update to SL2.0 v0.61

fix a bug in SL2.0 impl for createCAdES
author: Thomas Lenz <thomas.lenz@egiz.gv.at> 2018-07-25 08:06:36 +0200
committer: Thomas Lenz <thomas.lenz@egiz.gv.at> 2018-07-25 08:06:36 +0200
commit: e5f2601e931594572f88bb402343e39023dab939 (patch)
tree: 5b48ca1be4dbb0a7041b8e7bf04dc1f8f937b46e
parent: 5d90a82062472d9c87eacc90963529309abecb18 (diff)
download: pdf-as-4-e5f2601e931594572f88bb402343e39023dab939.tar.gz
pdf-as-4-e5f2601e931594572f88bb402343e39023dab939.tar.bz2
pdf-as-4-e5f2601e931594572f88bb402343e39023dab939.zip
3 files changed, 69 insertions, 11 deletions
diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/sl20/utils/SL20Constants.java b/pdf-as-lib/src/main/java/at/gv/egiz/sl20/utils/SL20Constants.java
index 59c3079d..fdefa1d9 100644
--- a/pdf-as-lib/src/main/java/at/gv/egiz/sl20/utils/SL20Constants.java
+++ b/pdf-as-lib/src/main/java/at/gv/egiz/sl20/utils/SL20Constants.java
@@ -160,6 +160,8 @@ public class SL20Constants {
 	//createCAdES Signture
 	public static final String SL20_COMMAND_PARAM_CREATE_SIG_CADES_KEYID = "keyId";	
 	public static final String SL20_COMMAND_PARAM_CREATE_SIG_CADES_CONTENT = "content";
+	public static final String SL20_COMMAND_PARAM_CREATE_SIG_CADES_CONTENTURL = "contentUrl";
+	public static final String SL20_COMMAND_PARAM_CREATE_SIG_CADES_CONTENTMODE = "contentMode";	
 	public static final String SL20_COMMAND_PARAM_CREATE_SIG_CADES_MIMETYPE = "mimeType";
 	public static final String SL20_COMMAND_PARAM_CREATE_SIG_CADES_PADES_COMBATIBILTY = "padesComatibility";
 	public static final String SL20_COMMAND_PARAM_CREATE_SIG_CADES_EXCLUDEBYTERANGE = "excludedByteRange";
@@ -176,7 +178,8 @@ public class SL20Constants {
 	public static final String SL20_COMMAND_PARAM_CREATE_SIG_CADES_CADESLEVEL_XL = "cAdES-X-L";
 	public static final String SL20_COMMAND_PARAM_CREATE_SIG_CADES_CADESLEVEL_A = "cAdES-A";
 	
-	
+	public static final String SL20_COMMAND_PARAM_CREATE_SIG_CADES_CONTENTMODE_DETACHED = "detached";
+	public static final String SL20_COMMAND_PARAM_CREATE_SIG_CADES_CONTENTMODE_ENVELOPING = "enveloping";
 	
 	//create binding key command
 	public static final String SL20_COMMAND_PARAM_BINDING_CREATE_KONTOID = "kontoID";
diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/sl20/utils/SL20JSONBuilderUtils.java b/pdf-as-lib/src/main/java/at/gv/egiz/sl20/utils/SL20JSONBuilderUtils.java
index 40edb74b..7cbb7800 100644
--- a/pdf-as-lib/src/main/java/at/gv/egiz/sl20/utils/SL20JSONBuilderUtils.java
+++ b/pdf-as-lib/src/main/java/at/gv/egiz/sl20/utils/SL20JSONBuilderUtils.java
@@ -2,13 +2,10 @@ package at.gv.egiz.sl20.utils;
 
 import java.security.cert.CertificateEncodingException;
 import java.security.cert.X509Certificate;
-import java.util.Arrays;
 import java.util.List;
 import java.util.Map;
 import java.util.Map.Entry;
 
-import org.apache.commons.codec.binary.Base64;
-import org.bouncycastle.util.encoders.Base64Encoder;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -182,14 +179,37 @@ public class SL20JSONBuilderUtils {
 	}
 		
 	public static JsonObject createCreateCAdESCommandParameters(String keyId,
-			byte[] content, String mimeType, boolean padesCompatiblem, List<String> byteRanges, String cadesLevel,			
+			byte[] content, String contentUrl, String contentMode, String mimeType, boolean padesCompatiblem, List<JsonElement> byteRanges, String cadesLevel,			
 			String dataUrl, X509Certificate x5cEnc) throws CertificateEncodingException, SLCommandoBuildException {		
 		JsonObject params = new JsonObject();
 		addSingleStringElement(params, SL20Constants.SL20_COMMAND_PARAM_CREATE_SIG_CADES_KEYID, keyId, true);		
-		addSingleByteElement(params, SL20Constants.SL20_COMMAND_PARAM_CREATE_SIG_CADES_CONTENT, content, true);			
+		
+		if (content != null && contentUrl != null) {
+			log.warn(SL20Constants.SL20_COMMAND_PARAM_CREATE_SIG_CADES_CONTENT + " and " 
+					+ SL20Constants.SL20_COMMAND_PARAM_CREATE_SIG_CADES_CONTENTURL + " can not SET TWICE");
+			throw new SLCommandoBuildException();
+			
+		}
+		
+		if (content != null)
+			addSingleByteElement(params, SL20Constants.SL20_COMMAND_PARAM_CREATE_SIG_CADES_CONTENT, content, true);
+		
+		else if (contentUrl != null )
+			addSingleStringElement(params, SL20Constants.SL20_COMMAND_PARAM_CREATE_SIG_CADES_CONTENTURL, contentUrl, true);
+		
+		else {
+			log.warn(SL20Constants.SL20_COMMAND_PARAM_CREATE_SIG_CADES_CONTENT + " and " 
+					+ SL20Constants.SL20_COMMAND_PARAM_CREATE_SIG_CADES_CONTENTURL + " is NULL");
+			throw new SLCommandoBuildException();
+			
+		}
+			
+		addSingleStringElement(params, SL20Constants.SL20_COMMAND_PARAM_CREATE_SIG_CADES_CONTENTMODE, contentMode, true);
 		addSingleStringElement(params, SL20Constants.SL20_COMMAND_PARAM_CREATE_SIG_CADES_MIMETYPE, mimeType, true);		
 		addSingleBooleanElement(params, SL20Constants.SL20_COMMAND_PARAM_CREATE_SIG_CADES_PADES_COMBATIBILTY, padesCompatiblem, false);		
-		addArrayOfStrings(params, SL20Constants.SL20_COMMAND_PARAM_CREATE_SIG_CADES_EXCLUDEBYTERANGE, byteRanges);		
+		
+		//addArrayOfStrings(params, SL20Constants.SL20_COMMAND_PARAM_CREATE_SIG_CADES_EXCLUDEBYTERANGE, byteRanges);		
+		addArrayOfElements(params, SL20Constants.SL20_COMMAND_PARAM_CREATE_SIG_CADES_EXCLUDEBYTERANGE, byteRanges);
 		addSingleStringElement(params, SL20Constants.SL20_COMMAND_PARAM_CREATE_SIG_CADES_CADESLEVEL, cadesLevel, false);		
 		addSingleStringElement(params, SL20Constants.SL20_COMMAND_PARAM_GETCERTIFICATE_DATAURL, dataUrl, true);
 		addSingleCertificateElement(params, SL20Constants.SL20_COMMAND_PARAM_GETCERTIFICATE_X5CENC, x5cEnc, false);		
@@ -452,6 +472,18 @@ public class SL20JSONBuilderUtils {
 		}
 	}
 	
+	private static void addArrayOfElements(JsonObject parent, String keyId, List<JsonElement> values) throws SLCommandoBuildException {		
+		validateParentAndKey(parent, keyId);
+		if (values != null) {
+			JsonArray callReqParamsArray = new JsonArray();
+			parent.add(keyId, callReqParamsArray  );
+			for(JsonElement el : values)
+				callReqParamsArray.add(el);
+			
+		}
+		
+	}
+	
 	private static void addArrayOfStrings(JsonObject parent, String keyId, List<String> values) throws SLCommandoBuildException {
 		validateParentAndKey(parent, keyId);		
 		if (values != null) {
diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsHelper.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsHelper.java
index 6eb80650..75249e78 100644
--- a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsHelper.java
+++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsHelper.java
@@ -60,6 +60,8 @@ import org.apache.http.entity.ContentType;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
+import com.google.gson.JsonArray;
+import com.google.gson.JsonElement;
 import com.google.gson.JsonObject;
 
 import at.gv.egiz.pdfas.api.ws.PDFASSignParameters;
@@ -67,6 +69,7 @@ import at.gv.egiz.pdfas.api.ws.PDFASSignParameters.Connector;
 import at.gv.egiz.pdfas.api.ws.PDFASSignResponse;
 import at.gv.egiz.pdfas.api.ws.PDFASVerificationResponse;
 import at.gv.egiz.pdfas.common.exceptions.PDFASError;
+import at.gv.egiz.pdfas.common.utils.PDFUtils;
 import at.gv.egiz.pdfas.lib.api.ByteArrayDataSource;
 import at.gv.egiz.pdfas.lib.api.Configuration;
 import at.gv.egiz.pdfas.lib.api.IConfigurationConstants;
@@ -1190,9 +1193,24 @@ public class PdfAsHelper {
 				
 			} else if (slConnector instanceof SL20Connector) {				
 				//convert byte range
-				List<String> byteRanges = new ArrayList<String>();
-				for (int el : statusRequest.getSignatureDataByteRange())
-					byteRanges.add(String.valueOf(el));
+
+				int[] exclude_range = PDFUtils.buildExcludeRange(statusRequest.getSignatureDataByteRange());
+				logger.info("Exclude Byte Range: " + exclude_range[0] + " " + exclude_range[1]);
+				
+				List<JsonElement> byteRanges = new ArrayList<JsonElement>();
+				if (statusRequest.getSignatureDataByteRange().length % 2 != 0) {
+					logger.warn("ByteRange is not a set of pairs. Something is maybe suspect");
+					
+				}
+				
+				for (int i=0; i<exclude_range.length/2; i++) {
+					JsonArray el = new JsonArray();
+					el.add(exclude_range[2*i]);
+					el.add(exclude_range[2*i + 1]);
+					byteRanges.add(el);
+										
+				}
+					
 				
 				java.security.cert.X509Certificate x5cEnc = null;
 				if (WebConfiguration.isSL20EncryptionEnabled() && joseTools != null)
@@ -1203,10 +1221,15 @@ public class PdfAsHelper {
 				if (pack.getRequestType().getPAdESFlag() != null)
 					padesCompatibel = pack.getRequestType().getPAdESFlag();
 				
+				byte[] data = PDFUtils.blackOutSignature(statusRequest.getSignatureData(), 
+						statusRequest.getSignatureDataByteRange());
+				
 				JsonObject createCAdESSigParams = 
 						SL20JSONBuilderUtils.createCreateCAdESCommandParameters(
 								pack.getRequestType().getKeyboxIdentifier(), 
-								statusRequest.getSignatureData(), 
+								data,
+								null,
+								SL20Constants.SL20_COMMAND_PARAM_CREATE_SIG_CADES_CONTENTMODE_DETACHED,
 								pack.getRequestType().getDataObject().getMetaInfo().getMimeType(), 
 								padesCompatibel , 
 								byteRanges,
author	Thomas Lenz <thomas.lenz@egiz.gv.at>	2018-07-25 08:06:36 +0200
committer	Thomas Lenz <thomas.lenz@egiz.gv.at>	2018-07-25 08:06:36 +0200
commit	e5f2601e931594572f88bb402343e39023dab939 (patch)
tree	5b48ca1be4dbb0a7041b8e7bf04dc1f8f937b46e
parent	5d90a82062472d9c87eacc90963529309abecb18 (diff)
download	pdf-as-4-e5f2601e931594572f88bb402343e39023dab939.tar.gz pdf-as-4-e5f2601e931594572f88bb402343e39023dab939.tar.bz2 pdf-as-4-e5f2601e931594572f88bb402343e39023dab939.zip