.PageNumber = "1";
                signHere.RecipientId = "1";
                signHere.XPosition = "90";
                signHere.YPosition = "452";

                signer.Tabs.SignHereTabs.Add(signHere);
                envDef.Recipients = new Recipients();
                envDef.Recipients.Signers = new List<Signer>();
                envDef.Recipients.Signers.Add(signer);

                // set envelope status to "sent" to immediately send the signature request 
                envDef.Status = "sent";

                // |EnvelopesApi| contains methods related to creating and sending Envelopes (aka signature requests) 
                EnvelopesApi envelopesApi = new EnvelopesApi();

                string authHeader = "{\"Username\":\"" + username + "\", \"Password\":\"" + password + "\", \"IntegratorKey\":\"" + integratorKey + "\"}";
                envelopesApi.Configuration.AddDefaultHeader("X-DocuSign-Authentication", authHeader);

                EnvelopeSummary envelopeSummary = envelopesApi.CreateEnvelope(accountID, envDef);
                return envelopeSummary.EnvelopeId;
            }
        }

        return string.Empty;
    }

Answer 1

我不知道 v3.0.0，但我刚刚检查了 Nuget DocuSign 包 v3.0.1 并且它已签名。请参阅下面的输出：

nuget install DocuSign.eSign.dll
(v3.0.1 installed)

cd .\DocuSign.eSign.dll.3.0.1

nuget verify -Signatures .\DocuSign.eSign.dll.3.0.1.nupkg

Verifying DocuSign.eSign.dll.3.0.1
C:\Users\larry.kluger\DocuSign.eSign.dll.3.0.1\.\DocuSign.eSign.dll.3.0.1.nupkg

Signature Hash Algorithm: SHA256
Signature type: Repository
nuget-v3-service-index-url: https://api.nuget.org/v3/index.json
nuget-package-owners: DocuSign
Verifying the repository primary signature with certificate:
  Subject Name: CN=NuGet.org Repository by Microsoft, O=NuGet.org Repository by Microsoft, L=Redmond, S=Washington, C=US
  SHA1 hash: 8FB6D7FCF7AD49EB774446EFE778B33365BB7BFB
  SHA256 hash: 0E5F38F57DC1BCC806D8494F4F90FBCEDD988B46760709CBEEC6F4219AA6157D
  Issued by: CN=DigiCert SHA2 Assured ID Code Signing CA, OU=www.digicert.com, O=DigiCert Inc, C=US
  Valid from: 4/10/2018 3:00:00 AM to 4/14/2021 3:00:00 PM

Timestamp: 8/17/2018 2:30:20 AM

Verifying repository primary signature's timestamp with timestamping service certificate:
  Subject Name: CN=Symantec SHA256 TimeStamping Signer - G2, OU=Symantec Trust Network, O=Symantec Corporation, C=US
  SHA1 hash: 625AEC3AE4EDA1D169C4EE909E85B3BBC61076D3
  SHA256 hash: CF7AC17AD047ECD5FDC36822031B12D4EF078B6F2B4C5E6BA41F8FF2CF4BAD67
  Issued by: CN=Symantec SHA256 TimeStamping CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US
  Valid from: 1/2/2017 2:00:00 AM to 4/2/2028 2:59:59 AM


Successfully verified package 'DocuSign.eSign.dll.3.0.1'.

添加

OP 评论说他在询问 SDK 是 Strong Named.

1. 我已提交 DocuSign 内部增强请求 DCM-2784。 请联系您的 DocuSign 客户服务联系人以获取 您的姓名和公司信息已添加到票证中。
2. 似乎有解决此问题的方法。见SO question
3. Pedro Lamas 认为开发人员不应该使用强名称库 anymore.