From 387559401bebb946dac1a122be4dcbc072f6ea0b Mon Sep 17 00:00:00 2001 From: ferbas Date: Fri, 13 Nov 2009 12:46:41 +0000 Subject: baik support: timestamp, ognl git-svn-id: https://joinup.ec.europa.eu/svn/pdf-as/trunk@396 7b5415b0-85f9-ee4d-85bd-d5d0c3b42d1c --- .../impl/signator/binary/BinarySignator_1_0_0.java | 116 ++++++++++++++++----- 1 file changed, 90 insertions(+), 26 deletions(-) (limited to 'src/main/java/at/gv') diff --git a/src/main/java/at/gv/egiz/pdfas/impl/signator/binary/BinarySignator_1_0_0.java b/src/main/java/at/gv/egiz/pdfas/impl/signator/binary/BinarySignator_1_0_0.java index 8be121a..a6fa1c3 100644 --- a/src/main/java/at/gv/egiz/pdfas/impl/signator/binary/BinarySignator_1_0_0.java +++ b/src/main/java/at/gv/egiz/pdfas/impl/signator/binary/BinarySignator_1_0_0.java @@ -17,24 +17,19 @@ */ package at.gv.egiz.pdfas.impl.signator.binary; -import iaik.pkcs.pkcs12.CertificateBag; - -import java.io.FileOutputStream; import java.io.IOException; import java.io.InputStream; import java.io.OutputStream; import java.io.UnsupportedEncodingException; -import java.security.cert.Certificate; import java.util.ArrayList; import java.util.HashMap; import java.util.Iterator; import java.util.List; -import org.apache.commons.codec.binary.Base64; -import org.apache.commons.httpclient.methods.ByteArrayRequestEntity; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; +import at.gv.egiz.pdfas.api.timestamp.TimeStamper; import at.gv.egiz.pdfas.exceptions.ErrorCode; import at.gv.egiz.pdfas.exceptions.framework.SignatorException; import at.gv.egiz.pdfas.framework.input.DataSource; @@ -44,8 +39,10 @@ import at.gv.egiz.pdfas.framework.signator.Signator; import at.gv.egiz.pdfas.framework.signator.SignatorInformation; import at.gv.egiz.pdfas.impl.input.CompoundPdfDataSourceImpl; import at.gv.egiz.pdfas.impl.signator.IncrementalUpdateHelper; +import at.gv.egiz.pdfas.utils.OgnlUtil; import at.knowcenter.wag.egov.egiz.PdfAS; import at.knowcenter.wag.egov.egiz.PdfASID; +import at.knowcenter.wag.egov.egiz.cfg.SettingsReader; import at.knowcenter.wag.egov.egiz.exceptions.PDFDocumentException; import at.knowcenter.wag.egov.egiz.exceptions.PresentableException; import at.knowcenter.wag.egov.egiz.framework.SignatorFactory; @@ -60,20 +57,10 @@ import at.knowcenter.wag.egov.egiz.sig.SignatureDataImpl; import at.knowcenter.wag.egov.egiz.sig.SignatureFieldDefinition; import at.knowcenter.wag.egov.egiz.sig.SignatureObject; import at.knowcenter.wag.egov.egiz.sig.SignatureTypes; -import at.knowcenter.wag.egov.egiz.sig.connectors.bku.SignSignatureObjectHelper; -import at.knowcenter.wag.egov.egiz.sig.connectors.moa.MOAHelper; import at.knowcenter.wag.egov.egiz.sig.signatureobject.SignatureObjectHelper; import at.knowcenter.wag.exactparser.ByteArrayUtils; -import com.lowagie.text.DocumentException; -import com.lowagie.text.pdf.PdfDictionary; -import com.lowagie.text.pdf.PdfName; -import com.lowagie.text.pdf.PdfPKCS7; import com.lowagie.text.pdf.PdfPTable; -import com.lowagie.text.pdf.PdfReader; -import com.lowagie.text.pdf.PdfSignatureAppearance; -import com.lowagie.text.pdf.PdfStamper; -import com.lowagie.text.pdf.PdfString; /** * Signs the document binary. @@ -97,6 +84,11 @@ public class BinarySignator_1_0_0 implements Signator private static Log log = LogFactory.getLog(BinarySignator_1_0_0.class); + /** + * Settings key for baik enables signatures + */ + public static final String SIG_BAIK_ENABLED = "SIG_BAIK_ENABLED"; + /** * The Pdf-AS ID of this Signator. */ @@ -119,18 +111,24 @@ public class BinarySignator_1_0_0 implements Signator } /** - * @see at.gv.egiz.pdfas.framework.signator.Signator#prepareSign(at.gv.egiz.pdfas.framework.input.PdfDataSource, - * java.lang.String, at.knowcenter.wag.egov.egiz.pdf.TablePos, boolean) + * @see at.gv.egiz.pdfas.framework.signator.Signator#prepareSign(PdfDataSource, String, TablePos, TimeStamper) */ - public SignatorInformation prepareSign(PdfDataSource pdfDataSource, String profile, TablePos pos) throws SignatorException + public SignatorInformation prepareSign(PdfDataSource pdfDataSource, String profile, TablePos pos, TimeStamper timeStamper) throws SignatorException { try { // dferbas: has to be true everytime - boolean has_SIG_ID = true; + boolean has_SIG_ID = true; + + String baikStr = SettingsReader.getInstance().getSetting("sig_obj." +profile+".key."+SIG_BAIK_ENABLED, "default."+SIG_BAIK_ENABLED, "false"); + boolean baikEnabled = "true".equalsIgnoreCase(baikStr); + + if (baikEnabled) { + log.debug("found baik enabled signature"); + } SignatureObject signature_object = PdfAS.createSignatureObjectFromType(profile); - signature_object.fillValues((char) BinarySignature.LAYOUT_PLACEHOLDER, has_SIG_ID); + signature_object.fillValues((char) BinarySignature.LAYOUT_PLACEHOLDER, has_SIG_ID, baikEnabled); signature_object.setKZ(getMyId()); @@ -149,6 +147,11 @@ public class BinarySignator_1_0_0 implements Signator { continue; } + + if (sfd.field_name.equals(SignatureTypes.SIG_ALG) && baikEnabled == false) { + continue; + } + variable_field_definitions.add(sfd); } } @@ -170,10 +173,14 @@ public class BinarySignator_1_0_0 implements Signator { continue; } + + if (sfd.field_name.equals(SignatureTypes.SIG_ALG) && baikEnabled == false) { + continue; + } invisible_field_definitions.add(sfd); } - IncrementalUpdateInformation iui = IncrementalUpdateHelper.writeIncrementalUpdate(pdfDataSource, pdf_table, profile, pi, variable_field_definitions, all_field_definitions, invisible_field_definitions, invKZString); + IncrementalUpdateInformation iui = IncrementalUpdateHelper.writeIncrementalUpdate(pdfDataSource, pdf_table, profile, pi, variable_field_definitions, all_field_definitions, invisible_field_definitions, invKZString, timeStamper); iui.invisible_field_definitions = invisible_field_definitions; iui.invisibleKZString = invKZString; @@ -259,13 +266,53 @@ public class BinarySignator_1_0_0 implements Signator } BinarySignature.replaceCertificate(iui); + BinarySignature.replaceTimestamp(iui); BinarySignature.replacePlaceholders(iui); + OutputStream os = dataSink.createOutputStream(PdfAS.PDF_MIME_TYPE); os.write(iui.signed_pdf); os.close(); +// // dferbas write itext marker +// PdfReader rd = new PdfReader(iui.signed_pdf); +// FileOutputStream fout = new FileOutputStream("itextsigned.pdf"); +// try { +// log.info("sign itext external"); +// PdfStamper stamper = PdfStamper.createSignature(rd, fout, '\0'); +// PdfSignatureAppearance sap = stamper.getSignatureAppearance(); +// Certificate[] certs = new Certificate[] { iui.signed_signature_object.x509Certificate }; +// sap.setCrypto(null, certs, null, PdfSignatureAppearance.SELF_SIGNED); +// sap.setReason("pdf-as signature"); +// sap.setLocation("dahoam"); +// //sap.setExternalDigest(digest, RSAdata, digestEncryptionAlgorithm); +// byte[] sigVal = Base64.decodeBase64(iui.signed_signature_object.signatureValue.getBytes()); +// //byte[] sigVal = iui.signed_signature_object.signatureValue.getBytes(); +// sap.setExternalDigest(sigVal, null, "RSA"); +//// int csize = 40000; +//// HashMap exc = new HashMap(); +//// exc.put(PdfName.CONTENTS, new Integer(csize * 2 + 2)); +// sap.preClose(); // *2+2 +// +//// sap.preClose(new HashMap() {{ put(PdfName.CONTENTS, new Integer(4000)); }}); +// +// PdfPKCS7 sig = sap.getSigStandard().getSigner(); +// sig.setExternalDigest(sigVal, null, "RSA"); +// +// log.info(new PdfString(sigVal).setHexWriting(true)+ "END"); +// +// PdfDictionary dic = new PdfDictionary(); +// dic.put(PdfName.CONTENTS, new PdfString(sigVal).setHexWriting(true)); +// sap.close(dic); +// +// //stamper.close(); +// +// +// } catch (DocumentException e) { +// log.error(e, e); +// throw new RuntimeException(e); +// } //SignResult sign_result = new SignResult(PdfAS.PDF_MIME_TYPE, iui.signed_pdf); //return sign_result; @@ -287,14 +334,27 @@ public class BinarySignator_1_0_0 implements Signator * @param iui * The IncrementalUpdateInformation. */ - protected void fillReplacesWithValues(IncrementalUpdateInformation iui) + protected void fillReplacesWithValues(final IncrementalUpdateInformation iui) { Iterator it = iui.replaces.iterator(); + HashMap ognlCtx = new HashMap(); + ognlCtx.put("iui", iui); + ognlCtx.put("sso", iui.signed_signature_object); + OgnlUtil ognl = new OgnlUtil(ognlCtx); + //OgnlUtil ognl = new OgnlUtil(iui.signed_signature_object); while (it.hasNext()) { ReplaceInfo ri = (ReplaceInfo) it.next(); - - ri.value = SignSignatureObjectHelper.retrieveStringValueFromSignatureObject(iui.signed_signature_object, ri.sfd.field_name); + + // dferbas + if (ognl.containsExpression(ri.sfd.value)) { + // evaluate expression + String res = ognl.compileMessage(ri.sfd.value); + ri.value = res; + + } else { + ri.value = iui.signed_signature_object.retrieveStringValue(ri.sfd.field_name); + } } } @@ -348,6 +408,8 @@ public class BinarySignator_1_0_0 implements Signator bsi.enc_length = iui.enc_length; bsi.atp = iui.actualTablePos; bsi.signProfile = iui.signProfile; + bsi.timestamp_length = iui.timestamp_length; + bsi.timestamp_start = iui.timestamp_start; return bsi; } @@ -365,7 +427,9 @@ public class BinarySignator_1_0_0 implements Signator iui.enc_start = bsi.enc_start; iui.enc_length = bsi.enc_length; iui.actualTablePos = bsi.atp; - iui.signProfile = bsi.signProfile; + iui.signProfile = bsi.signProfile; + iui.timestamp_length = bsi.timestamp_length; + iui.timestamp_start = bsi.timestamp_start; iui.signed_signature_object = bsi.signSignatureObject; -- cgit v1.2.3