diff options
33 files changed, 599 insertions, 163 deletions
diff --git a/build.gradle b/build.gradle index b0bf446d..e70b4abc 100644 --- a/build.gradle +++ b/build.gradle @@ -1,20 +1,16 @@ subprojects { - apply plugin: 'java' - apply plugin: 'eclipse' + apply plugin: 'java' + apply plugin: 'eclipse' - repositories { - mavenCentral() - } + repositories { + mavenCentral() + } - dependencies { - testCompile 'junit:junit:4.8.2' - } + dependencies { testCompile 'junit:junit:4.8.2' } sourceCompatibility = 1.5 - - version = '4.0' - jar { - manifest.attributes provider: 'EGIZ' - } + version = '4.0.0-SNAPSHOT' + + jar { manifest.attributes provider: 'EGIZ' } } diff --git a/pdf-as-cli/build.gradle b/pdf-as-cli/build.gradle index 2204f51f..79b00be4 100644 --- a/pdf-as-cli/build.gradle +++ b/pdf-as-cli/build.gradle @@ -4,12 +4,6 @@ apply plugin: 'application' mainClassName = "at.gv.egiz.pdfas.cli.Main" -jar { - manifest { - attributes 'Implementation-Title': 'PDF-AS CLI', 'Implementation-Version': version - } -} - repositories { mavenLocal() mavenCentral() @@ -17,6 +11,7 @@ repositories { dependencies { compile project (':pdf-as-lib') + compile project (':pdf-as-legacy') compile project (':stamper:stmp-itext') compile project (':signature-standards:sigs-pkcs7detached') compile project (':signature-standards:sigs-pades') diff --git a/pdf-as-cli/src/main/java/at/gv/egiz/pdfas/cli/DeveloperMain.java b/pdf-as-cli/src/main/java/at/gv/egiz/pdfas/cli/DeveloperMain.java index 7b8d4a95..d99f7bd8 100644 --- a/pdf-as-cli/src/main/java/at/gv/egiz/pdfas/cli/DeveloperMain.java +++ b/pdf-as-cli/src/main/java/at/gv/egiz/pdfas/cli/DeveloperMain.java @@ -34,10 +34,16 @@ public class DeveloperMain { public static final String keyPass = "123456"; public static void main(String[] args) { + + + String user_home = System.getProperty("user.home"); String pdfas_dir = user_home + File.separator + ".pdfas"; PdfAs pdfas = PdfAsFactory.createPdfAs(new File(pdfas_dir)); - Configuration config = pdfas.getConfiguration(); + System.out.println(PdfAsFactory.getVersion()); + return; + + /*Configuration config = pdfas.getConfiguration(); byte[] data; try { IPlainSigner signer = new PKCS7DetachedSigner(keyStoreFile, keyAlias, keyStorePass, keyPass, keyStoreType); @@ -76,7 +82,7 @@ public class DeveloperMain { } else { throw new Exception("Invalid status"); } - */ + / pdfas.sign(parameter); FileOutputStream fos = new FileOutputStream("/home/afitzek/simple_signed.pdf"); fos.write(bads.getData()); @@ -93,7 +99,7 @@ public class DeveloperMain { e.printStackTrace(); } catch (Exception e) { e.printStackTrace(); - } + }*/ } } diff --git a/pdf-as-legacy/build.gradle b/pdf-as-legacy/build.gradle index 5d27b162..2f40386f 100644 --- a/pdf-as-legacy/build.gradle +++ b/pdf-as-legacy/build.gradle @@ -2,17 +2,15 @@ apply plugin: 'java' apply plugin: 'eclipse' jar { - manifest { - attributes 'Implementation-Title': 'PDF-AS-4 Library', 'Implementation-Version': version - } + manifest { + attributes 'Implementation-Title': 'PDF-AS-4 Library', 'Implementation-Version': version + } } repositories { mavenLocal() - mavenCentral() - maven { - url "http://nexus.iaik.tugraz.at/nexus/content/groups/internal" - } + mavenCentral() + maven { url "http://nexus.iaik.tugraz.at/nexus/content/groups/internal" } } dependencies { @@ -22,17 +20,13 @@ dependencies { compile project (':signature-standards:sigs-pades') compile group: 'org.apache.commons', name: 'commons-lang3', version: '3.1' compile group: 'commons-codec', name: 'commons-codec', version: '1.8' - testCompile group: 'junit', name: 'junit', version: '4.+' + testCompile group: 'junit', name: 'junit', version: '4.+' } -test { - systemProperties 'property': 'value' -} +test { systemProperties 'property': 'value' } uploadArchives { - repositories { - flatDir { - dirs 'repos' - } - } + repositories { + flatDir { dirs 'repos' } + } } diff --git a/pdf-as-legacy/src/main/java/at/gv/egiz/pdfas/api/sign/pos/SignaturePosition.java b/pdf-as-legacy/src/main/java/at/gv/egiz/pdfas/api/sign/pos/SignaturePosition.java index eee62cd8..f16d2ffb 100644 --- a/pdf-as-legacy/src/main/java/at/gv/egiz/pdfas/api/sign/pos/SignaturePosition.java +++ b/pdf-as-legacy/src/main/java/at/gv/egiz/pdfas/api/sign/pos/SignaturePosition.java @@ -32,6 +32,7 @@ package at.gv.egiz.pdfas.api.sign.pos; *
* @author wprinz
*/
+@Deprecated
public interface SignaturePosition
{
/**
diff --git a/pdf-as-legacy/src/main/java/at/gv/egiz/pdfas/wrapper/PdfAsObject.java b/pdf-as-legacy/src/main/java/at/gv/egiz/pdfas/wrapper/PdfAsObject.java index 0f1a60c1..ecd3c031 100644 --- a/pdf-as-legacy/src/main/java/at/gv/egiz/pdfas/wrapper/PdfAsObject.java +++ b/pdf-as-legacy/src/main/java/at/gv/egiz/pdfas/wrapper/PdfAsObject.java @@ -20,6 +20,7 @@ import at.gv.egiz.pdfas.api.exceptions.PdfAsException; import at.gv.egiz.pdfas.api.sign.SignParameters; import at.gv.egiz.pdfas.api.sign.SignResult; import at.gv.egiz.pdfas.api.sign.SignatureDetailInformation; +import at.gv.egiz.pdfas.api.sign.pos.SignaturePosition; import at.gv.egiz.pdfas.api.verify.VerifyAfterAnalysisParameters; import at.gv.egiz.pdfas.api.verify.VerifyAfterReconstructXMLDsigParameters; import at.gv.egiz.pdfas.api.verify.VerifyParameters; @@ -34,6 +35,7 @@ import at.gv.egiz.pdfas.lib.api.StatusRequest; import at.gv.egiz.pdfas.lib.api.sign.SignParameter; import at.gv.egiz.pdfas.lib.api.verify.VerifyParameter; import at.gv.egiz.pdfas.lib.api.verify.VerifyResult; +import at.gv.egiz.pdfas.lib.impl.SignaturePositionImpl; public class PdfAsObject implements PdfAs { @@ -69,15 +71,18 @@ public class PdfAsObject implements PdfAs { at.gv.egiz.pdfas.lib.api.sign.SignResult result = this.pdfas4.finishSign(request); sdi.wrapper.syncNewToOld(); SignResultImpl oldresult = new SignResultImpl(sdi.wrapper.getSignParameters().getOutput(), - sdi.getX509Certificate()); + sdi.getX509Certificate(), new at.gv.egiz.pdfas.wrapper.SignaturePositionImpl( + result.getSignaturePosition())); return oldresult; } else { throw new PdfAsException(ErrorCode.SIGNATURE_COULDNT_BE_CREATED, "Invalid state"); } } catch (at.gv.egiz.pdfas.common.exceptions.PdfAsException e) { + e.printStackTrace(); throw new PdfAsException( ErrorCode.SIGNATURE_COULDNT_BE_CREATED, e.getMessage()); + } } else { throw new PdfAsException(ErrorCode.SIGNATURE_COULDNT_BE_CREATED, diff --git a/pdf-as-legacy/src/main/java/at/gv/egiz/pdfas/wrapper/SignResultImpl.java b/pdf-as-legacy/src/main/java/at/gv/egiz/pdfas/wrapper/SignResultImpl.java index b8a9ab33..f8d36869 100644 --- a/pdf-as-legacy/src/main/java/at/gv/egiz/pdfas/wrapper/SignResultImpl.java +++ b/pdf-as-legacy/src/main/java/at/gv/egiz/pdfas/wrapper/SignResultImpl.java @@ -11,10 +11,12 @@ public class SignResultImpl implements SignResult { private DataSink sink; private X509Certificate certificate; + private SignaturePosition position; - public SignResultImpl(DataSink data, X509Certificate cert) { + public SignResultImpl(DataSink data, X509Certificate cert, SignaturePosition position) { this.certificate = cert; this.sink = data; + this.position = position; } public DataSink getOutputDocument() { @@ -26,7 +28,7 @@ public class SignResultImpl implements SignResult { } public SignaturePosition getSignaturePosition() { - return null; + return position; } public List getNonTextualObjects() { diff --git a/pdf-as-legacy/src/main/java/at/gv/egiz/pdfas/wrapper/SignaturePositionImpl.java b/pdf-as-legacy/src/main/java/at/gv/egiz/pdfas/wrapper/SignaturePositionImpl.java new file mode 100644 index 00000000..2d950643 --- /dev/null +++ b/pdf-as-legacy/src/main/java/at/gv/egiz/pdfas/wrapper/SignaturePositionImpl.java @@ -0,0 +1,34 @@ +package at.gv.egiz.pdfas.wrapper; + +import at.gv.egiz.pdfas.api.sign.pos.SignaturePosition; + +public class SignaturePositionImpl implements SignaturePosition { + + private at.gv.egiz.pdfas.lib.api.SignaturePosition position; + + public SignaturePositionImpl(at.gv.egiz.pdfas.lib.api.SignaturePosition position) { + this.position = position; + } + + + public int getPage() { + return this.position.getPage(); + } + + public float getX() { + return this.position.getX(); + } + + public float getY() { + return this.position.getY(); + } + + public float getWidth() { + return this.position.getWidth(); + } + + public float getHeight() { + return this.position.getHeight(); + } + +} diff --git a/pdf-as-legacy/src/main/java/at/gv/egiz/pdfas/wrapper/VerifyParameterWrapper.java b/pdf-as-legacy/src/main/java/at/gv/egiz/pdfas/wrapper/VerifyParameterWrapper.java index 51a8c843..44f9aa6c 100644 --- a/pdf-as-legacy/src/main/java/at/gv/egiz/pdfas/wrapper/VerifyParameterWrapper.java +++ b/pdf-as-legacy/src/main/java/at/gv/egiz/pdfas/wrapper/VerifyParameterWrapper.java @@ -9,8 +9,12 @@ import at.gv.egiz.pdfas.lib.api.verify.VerifyParameter; public class VerifyParameterWrapper { public static VerifyParameter toNewParameters(VerifyParameters oldParameters, Configuration config) { - return PdfAsFactory.createVerifyParameter(config, + VerifyParameter parameter = PdfAsFactory.createVerifyParameter(config, new ByteArrayDataSource(oldParameters.getDocument().getAsByteArray())); + + parameter.setWhichSignature(oldParameters.getSignatureToVerify()); + parameter.setVerificationTime(oldParameters.getVerificationTime()); + return parameter; } } diff --git a/pdf-as-legacy/src/main/java/at/gv/egiz/pdfas/wrapper/VerifyResultWrapper.java b/pdf-as-legacy/src/main/java/at/gv/egiz/pdfas/wrapper/VerifyResultWrapper.java index 0364be9b..7b35ef6c 100644 --- a/pdf-as-legacy/src/main/java/at/gv/egiz/pdfas/wrapper/VerifyResultWrapper.java +++ b/pdf-as-legacy/src/main/java/at/gv/egiz/pdfas/wrapper/VerifyResultWrapper.java @@ -1,9 +1,11 @@ package at.gv.egiz.pdfas.wrapper; +import java.io.InputStream; import java.security.cert.X509Certificate; import java.util.Date; import java.util.List; +import at.gv.egiz.pdfas.api.commons.Constants; import at.gv.egiz.pdfas.api.exceptions.PdfAsException; import at.gv.egiz.pdfas.api.exceptions.PdfAsWrappedException; import at.gv.egiz.pdfas.api.io.DataSource; @@ -20,13 +22,11 @@ public class VerifyResultWrapper implements VerifyResult { } public String getSignatureType() { - // TODO Auto-generated method stub return null; } public DataSource getSignedData() { - // TODO Auto-generated method stub - return null; + return new ByteArrayDataSource_OLD(this.newResult.getSignatureData()); } public X509Certificate getSignerCertificate() { @@ -34,17 +34,14 @@ public class VerifyResultWrapper implements VerifyResult { } public Date getSigningTime() { - // TODO Auto-generated method stub return null; } public Object getInternalSignatureInformation() { - // TODO Auto-generated method stub return null; } public String getTimeStampValue() { - // TODO Auto-generated method stub return null; } @@ -76,22 +73,18 @@ public class VerifyResultWrapper implements VerifyResult { } public boolean isPublicAuthority() { - // TODO Auto-generated method stub return false; } public String getPublicAuthorityCode() { - // TODO Auto-generated method stub return null; } public List getPublicProperties() { - // TODO Auto-generated method stub return null; } public Date getVerificationTime() { - // TODO Auto-generated method stub return null; } diff --git a/pdf-as-legacy/src/test/java/ByteArrayDataSink.java b/pdf-as-legacy/src/test/java/ByteArrayDataSink.java new file mode 100644 index 00000000..7aa74333 --- /dev/null +++ b/pdf-as-legacy/src/test/java/ByteArrayDataSink.java @@ -0,0 +1,36 @@ +import java.io.ByteArrayOutputStream; +import java.io.IOException; +import java.io.OutputStream; + +import at.gv.egiz.pdfas.api.io.DataSink; + + +public class ByteArrayDataSink implements DataSink { + + private ByteArrayOutputStream bos = new ByteArrayOutputStream(); + + public ByteArrayDataSink() { + } + + public OutputStream createOutputStream(String mimeType) throws IOException { + return createOutputStream(mimeType, "UTF-8"); + } + + public OutputStream createOutputStream(String mimeType, + String characterEncoding) throws IOException { + return bos; + } + + public String getMimeType() { + return "application/pdf"; + } + + public String getCharacterEncoding() { + return "UTF-8"; + } + + public byte[] getBytes() { + return this.bos.toByteArray(); + } + +} diff --git a/pdf-as-legacy/src/test/java/ByteArrayDataSource.java b/pdf-as-legacy/src/test/java/ByteArrayDataSource.java new file mode 100644 index 00000000..d4b83cc4 --- /dev/null +++ b/pdf-as-legacy/src/test/java/ByteArrayDataSource.java @@ -0,0 +1,35 @@ +import java.io.ByteArrayInputStream; +import java.io.InputStream; + +import at.gv.egiz.pdfas.api.io.DataSource; + + +public class ByteArrayDataSource implements DataSource { + + private byte[] data; + + public ByteArrayDataSource(byte[] data) { + this.data = data; + } + + public InputStream createInputStream() { + return new ByteArrayInputStream(data); + } + + public int getLength() { + return data.length; + } + + public byte[] getAsByteArray() { + return data; + } + + public String getMimeType() { + return "application/pdf"; + } + + public String getCharacterEncoding() { + return "UTF-8"; + } + +} diff --git a/pdf-as-legacy/src/test/java/LegacyTest.java b/pdf-as-legacy/src/test/java/LegacyTest.java new file mode 100644 index 00000000..21d0c3b1 --- /dev/null +++ b/pdf-as-legacy/src/test/java/LegacyTest.java @@ -0,0 +1,60 @@ +import java.io.FileOutputStream; +import java.io.InputStream; +import java.util.Iterator; + +import org.apache.commons.io.IOUtils; + +import at.gv.egiz.pdfas.PdfAsFactory; +import at.gv.egiz.pdfas.api.PdfAs; +import at.gv.egiz.pdfas.api.sign.SignParameters; +import at.gv.egiz.pdfas.api.sign.SignResult; +import at.gv.egiz.pdfas.api.verify.VerifyParameters; +import at.gv.egiz.pdfas.api.verify.VerifyResult; +import at.gv.egiz.pdfas.api.verify.VerifyResults; + +public class LegacyTest { + + public static void main(String[] args) { + try { + PdfAs pdfAS = PdfAsFactory.createPdfAs(); + + SignParameters signParameters = new SignParameters(); + signParameters.setSignatureDevice("bku"); + signParameters.setSignatureProfileId("SIGNATURBLOCK_DE"); + + InputStream is = LegacyTest.class.getResourceAsStream("simple.pdf"); + + byte[] inputData = IOUtils.toByteArray(is); + ByteArrayDataSink bads = new ByteArrayDataSink(); + signParameters.setDocument(new ByteArrayDataSource(inputData)); + signParameters.setOutput(bads); + SignResult result = pdfAS.sign(signParameters); + IOUtils.write(bads.getBytes(), new FileOutputStream("/tmp/test.pdf")); + + System.out.println("Signed @ " + result.getSignaturePosition().toString()); + System.out.println("Signed by " + result.getSignerCertificate().getSubjectDN().getName()); + + VerifyParameters verifyParameters = new VerifyParameters(); + verifyParameters.setDocument(new ByteArrayDataSource(bads.getBytes())); + verifyParameters.setSignatureToVerify(0); + + VerifyResults results = pdfAS.verify(verifyParameters); + + Iterator iter = results.getResults().iterator(); + + while(iter.hasNext()) { + Object obj = iter.next(); + if(obj instanceof VerifyResult) { + VerifyResult vresult = (VerifyResult)obj; + System.out.println("Verified: " + vresult.getValueCheckCode().getCode() + " " + + vresult.getValueCheckCode().getMessage()); + } + } + + } catch (Throwable e) { + System.out.println("ERROR"); + e.printStackTrace(); + } + } + +} diff --git a/pdf-as-legacy/src/test/java/StreamUtils.java b/pdf-as-legacy/src/test/java/StreamUtils.java new file mode 100644 index 00000000..f6822d97 --- /dev/null +++ b/pdf-as-legacy/src/test/java/StreamUtils.java @@ -0,0 +1,7 @@ +import java.io.ByteArrayOutputStream; +import java.io.InputStream; + +import org.apache.commons.io.IOUtils; + +public class StreamUtils { +} diff --git a/pdf-as-legacy/src/test/resources/simple.pdf b/pdf-as-legacy/src/test/resources/simple.pdf Binary files differnew file mode 100644 index 00000000..867f68db --- /dev/null +++ b/pdf-as-legacy/src/test/resources/simple.pdf diff --git a/pdf-as-lib/build.gradle b/pdf-as-lib/build.gradle index 7b50457f..6f8dc336 100644 --- a/pdf-as-lib/build.gradle +++ b/pdf-as-lib/build.gradle @@ -3,7 +3,7 @@ apply plugin: 'eclipse' jar { manifest { - attributes 'Implementation-Title': 'PDF-AS-4 Library', 'Implementation-Version': version + attributes 'Implementation-Title': 'PDF-AS-4 Library', 'Implementation-Version': version, 'JARMANIFEST': 'PDF-AS-LIB' } } diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/api/PdfAsFactory.java b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/api/PdfAsFactory.java index b73cc9af..284573e0 100644 --- a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/api/PdfAsFactory.java +++ b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/api/PdfAsFactory.java @@ -10,6 +10,10 @@ import java.io.FileNotFoundException; import java.io.FileOutputStream; import java.io.IOException; import java.io.InputStream; +import java.net.URL; +import java.util.Enumeration; +import java.util.jar.Attributes; +import java.util.jar.Manifest; import java.util.zip.ZipEntry; import java.util.zip.ZipInputStream; @@ -30,9 +34,20 @@ public class PdfAsFactory { private static final String DEFAULT_CONFIG_RES = "config/config.zip"; + private static final String MAN_ATTRIBUTE = "JARMANIFEST"; + private static final String PDF_AS_LIB = "PDF-AS-LIB"; + private static final String IMPL_VERSION = "Implementation-Version"; + + static { - /*PropertyConfigurator.configure(ClassLoader - .getSystemResourceAsStream("resources/log4j.properties"));*/ + System.out.println("+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++"); + System.out.println("+ PDF-AS: " + getVersion()); + System.out.println("+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++"); + + /* + * PropertyConfigurator.configure(ClassLoader + * .getSystemResourceAsStream("resources/log4j.properties")); + */ IAIK.addAsProvider(); ECCelerate.addAsProvider(); } @@ -53,10 +68,12 @@ public class PdfAsFactory { File log4j = new File(configuration.getAbsolutePath() + File.separator + "cfg" + File.separator + "log4j.properties"); - logger.info("Loading log4j configuration: " + log4j.getAbsolutePath()); + logger.info("Loading log4j configuration: " + + log4j.getAbsolutePath()); if (log4j.exists()) { try { - System.setProperty("pdf-as.work-dir", configuration.getAbsolutePath()); + System.setProperty("pdf-as.work-dir", + configuration.getAbsolutePath()); PropertyConfigurator.configure(new FileInputStream( log4j)); } catch (FileNotFoundException e) { @@ -87,9 +104,9 @@ public class PdfAsFactory { /** * Deploy default configuration to targetDirectory * - * The targetDirectory will be deleted and + * The targetDirectory will be deleted and * - * @param targetDirectory + * @param targetDirectory * @throws Exception */ public static void deployDefaultConfiguration(File targetDirectory) @@ -157,4 +174,35 @@ public class PdfAsFactory { } } } + + public static String getVersion() { + Package pack = PdfAsFactory.class.getPackage(); + return pack.getImplementationVersion(); + /* + try { + + + Enumeration<URL> resources = PdfAsFactory.class.getClassLoader() + .getResources("META-INF/MANIFEST.MF"); + while (resources.hasMoreElements()) { + Manifest manifest = new Manifest(resources.nextElement() + .openStream()); + Attributes attributes = manifest.getAttributes(MAN_ATTRIBUTE); + if (attributes != null) { + if(attributes.isEmpty()) { + String value = attributes.getValue(new Attributes.Name(MAN_ATTRIBUTE)); + if(value != null && value.equals(PDF_AS_LIB)) { + // Got my manifest + return manifest.getAttributes(IMPL_VERSION).getValue(IMPL_VERSION); + } + } + } + } + } catch (Throwable e) { + e.printStackTrace(); + logger.error("Failed to read Version!"); + return "0.0.0"; + } + return "0.0.0";*/ + } } diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/api/verify/VerifyParameter.java b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/api/verify/VerifyParameter.java index d319e373..da777343 100644 --- a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/api/verify/VerifyParameter.java +++ b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/api/verify/VerifyParameter.java @@ -1,5 +1,7 @@ package at.gv.egiz.pdfas.lib.api.verify; +import java.util.Date; + import at.gv.egiz.pdfas.lib.api.PdfAsParameter; public interface VerifyParameter extends PdfAsParameter { @@ -7,4 +9,8 @@ public interface VerifyParameter extends PdfAsParameter { public int getWhichSignature(); public void setWhichSignature(int which); + + public Date getVerificationTime(); + + public void setVerificationTime(Date verificationTime); } diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/PdfAsImpl.java b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/PdfAsImpl.java index e9332bc2..04b385f7 100644 --- a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/PdfAsImpl.java +++ b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/PdfAsImpl.java @@ -76,26 +76,27 @@ public class PdfAsImpl implements PdfAs, IConfigurationConstants { if (!(parameter.getConfiguration() instanceof ISettings)) { throw new PdfAsSettingsException("Invalid settings object!"); } - + ISettings settings = (ISettings) parameter.getConfiguration(); - + String signatureProfile = parameter.getSignatureProfileId(); - if(signatureProfile != null) { - if(!settings.hasPrefix("sig_obj." + signatureProfile + ".key")) { - throw new PdfAsValidationException("error.pdf.sig.09", signatureProfile); + if (signatureProfile != null) { + if (!settings.hasPrefix("sig_obj." + signatureProfile + ".key")) { + throw new PdfAsValidationException("error.pdf.sig.09", + signatureProfile); } } - + // TODO: verify Sign Parameter } - + private void verifyVerifyParameter(VerifyParameter parameter) throws PdfAsException { // Status initialization if (!(parameter.getConfiguration() instanceof ISettings)) { throw new PdfAsSettingsException("Invalid settings object!"); } - + // TODO: verify Verify Parameter } @@ -170,9 +171,11 @@ public class PdfAsImpl implements PdfAs, IConfigurationConstants { public List<VerifyResult> verify(VerifyParameter parameter) throws PdfAsException { - + verifyVerifyParameter(parameter); - + + int signatureToVerify = parameter.getWhichSignature(); + int currentSignature = 0; PDDocument doc = null; try { List<VerifyResult> result = new ArrayList<VerifyResult>(); @@ -192,50 +195,63 @@ public class PdfAsImpl implements PdfAs, IConfigurationConstants { COSDictionary field = (COSDictionary) fields.getObject(i); String type = field.getNameAsString("FT"); if ("Sig".equals(type)) { - logger.trace("Found Signature: "); - COSBase base = field.getDictionaryObject("V"); - COSDictionary dict = (COSDictionary) base; - - logger.debug("Signer: " + dict.getNameAsString("Name")); - logger.debug("SubFilter: " - + dict.getNameAsString("SubFilter")); - logger.debug("Filter: " + dict.getNameAsString("Filter")); - logger.debug("Modified: " + dict.getNameAsString("M")); - COSArray byteRange = (COSArray) dict - .getDictionaryObject("ByteRange"); - - StringBuilder sb = new StringBuilder(); - int[] bytes = new int[byteRange.size()]; - for (int j = 0; j < byteRange.size(); j++) { - bytes[j] = byteRange.getInt(j); - sb.append(" " + bytes[j]); - } + boolean verifyThis = true; - logger.debug("ByteRange" + sb.toString()); + if (signatureToVerify >= 0) { + // verify only specific siganture! + verifyThis = signatureToVerify == currentSignature; + } - COSString content = (COSString) dict - .getDictionaryObject("Contents"); + if (verifyThis) { + logger.trace("Found Signature: "); + COSBase base = field.getDictionaryObject("V"); + COSDictionary dict = (COSDictionary) base; + + logger.debug("Signer: " + dict.getNameAsString("Name")); + logger.debug("SubFilter: " + + dict.getNameAsString("SubFilter")); + logger.debug("Filter: " + + dict.getNameAsString("Filter")); + logger.debug("Modified: " + dict.getNameAsString("M")); + COSArray byteRange = (COSArray) dict + .getDictionaryObject("ByteRange"); + + StringBuilder sb = new StringBuilder(); + int[] bytes = new int[byteRange.size()]; + for (int j = 0; j < byteRange.size(); j++) { + bytes[j] = byteRange.getInt(j); + sb.append(" " + bytes[j]); + } - ByteArrayOutputStream contentData = new ByteArrayOutputStream(); - for (int j = 0; j < bytes.length; j = j + 2) { - int offset = bytes[j]; - int length = bytes[j + 1]; - contentData.write(parameter.getDataSource() - .getByteData(), offset, length); - } - contentData.close(); + logger.debug("ByteRange" + sb.toString()); - IVerifyFilter verifyFilter = verifier.getVerifier( - dict.getNameAsString("Filter"), - dict.getNameAsString("SubFilter")); + COSString content = (COSString) dict + .getDictionaryObject("Contents"); - if (verifyFilter != null) { - List<VerifyResult> results = verifyFilter.verify( - contentData.toByteArray(), content.getBytes()); - if (results != null && !results.isEmpty()) { - result.addAll(results); + ByteArrayOutputStream contentData = new ByteArrayOutputStream(); + for (int j = 0; j < bytes.length; j = j + 2) { + int offset = bytes[j]; + int length = bytes[j + 1]; + contentData.write(parameter.getDataSource() + .getByteData(), offset, length); + } + contentData.close(); + + IVerifyFilter verifyFilter = verifier.getVerifier( + dict.getNameAsString("Filter"), + dict.getNameAsString("SubFilter")); + + if (verifyFilter != null) { + List<VerifyResult> results = verifyFilter.verify( + contentData.toByteArray(), + content.getBytes(), + parameter.getVerificationTime()); + if (results != null && !results.isEmpty()) { + result.addAll(results); + } } } + currentSignature++; } } return result; diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/VerifyParameterImpl.java b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/VerifyParameterImpl.java index 3b264938..d754c032 100644 --- a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/VerifyParameterImpl.java +++ b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/VerifyParameterImpl.java @@ -1,5 +1,7 @@ package at.gv.egiz.pdfas.lib.impl; +import java.util.Date; + import at.gv.egiz.pdfas.lib.api.Configuration; import at.gv.egiz.pdfas.lib.api.DataSource; import at.gv.egiz.pdfas.lib.api.verify.VerifyParameter; @@ -8,6 +10,8 @@ public class VerifyParameterImpl extends PdfAsParameterImpl implements VerifyPar protected int which = - 1; + protected Date verificationTime = null; + public VerifyParameterImpl(Configuration configuration, DataSource dataSource) { super(configuration, dataSource); @@ -20,4 +24,12 @@ public class VerifyParameterImpl extends PdfAsParameterImpl implements VerifyPar public void setWhichSignature(int which) { this.which = which; } + + public Date getVerificationTime() { + return verificationTime; + } + + public void setVerificationTime(Date verificationTime) { + this.verificationTime = verificationTime; + } } diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/verify/IVerifyFilter.java b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/verify/IVerifyFilter.java index 53c2e342..e83b6132 100644 --- a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/verify/IVerifyFilter.java +++ b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/verify/IVerifyFilter.java @@ -1,5 +1,6 @@ package at.gv.egiz.pdfas.lib.impl.verify; +import java.util.Date; import java.util.List; import at.gv.egiz.pdfas.common.exceptions.PdfAsException; @@ -8,6 +9,6 @@ import at.gv.egiz.pdfas.lib.api.verify.VerifyResult; public interface IVerifyFilter { public void setConfiguration(Configuration config); - public List<VerifyResult> verify(byte[] contentData, byte[] signatureContent) throws PdfAsException; + public List<VerifyResult> verify(byte[] contentData, byte[] signatureContent, Date verificationTime) throws PdfAsException; public List<FilterEntry> getFiters(); } diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/sl/util/BKUSLConnector.java b/pdf-as-lib/src/main/java/at/gv/egiz/sl/util/BKUSLConnector.java index 3820df8f..080a16a7 100644 --- a/pdf-as-lib/src/main/java/at/gv/egiz/sl/util/BKUSLConnector.java +++ b/pdf-as-lib/src/main/java/at/gv/egiz/sl/util/BKUSLConnector.java @@ -130,7 +130,7 @@ public class BKUSLConnector extends BaseSLConnector { try { slRequest = SLMarschaller.marshalToString(of .createCreateCMSSignatureRequest(request)); - //logger.debug(slRequest); + logger.debug(slRequest); String slResponse = performHttpRequestToBKU(slRequest); diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/config/WebConfiguration.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/config/WebConfiguration.java index eb04dde8..3c6a7f21 100644 --- a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/config/WebConfiguration.java +++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/config/WebConfiguration.java @@ -1,24 +1,111 @@ package at.gv.egiz.pdfas.web.config; +import java.io.File; +import java.io.FileInputStream; +import java.util.Properties; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + public class WebConfiguration { + + public static final String PUBLIC_URL = "public.url"; + public static final String LOCAL_BKU_URL = "bku.local.url"; + public static final String ONLINE_BKU_URL = "bku.online.url"; + public static final String MOBILE_BKU_URL = "bku.mobile.url"; + public static final String ERROR_DETAILS = "error.showdetails"; + public static final String PDF_AS_WORK_DIR = "pdfas.dir"; + + public static final String KEYSTORE_ENABLED = "ks.enabled"; + public static final String KEYSTORE_FILE = "ks.file"; + public static final String KEYSTORE_TYPE = "ks.type"; + public static final String KEYSTORE_PASS = "ks.pass"; + public static final String KEYSTORE_ALIAS = "ks.key.alias"; + public static final String KEYSTORE_KEY_PASS = "ks.key.pass"; + + private static Properties properties = new Properties(); + + private static final Logger logger = LoggerFactory + .getLogger(WebConfiguration.class); + + public static void configure(String config) { + try { + properties.load(new FileInputStream(config)); + } catch(Exception e) { + logger.error("Failed to load configuration: " + e.getMessage()); + throw new RuntimeException(e); + } + + String pdfASDir = getPdfASDir(); + if(pdfASDir == null) { + logger.error("Please configure pdf as working directory in the web configuration"); + throw new RuntimeException("Please configure pdf as working directory in the web configuration"); + } + + File f = new File(pdfASDir); + + if(!f.exists() || !f.isDirectory()) { + logger.error("Pdf As working directory does not exists or is not a directory!: " + pdfASDir); + throw new RuntimeException("Pdf As working directory does not exists or is not a directory!"); + } + } + public static String getPublicURL() { - return null; + return properties.getProperty(PUBLIC_URL); } public static String getLocalBKUURL() { - // TODO: Read URL from config - return "http://127.0.0.1:3495/http-security-layer-request"; + return properties.getProperty(LOCAL_BKU_URL); } public static String getOnlineBKUURL() { - // TODO: Read URL from config - return "http://abyss.iaik.tugraz.at/bkuonline/http-security-layer-request"; + return properties.getProperty(ONLINE_BKU_URL); } public static String getHandyBKUURL() { - // TODO: Read URL from config - return "http://127.0.0.1:3495/http-security-layer-request"; + return properties.getProperty(MOBILE_BKU_URL); + } + + public static String getPdfASDir() { + return properties.getProperty(PDF_AS_WORK_DIR); + } + + public static String getKeystoreFile() { + return properties.getProperty(KEYSTORE_FILE); + } + public static String getKeystoreType() { + return properties.getProperty(KEYSTORE_TYPE); + } + public static String getKeystorePass() { + return properties.getProperty(KEYSTORE_PASS); + } + public static String getKeystoreAlias() { + return properties.getProperty(KEYSTORE_ALIAS); + } + public static String getKeystoreKeyPass() { + return properties.getProperty(KEYSTORE_KEY_PASS); + } + + + public static boolean getKeystoreEnabled() { + String value = properties.getProperty(KEYSTORE_ENABLED); + if(value != null) { + if(value.equals("true")) { + return true; + } + } + return false; + } + + public static boolean isShowErrorDetails() { + String value = properties.getProperty(ERROR_DETAILS); + if(value != null) { + if(value.equals("true")) { + return true; + } + } + return false; } } diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsHelper.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsHelper.java index daf18108..e61a113a 100644 --- a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsHelper.java +++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsHelper.java @@ -66,14 +66,6 @@ public class PdfAsHelper { private static final String PDF_INVOKE_URL = "PDF_INVOKE_URL"; private static final String REQUEST_FROM_DU = "REQ_DATA_URL"; - // For development only: - public static final String keyStoreFile = "/home/afitzek/devel/pdfas_neu/test.p12"; - public static final String keyStoreType = "PKCS12"; - public static final String keyStorePass = "123456"; - // public static final String keyAlias = "pdf"; - public static final String keyAlias = "ecc_test"; - public static final String keyPass = "123456"; - private static final Logger logger = LoggerFactory .getLogger(PdfAsHelper.class); @@ -83,9 +75,14 @@ public class PdfAsHelper { static { // TODO: read from config file logger.debug("Creating PDF-AS"); - pdfAs = PdfAsFactory.createPdfAs(new File("/home/afitzek/.pdfas")); + pdfAs = PdfAsFactory.createPdfAs(new File(WebConfiguration.getPdfASDir())); logger.debug("Creating PDF-AS done"); } + + public static void init() { + logger.debug("PDF-AS Helper initialized"); + } + private static void validatePdfSize(HttpServletRequest request, HttpServletResponse response, byte[] pdfData) @@ -218,11 +215,10 @@ public class PdfAsHelper { if (connector.equals("moa")) { signer = new PAdESSigner(new MOAConnector(config)); } else { - // TODO: - // signer = new PAdESSignerKeystore(file, alias, kspassword, - // keypassword, type) - signer = new PKCS7DetachedSigner(keyStoreFile, keyAlias, - keyStorePass, keyPass, keyStoreType); + signer = new PKCS7DetachedSigner(WebConfiguration.getKeystoreFile(), + WebConfiguration.getKeystoreAlias(), + WebConfiguration.getKeystorePass(), WebConfiguration.getKeystoreKeyPass(), + WebConfiguration.getKeystoreType()); } signParameter.setPlainSigner(signer); diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/ErrorPage.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/ErrorPage.java index fceeed85..fe436566 100644 --- a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/ErrorPage.java +++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/ErrorPage.java @@ -12,6 +12,7 @@ import javax.swing.text.html.HTML; import org.apache.commons.lang3.StringEscapeUtils; +import at.gv.egiz.pdfas.web.config.WebConfiguration; import at.gv.egiz.pdfas.web.helper.HTMLFormater; import at.gv.egiz.pdfas.web.helper.PdfAsHelper; @@ -64,7 +65,7 @@ public class ErrorPage extends HttpServlet { String template = PdfAsHelper.getErrorRedirectTemplateSL(); template = template.replace("##ERROR_URL##", errorURL); - if (e != null) { + if (e != null && WebConfiguration.isShowErrorDetails()) { template = template.replace("##CAUSE##", URLEncoder.encode(e.getMessage(), "UTF-8")); } else { @@ -88,7 +89,7 @@ public class ErrorPage extends HttpServlet { pw.write("<p>" + message + "</p>"); } - if (e != null) { + if (e != null && WebConfiguration.isShowErrorDetails()) { pw.write("<p>" + HTMLFormater.formatStackTrace(e.getStackTrace()) + "</p>"); diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/ExternSignServlet.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/ExternSignServlet.java index 90c77320..c96225bd 100644 --- a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/ExternSignServlet.java +++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/ExternSignServlet.java @@ -19,6 +19,7 @@ import org.slf4j.LoggerFactory; import at.gv.egiz.pdfas.common.exceptions.PdfAsException; import at.gv.egiz.pdfas.lib.api.sign.IPlainSigner; import at.gv.egiz.pdfas.sigs.pades.PAdESSigner; +import at.gv.egiz.pdfas.web.config.WebConfiguration; import at.gv.egiz.pdfas.web.exception.PdfAsWebException; import at.gv.egiz.pdfas.web.helper.PdfAsHelper; import at.gv.egiz.pdfas.web.helper.PdfAsParameterExtractor; @@ -33,6 +34,8 @@ public class ExternSignServlet extends HttpServlet { private static final long serialVersionUID = 1L; + public static final String PDF_AS_WEB_CONF = "pdf-as-web.conf"; + private static final String UPLOAD_PDF_DATA = "pdfFile"; private static final String UPLOAD_DIRECTORY = "upload"; private static final int THRESHOLD_SIZE = 1024 * 1024 * 3; // 3MB @@ -46,6 +49,15 @@ public class ExternSignServlet extends HttpServlet { * Default constructor. */ public ExternSignServlet() { + String webconfig = System.getProperty(PDF_AS_WEB_CONF); + + if(webconfig == null) { + logger.error("No web configuration provided! Please specify: " + PDF_AS_WEB_CONF); + throw new RuntimeException("No web configuration provided! Please specify: " + PDF_AS_WEB_CONF); + } + + WebConfiguration.configure(webconfig); + PdfAsHelper.init(); } protected void doGet(HttpServletRequest request, @@ -142,7 +154,12 @@ public class ExternSignServlet extends HttpServlet { FileItem item = (FileItem) obj; if(item.getFieldName().equals(UPLOAD_PDF_DATA)) { filecontent = item.get(); - logger.debug("Found pdf Data!"); + + if(filecontent.length < 10) { + filecontent = null; + } else { + logger.debug("Found pdf Data! Size: " + filecontent.length); + } } else { request.setAttribute(item.getFieldName(), item.getString()); logger.debug("Setting " + item.getFieldName() + " = " + item.getString()); @@ -161,6 +178,15 @@ public class ExternSignServlet extends HttpServlet { } if(filecontent == null) { + Object sourceObj = request.getAttribute("source"); + if(sourceObj != null) { + String source = sourceObj.toString(); + if(source.equals("internal")) { + request.setAttribute("FILEERR", true); + request.getRequestDispatcher("index.jsp").forward(request, response); + return; + } + } throw new PdfAsException("No Signature data available"); } diff --git a/pdf-as-web/src/main/webapp/WEB-INF/web.xml b/pdf-as-web/src/main/webapp/WEB-INF/web.xml index 81fa6dad..40642fcc 100644 --- a/pdf-as-web/src/main/webapp/WEB-INF/web.xml +++ b/pdf-as-web/src/main/webapp/WEB-INF/web.xml @@ -35,7 +35,7 @@ The Sign Servlet allows Users to Sign PDF Documents ... </description> <servlet-class>at.gv.egiz.pdfas.web.servlets.ExternSignServlet</servlet-class> - <load-on-startup>5</load-on-startup> + <load-on-startup>0</load-on-startup> </servlet> <servlet> <servlet-name>ProvidePDF</servlet-name> diff --git a/pdf-as-web/src/main/webapp/assets/img/mobileBKU.png b/pdf-as-web/src/main/webapp/assets/img/mobileBKU.png Binary files differnew file mode 100644 index 00000000..48e77934 --- /dev/null +++ b/pdf-as-web/src/main/webapp/assets/img/mobileBKU.png diff --git a/pdf-as-web/src/main/webapp/assets/img/onlineBKU.png b/pdf-as-web/src/main/webapp/assets/img/onlineBKU.png Binary files differnew file mode 100644 index 00000000..2ec41892 --- /dev/null +++ b/pdf-as-web/src/main/webapp/assets/img/onlineBKU.png diff --git a/pdf-as-web/src/main/webapp/index.jsp b/pdf-as-web/src/main/webapp/index.jsp index 2dd79101..8aba0dff 100644 --- a/pdf-as-web/src/main/webapp/index.jsp +++ b/pdf-as-web/src/main/webapp/index.jsp @@ -1,21 +1,52 @@ +<%@page import="at.gv.egiz.pdfas.web.config.WebConfiguration"%> <html> <head> <title>PDF-Signatur</title> </head> <body> -<form role="form" action="Sign" method="POST" enctype="multipart/form-data"> - <div class="form-group"> - <label for="exampleInputFile">Signieren: </label> - <input type="file" name="pdfFile" id="pdfFile"> - <p class="help-block">Zu signierende PDF Datei</p> - </div> - <div class="form-group"> - <button type="submit" value="jks" name="connector" class="btn btn-primary">JKS</button> - <button type="submit" value="bku" name="connector" class="btn btn-primary">Lokale BKU</button> - <button type="submit" value="onlinebku" name="connector" class="btn btn-primary">Online BKU</button> - <button type="submit" value="mobilebku" name="connector" class="btn btn-primary">Handy</button> - <button type="submit" value="moa" name="connector" class="btn btn-primary">MOA-SS</button> - </div> -</form> + <form role="form" action="Sign" method="POST" + enctype="multipart/form-data"> + <input type="hidden" name="source" id="source" value="internal"/> + <div class="form-group <% if(request.getAttribute("FILEERR") != null) { %> has-error <% } %>"> + <label for="exampleInputFile">Signieren: </label> <input type="file" + name="pdfFile" id="pdfFile" accept="application/pdf"> + <p class="help-block"> + <% if(request.getAttribute("FILEERR") != null) { %> + Bitte die zu signierende PDF Datei angeben. + <% } else { %> + Zu signierende PDF Datei + <% } %></p> + </div> + <% if(WebConfiguration.getOnlineBKUURL() != null || + WebConfiguration.getLocalBKUURL() != null) { %> + <div class="form-group"> + <!-- button type="submit" value="jks" name="connector" class="btn btn-primary">JKS</button--> + <label for="bku"><img src="assets/img/onlineBKU.png" /></label> + <% if(WebConfiguration.getLocalBKUURL() != null) { %> + <button type="submit" value="bku" name="connector" + class="btn btn-primary" id="bku">Lokale BKU</button> + <% } %> + <% if(WebConfiguration.getOnlineBKUURL() != null) { %> + <button type="submit" value="onlinebku" name="connector" + class="btn btn-primary" id="onlinebku">Online BKU</button> + <% } %> + </div> + <% } %> + <% if(WebConfiguration.getHandyBKUURL() != null) { %> + <div class="form-group"> + <label for="mobilebku"><img src="assets/img/mobileBKU.png" /></label> + <button type="submit" value="mobilebku" name="connector" + class="btn btn-primary" id="mobilebku">Handy</button> + <!-- button type="submit" value="moa" name="connector" class="btn btn-primary">MOA-SS</button --> + </div> + <% } %> + <% if(WebConfiguration.getKeystoreEnabled()) { %> + <div class="form-group"> + <button type="submit" value="jks" name="connector" + class="btn btn-primary" id="jks">Server Keystore</button> + <!-- button type="submit" value="moa" name="connector" class="btn btn-primary">MOA-SS</button --> + </div> + <% } %> + </form> </body> </html>
\ No newline at end of file diff --git a/pdf-as-web/src/test/pdf-as-web.properties b/pdf-as-web/src/test/pdf-as-web.properties new file mode 100644 index 00000000..8f60c63f --- /dev/null +++ b/pdf-as-web/src/test/pdf-as-web.properties @@ -0,0 +1,27 @@ + +# Define Public URL prefix for PDF-AS Web. For example if behind a proxy, or in a cluster +#public.url= + +error.showdetails=true + +pdfas.dir= + +#BKU URLs. To deactivate a BKU, just uncomment it. + +# URL for Local BKU +bku.local.url=http://127.0.0.1:3495/http-security-layer-request + +# URL for Online BKU +bku.online.url=http://abyss.iaik.tugraz.at/bkuonline/http-security-layer-request + +# URL for Mobile BKU +#bku.mobile.url= + + +# Support Keystore +ks.enabled=true +ks.file=/home/afitzek/devel/pdfas_neu/test.p12 +ks.type=PKCS12 +ks.pass=123456 +ks.key.alias=ecc_test +ks.key.pass=123456
\ No newline at end of file diff --git a/signature-standards/sigs-pades/src/main/java/at/gv/egiz/pdfas/sigs/pades/PAdESVerifier.java b/signature-standards/sigs-pades/src/main/java/at/gv/egiz/pdfas/sigs/pades/PAdESVerifier.java index 52a58d56..3298f92b 100644 --- a/signature-standards/sigs-pades/src/main/java/at/gv/egiz/pdfas/sigs/pades/PAdESVerifier.java +++ b/signature-standards/sigs-pades/src/main/java/at/gv/egiz/pdfas/sigs/pades/PAdESVerifier.java @@ -3,6 +3,8 @@ package at.gv.egiz.pdfas.sigs.pades; import iaik.x509.X509Certificate; import java.util.ArrayList; +import java.util.Calendar; +import java.util.Date; import java.util.List; import javax.activation.DataHandler; @@ -49,10 +51,10 @@ public class PAdESVerifier implements IVerifyFilter { } @SuppressWarnings("rawtypes") - public List<VerifyResult> verify(byte[] contentData, byte[] signatureContent) + public List<VerifyResult> verify(byte[] contentData, + byte[] signatureContent, Date verificationTime) throws PdfAsException { - List<VerifyResult> resultList = new ArrayList<VerifyResult>(); try { logger.info("verification with MOA @ " + this.moaEndpoint); @@ -77,7 +79,11 @@ public class PAdESVerifier implements IVerifyFilter { verifyCMSSignatureRequest.setCMSSignature(cmsSignature); verifyCMSSignatureRequest .setDataObject(cmsDataObjectOptionalMetaType); - + if (verificationTime != null) { + Calendar cal = Calendar.getInstance(); + cal.setTime(verificationTime); + verifyCMSSignatureRequest.setDateTime(cal); + } // cmsDataObjectOptionalMetaType. VerifyCMSSignatureResponse response = service .verifyCMSSignature(verifyCMSSignatureRequest); @@ -120,25 +126,35 @@ public class PAdESVerifier implements IVerifyFilter { .getKeyInfoTypeChoice(); KeyInfoTypeChoice choice = keyInfo[0]; result.setSignatureData(data); - + // extract certificate if (choice.isX509DataSpecified()) { - byte[] certData = null; - X509DataTypeSequence[] x509Sequence = choice.getX509Data().getX509DataTypeSequence(); - for(int k = 0; k < x509Sequence.length; k++) { + byte[] certData = null; + X509DataTypeSequence[] x509Sequence = choice.getX509Data() + .getX509DataTypeSequence(); + for (int k = 0; k < x509Sequence.length; k++) { X509DataTypeSequence x509Data = x509Sequence[k]; - if(x509Data.getX509DataTypeChoice_type0().isX509CertificateSpecified()) { - DataHandler handler = x509Data.getX509DataTypeChoice_type0().getX509Certificate(); - certData = StreamUtils.inputStreamToByteArray(handler.getInputStream()); - } else if(x509Data.getX509DataTypeChoice_type0().isExtraElementSpecified()) { - if(x509Data.getX509DataTypeChoice_type0().getExtraElement().getLocalName().equals( - SignatureVerificationServiceStub.QualifiedCertificate.MY_QNAME.getLocalPart())) { + if (x509Data.getX509DataTypeChoice_type0() + .isX509CertificateSpecified()) { + DataHandler handler = x509Data + .getX509DataTypeChoice_type0() + .getX509Certificate(); + certData = StreamUtils + .inputStreamToByteArray(handler + .getInputStream()); + } else if (x509Data.getX509DataTypeChoice_type0() + .isExtraElementSpecified()) { + if (x509Data + .getX509DataTypeChoice_type0() + .getExtraElement() + .getLocalName() + .equals(SignatureVerificationServiceStub.QualifiedCertificate.MY_QNAME + .getLocalPart())) { result.setQualifiedCertificate(true); } } } - X509Certificate certificate = new X509Certificate( - certData); + X509Certificate certificate = new X509Certificate(certData); result.setSignerCertificate(certificate); } else if (choice.isExtraElementSpecified()) { String xmldisg = choice.getExtraElement().toString(); diff --git a/signature-standards/sigs-pkcs7detached/src/main/java/at/gv/egiz/pdfas/sigs/pkcs7detached/PKCS7DetachedVerifier.java b/signature-standards/sigs-pkcs7detached/src/main/java/at/gv/egiz/pdfas/sigs/pkcs7detached/PKCS7DetachedVerifier.java index 7d5c029a..40714e7a 100644 --- a/signature-standards/sigs-pkcs7detached/src/main/java/at/gv/egiz/pdfas/sigs/pkcs7detached/PKCS7DetachedVerifier.java +++ b/signature-standards/sigs-pkcs7detached/src/main/java/at/gv/egiz/pdfas/sigs/pkcs7detached/PKCS7DetachedVerifier.java @@ -11,6 +11,7 @@ import java.io.ByteArrayInputStream; import java.io.FileOutputStream; import java.security.SignatureException; import java.util.ArrayList; +import java.util.Date; import java.util.List; import org.apache.pdfbox.pdmodel.interactive.digitalsignature.PDSignature; @@ -33,7 +34,7 @@ public class PKCS7DetachedVerifier implements IVerifyFilter { public PKCS7DetachedVerifier() { } - public List<VerifyResult> verify(byte[] contentData, byte[] signatureContent) + public List<VerifyResult> verify(byte[] contentData, byte[] signatureContent, Date verificationTime) throws PdfAsException { try { List<VerifyResult> result = new ArrayList<VerifyResult>(); |