aboutsummaryrefslogtreecommitdiff
path: root/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl
diff options
context:
space:
mode:
authorAndreas Fitzek <andreas.fitzek@iaik.tugraz.at>2014-07-10 12:09:05 +0200
committerAndreas Fitzek <andreas.fitzek@iaik.tugraz.at>2014-07-10 12:09:05 +0200
commitaf90012c848711a4c9010dbcf71694dbfbca0e86 (patch)
treecd40f8fab90b6a2fe62359a404497d369d82ece0 /pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl
parent83a573238984575b76ab06dca677831f4a650534 (diff)
downloadpdf-as-4-af90012c848711a4c9010dbcf71694dbfbca0e86.tar.gz
pdf-as-4-af90012c848711a4c9010dbcf71694dbfbca0e86.tar.bz2
pdf-as-4-af90012c848711a4c9010dbcf71694dbfbca0e86.zip
Integrity verification of Signature after Signature creation to ensure correct signed Document
Diffstat (limited to 'pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl')
-rw-r--r--pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/PdfAsImpl.java29
-rw-r--r--pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/signing/pdfbox/PADESPDFBOXSigner.java3
-rw-r--r--pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/signing/pdfbox/PdfboxSignerWrapper.java10
3 files changed, 21 insertions, 21 deletions
diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/PdfAsImpl.java b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/PdfAsImpl.java
index 28bd9151..7dcdca2b 100644
--- a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/PdfAsImpl.java
+++ b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/PdfAsImpl.java
@@ -31,15 +31,12 @@ import java.awt.image.BufferedImage;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.File;
-import java.io.FileOutputStream;
import java.io.IOException;
import java.io.OutputStream;
import java.util.ArrayList;
import java.util.Calendar;
import java.util.List;
-import javax.imageio.ImageIO;
-
import org.apache.pdfbox.cos.COSArray;
import org.apache.pdfbox.cos.COSBase;
import org.apache.pdfbox.cos.COSDictionary;
@@ -47,14 +44,13 @@ import org.apache.pdfbox.cos.COSName;
import org.apache.pdfbox.cos.COSString;
import org.apache.pdfbox.pdmodel.PDDocument;
import org.apache.pdfbox.pdmodel.PDPage;
-import org.apache.pdfbox.pdmodel.PDPageable;
-import org.apache.pdfbox.util.PDFImageWriter;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import at.gv.egiz.pdfas.common.exceptions.PDFIOException;
import at.gv.egiz.pdfas.common.exceptions.PdfAsException;
import at.gv.egiz.pdfas.common.exceptions.PdfAsSettingsException;
+import at.gv.egiz.pdfas.common.exceptions.PdfAsSignatureException;
import at.gv.egiz.pdfas.common.exceptions.PdfAsValidationException;
import at.gv.egiz.pdfas.common.settings.ISettings;
import at.gv.egiz.pdfas.common.settings.Settings;
@@ -87,6 +83,7 @@ import at.gv.egiz.pdfas.lib.impl.status.PDFObject;
import at.gv.egiz.pdfas.lib.impl.status.RequestedSignature;
import at.gv.egiz.pdfas.lib.impl.verify.IVerifyFilter;
import at.gv.egiz.pdfas.lib.impl.verify.VerifierDispatcher;
+import at.gv.egiz.pdfas.lib.util.SignatureUtils;
import at.knowcenter.wag.egov.egiz.pdf.PositioningInstruction;
import at.knowcenter.wag.egov.egiz.pdf.TablePos;
import at.knowcenter.wag.egov.egiz.table.Table;
@@ -193,18 +190,11 @@ public class PdfAsImpl implements PdfAs, IConfigurationConstants {
IPdfSigner signer = PdfSignerFactory.createPdfSigner();
signer.signPDF(status.getPdfObject(), requestedSignature,
new PdfboxSignerWrapper(status.getSignParamter()
- .getPlainSigner(), parameter));
+ .getPlainSigner(), parameter, requestedSignature));
// ================================================================
// Create SignResult
- SignResultImpl result = new SignResultImpl(status.getSignParamter()
- .getOutput());
- OutputStream outputStream = result.getOutputDocument()
- .createOutputStream();
-
- outputStream.write(status.getPdfObject().getSignedDocument());
-
- outputStream.close();
+ SignResult result = createSignResult(status);
return result;
} catch (Throwable e) {
@@ -424,7 +414,16 @@ public class PdfAsImpl implements PdfAs, IConfigurationConstants {
String signature = new COSString(request.getSignature())
.getHexString();
byte[] pdfSignature = signature.getBytes();
-
+ //byte[] input = PDFUtils.blackOutSignature(status.getPdfObject().getSignedDocument(),
+ // request.getSignatureDataByteRange());
+ VerifyResult verifyResult = SignatureUtils.verifySignature(request.getSignature(), request.getSignatureData());
+ RequestedSignature requestedSignature = request.getStatus().getRequestedSignature();
+
+ if(!StreamUtils.dataCompare(requestedSignature.getCertificate().getFingerprintSHA(),
+ verifyResult.getSignerCertificate().getFingerprintSHA())) {
+ throw new PdfAsSignatureException("Certificates missmatch!");
+ }
+
for (int i = 0; i < pdfSignature.length; i++) {
status.getPdfObject().getSignedDocument()[offset + i] = pdfSignature[i];
}
diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/signing/pdfbox/PADESPDFBOXSigner.java b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/signing/pdfbox/PADESPDFBOXSigner.java
index 4e82efa5..c8c4eeb4 100644
--- a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/signing/pdfbox/PADESPDFBOXSigner.java
+++ b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/signing/pdfbox/PADESPDFBOXSigner.java
@@ -35,7 +35,6 @@ import java.util.List;
import org.apache.pdfbox.cos.COSBase;
import org.apache.pdfbox.cos.COSDictionary;
import org.apache.pdfbox.cos.COSName;
-import org.apache.pdfbox.cos.COSObject;
import org.apache.pdfbox.exceptions.COSVisitorException;
import org.apache.pdfbox.exceptions.SignatureException;
import org.apache.pdfbox.pdmodel.PDDocument;
@@ -343,7 +342,7 @@ public class PADESPDFBOXSigner implements IPdfSigner, IConfigurationConstants {
sigFieldName = "PDF-AS Signatur";
}
- int count = SignatureUtils.countSignatures(doc);
+ int count = SignatureUtils.countSignatures(doc, sigFieldName);
sigFieldName = sigFieldName + count;
diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/signing/pdfbox/PdfboxSignerWrapper.java b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/signing/pdfbox/PdfboxSignerWrapper.java
index faa49148..44915a42 100644
--- a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/signing/pdfbox/PdfboxSignerWrapper.java
+++ b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/signing/pdfbox/PdfboxSignerWrapper.java
@@ -39,6 +39,7 @@ import at.gv.egiz.pdfas.common.utils.StreamUtils;
import at.gv.egiz.pdfas.lib.api.sign.IPlainSigner;
import at.gv.egiz.pdfas.lib.api.sign.SignParameter;
import at.gv.egiz.pdfas.lib.impl.signing.sig_interface.PDFASSignatureInterface;
+import at.gv.egiz.pdfas.lib.impl.status.RequestedSignature;
public class PdfboxSignerWrapper implements PDFASSignatureInterface {
@@ -46,16 +47,17 @@ public class PdfboxSignerWrapper implements PDFASSignatureInterface {
.getLogger(PdfboxSignerWrapper.class);
private IPlainSigner signer;
- @SuppressWarnings("unused")
- private PDSignature signature;
+ private PDSignature signature;
private int[] byteRange;
private Calendar date;
private SignParameter parameters;
+ private RequestedSignature requestedSignature;
- public PdfboxSignerWrapper(IPlainSigner signer, SignParameter parameters) {
+ public PdfboxSignerWrapper(IPlainSigner signer, SignParameter parameters, RequestedSignature requestedSignature) {
this.signer = signer;
this.date = Calendar.getInstance();
this.parameters = parameters;
+ this.requestedSignature = requestedSignature;
}
public byte[] sign(InputStream inputStream) throws SignatureException,
@@ -66,7 +68,7 @@ public class PdfboxSignerWrapper implements PDFASSignatureInterface {
logger.info("Byte Range 2: " + byteRange2);
try {
logger.info("Signing with Pdfbox Wrapper");
- byte[] signature = signer.sign(data, byteRange, this.parameters);
+ byte[] signature = signer.sign(data, byteRange, this.parameters, this.requestedSignature);
return signature;
} catch (PdfAsException e) {
throw new PdfAsWrappedIOException(e);