diff options
9 files changed, 98 insertions, 69 deletions
diff --git a/pdf-as-cli/src/main/java/at/gv/egiz/pdfas/cli/Main.java b/pdf-as-cli/src/main/java/at/gv/egiz/pdfas/cli/Main.java index dfd33c34..e6b7f624 100644 --- a/pdf-as-cli/src/main/java/at/gv/egiz/pdfas/cli/Main.java +++ b/pdf-as-cli/src/main/java/at/gv/egiz/pdfas/cli/Main.java @@ -24,12 +24,16 @@ import at.gv.egiz.pdfas.lib.api.DataSink; import at.gv.egiz.pdfas.lib.api.DataSource; import at.gv.egiz.pdfas.lib.api.PdfAs; import at.gv.egiz.pdfas.lib.api.PdfAsFactory; +import at.gv.egiz.pdfas.lib.api.sign.IPlainSigner; import at.gv.egiz.pdfas.lib.api.sign.SignParameter; import at.gv.egiz.pdfas.lib.api.sign.SignResult; import at.gv.egiz.pdfas.lib.api.verify.VerifyParameter; import at.gv.egiz.pdfas.lib.api.verify.VerifyResult; import at.gv.egiz.pdfas.sigs.pades.PAdESSigner; import at.gv.egiz.sl.util.BKUSLConnector; +import at.gv.egiz.sl.util.ISLConnector; +import at.gv.egiz.sl.util.ISignatureConnectorSLWrapper; +import at.gv.egiz.sl.util.MOAConnector; public class Main { @@ -179,13 +183,19 @@ public class Main { if (cli.hasOption(CLI_ARG_PROFILE_SHORT)) { profilID = cli.getOptionValue(CLI_ARG_PROFILE_SHORT); } - + String outputFile = null; - - if(cli.hasOption(CLI_ARG_OUTPUT_SHORT)) { + + if (cli.hasOption(CLI_ARG_OUTPUT_SHORT)) { outputFile = cli.getOptionValue(CLI_ARG_OUTPUT_SHORT); } + String connector = null; + + if(cli.hasOption(CLI_ARG_CONNECTOR_SHORT)) { + connector = cli.getOptionValue(CLI_ARG_CONNECTOR_SHORT); + } + String pdfFile = null; pdfFile = cli.getArgs()[cli.getArgs().length - 1]; @@ -196,16 +206,18 @@ public class Main { throw new Exception("Input file does not exists"); } - if(outputFile == null) { - if(pdfFile.endsWith(".pdf")) { - outputFile = pdfFile.subSequence(0, pdfFile.length() - ".pdf".length()) + "_signed.pdf"; + if (outputFile == null) { + if (pdfFile.endsWith(".pdf")) { + outputFile = pdfFile.subSequence(0, + pdfFile.length() - ".pdf".length()) + + "_signed.pdf"; } else { outputFile = pdfFile + "_signed.pdf"; } } - + File outputPdfFile = new File(outputFile); - + DataSource dataSource = new ByteArrayDataSource( StreamUtils.inputStreamToByteArray(new FileInputStream( inputFile))); @@ -221,23 +233,31 @@ public class Main { SignParameter signParameter = PdfAsFactory.createSignParameter( configuration, dataSource); + IPlainSigner slConnector = null; + + if(connector != null) { + if(connector.equalsIgnoreCase("bku")) { + slConnector = new PAdESSigner(new BKUSLConnector(configuration)); + } else if(connector.equalsIgnoreCase("moa")) { + slConnector = new PAdESSigner(new MOAConnector(configuration)); + } + } + if(slConnector == null) { + slConnector = new PAdESSigner(new BKUSLConnector(configuration)); + } + signParameter.setOutput(dataSink); - signParameter.setPlainSigner(new PAdESSigner(new BKUSLConnector(configuration))); + signParameter.setPlainSigner(slConnector); signParameter.setDataSource(dataSource); signParameter.setSignaturePosition(positionString); signParameter.setSignatureProfileId(profilID); - - // Set SL Signer! This will need connector value from cli - // signParameter.setPlainSigner(signer); - + System.out.println("Starting signature for " + pdfFile); SignResult result = pdfAs.sign(signParameter); - - if(outputPdfFile.exists()) { - } - + FileOutputStream fos = new FileOutputStream(outputPdfFile, false); fos.write(dataSink.getData()); fos.close(); + System.out.println("Signed document " + outputFile); } private static void perform_verify(CommandLine cli) throws Exception { @@ -249,14 +269,14 @@ public class Main { } else { configurationFile = STANDARD_CONFIG_LOCATION; } - + int which = -1; if (cli.hasOption(CLI_ARG_VERIFY_WHICH_SHORT)) { String whichValue = cli.getOptionValue(CLI_ARG_VERIFY_WHICH_SHORT); which = Integer.parseInt(whichValue); - } - + } + String pdfFile = null; pdfFile = cli.getArgs()[cli.getArgs().length - 1]; @@ -276,35 +296,63 @@ public class Main { pdfAs = PdfAsFactory.createPdfAs(new File(configurationFile)); Configuration configuration = pdfAs.getConfiguration(); - - VerifyParameter verifyParameter = - PdfAsFactory.createVerifyParameter(configuration, dataSource); - + + VerifyParameter verifyParameter = PdfAsFactory.createVerifyParameter( + configuration, dataSource); + verifyParameter.setDataSource(dataSource); verifyParameter.setConfiguration(configuration); verifyParameter.setWhichSignature(which); - + List<VerifyResult> results = pdfAs.verify(verifyParameter); - + Iterator<VerifyResult> resultIterator = results.iterator(); - - while(resultIterator.hasNext()) { + + int idx = 0; + while (resultIterator.hasNext()) { VerifyResult verifyResult = resultIterator.next(); - dumpVerifyResult(verifyResult); + dumpVerifyResult(verifyResult, pdfFile, idx); + idx++; } } - - private static void dumpVerifyResult(VerifyResult verifyResult) { + + private static void dumpVerifyResult(VerifyResult verifyResult, + String inputFile, int idx) { System.out.println("Verification Result:"); - System.out.println("\tValue Check: " + - verifyResult.getValueCheckCode().getMessage() + - " [" + verifyResult.getValueCheckCode().getCode() + "]"); - System.out.println("\tCertificate Check: " + - verifyResult.getCertificateCheck().getMessage() + - " [" + verifyResult.getCertificateCheck().getCode() + "]"); - System.out.println("\tQualified Certificate: " + - verifyResult.isQualifiedCertificate()); - System.out.println("\tVerification done: " + - verifyResult.isVerificationDone()); + System.out.println("\tValue Check: " + + verifyResult.getValueCheckCode().getMessage() + " [" + + verifyResult.getValueCheckCode().getCode() + "]"); + System.out.println("\tCertificate Check: " + + verifyResult.getCertificateCheck().getMessage() + " [" + + verifyResult.getCertificateCheck().getCode() + "]"); + System.out.println("\tQualified Certificate: " + + verifyResult.isQualifiedCertificate()); + System.out.println("\tVerification done: " + + verifyResult.isVerificationDone()); + try { + if (verifyResult.isVerificationDone() + && verifyResult.getValueCheckCode().getCode() == 0) { + String outputFile = null; + + if (inputFile.endsWith(".pdf")) { + outputFile = inputFile.subSequence(0, inputFile.length() + - ".pdf".length()) + + "_verified_" + idx + ".pdf"; + } else { + outputFile = inputFile + "_verified_" + idx + ".pdf"; + } + + File outputPdfFile = new File(outputFile); + FileOutputStream fos = new FileOutputStream(outputPdfFile, + false); + fos.write(verifyResult.getSignatureData()); + fos.close(); + System.out.println("\tSigned PDF: " + + outputFile); + } + } catch (Exception e) { + System.out.println("\tFailed to save signed PDF! [" + e.getMessage() + "]"); + e.printStackTrace(); + } } } diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/api/PdfAsFactory.java b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/api/PdfAsFactory.java index e26e3fdb..b303a139 100644 --- a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/api/PdfAsFactory.java +++ b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/api/PdfAsFactory.java @@ -1,5 +1,8 @@ package at.gv.egiz.pdfas.lib.api; +import iaik.security.ecc.provider.ECCProvider; +import iaik.security.provider.IAIK; + import java.io.File; import org.apache.log4j.BasicConfigurator; @@ -16,6 +19,9 @@ public class PdfAsFactory { static { PropertyConfigurator.configure(ClassLoader.getSystemResourceAsStream("resources/log4j.properties")); //BasicConfigurator.configure(); + + IAIK.getInstance(); + ECCProvider.addAsProvider(); } public static PdfAs createPdfAs(File configuration) { diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/api/PdfAsParameter.java b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/api/PdfAsParameter.java index 8ffcf998..8ab9a4be 100644 --- a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/api/PdfAsParameter.java +++ b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/api/PdfAsParameter.java @@ -9,6 +9,4 @@ public interface PdfAsParameter { public DataSource getDataSource(); public void setDataSource(DataSource dataSource); - - } diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/PdfAsImpl.java b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/PdfAsImpl.java index 2f2d47c8..ddfc79ce 100644 --- a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/PdfAsImpl.java +++ b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/PdfAsImpl.java @@ -110,10 +110,6 @@ public class PdfAsImpl implements PdfAs, IConfigurationConstants { this.stampPdf(status); - FileOutputStream fos = new FileOutputStream("/home/afitzek/qr_2_stamped.pdf"); - fos.write(status.getPdfObject().getStampedDocument()); - fos.close(); - /* * if (requestedSignature.isVisual()) { * logger.info("Creating visual siganture block"); // diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/signing/pdfbox/PdfboxSignerWrapper.java b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/signing/pdfbox/PdfboxSignerWrapper.java index 0420cd11..554a5b98 100644 --- a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/signing/pdfbox/PdfboxSignerWrapper.java +++ b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/signing/pdfbox/PdfboxSignerWrapper.java @@ -41,11 +41,11 @@ public class PdfboxSignerWrapper implements PDFASSignatureInterface { byteRange = PDFUtils.extractSignatureByteRange(data); try { byte[] signature = signer.sign(data, byteRange); - logger.debug("Signature Data: " + /*logger.debug("Signature Data: " + iaik.utils.Util.toBase64String(signature)); FileOutputStream fos = new FileOutputStream("/tmp/fos.bin"); fos.write(signature); - fos.close(); + fos.close();*/ return signature; } catch (PdfAsException e) { throw new PdfAsWrappedIOException(e); diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/sl/util/ISignatureConnectorSLWrapper.java b/pdf-as-lib/src/main/java/at/gv/egiz/sl/util/ISignatureConnectorSLWrapper.java index 6781f898..cf7333b4 100644 --- a/pdf-as-lib/src/main/java/at/gv/egiz/sl/util/ISignatureConnectorSLWrapper.java +++ b/pdf-as-lib/src/main/java/at/gv/egiz/sl/util/ISignatureConnectorSLWrapper.java @@ -60,14 +60,6 @@ public class ISignatureConnectorSLWrapper implements ISignatureConnector { } public byte[] sign(byte[] input, int[] byteRange) throws PdfAsException { - try { - MessageDigest md = MessageDigest.getInstance("SHA256", "IAIK"); - md.update(input); - byte[] sha256 = md.digest(); - logger.info("Message digest should be: " + StringUtils.bytesToHexString(sha256) + " Size: " + input.length); - } catch (Exception e) { - e.printStackTrace(); - } CreateCMSSignatureRequestType request = connector.createCMSRequest( input, byteRange); CreateCMSSignatureResponseType response = connector diff --git a/signature-standards/sigs-pades/src/main/java/at/gv/egiz/pdfas/sigs/pades/PAdESSigner.java b/signature-standards/sigs-pades/src/main/java/at/gv/egiz/pdfas/sigs/pades/PAdESSigner.java index 6945d9b3..7fc0081b 100644 --- a/signature-standards/sigs-pades/src/main/java/at/gv/egiz/pdfas/sigs/pades/PAdESSigner.java +++ b/signature-standards/sigs-pades/src/main/java/at/gv/egiz/pdfas/sigs/pades/PAdESSigner.java @@ -32,7 +32,6 @@ public class PAdESSigner implements IPlainSigner { public String getPDFSubFilter() { return PDSignature.SUBFILTER_ETSI_CADES_DETACHED.getName(); - //return PDSignature.SUBFILTER_ADBE_PKCS7_DETACHED.getName(); } public String getPDFFilter() { diff --git a/signature-standards/sigs-pades/src/main/java/at/gv/egiz/pdfas/sigs/pades/PAdESVerifier.java b/signature-standards/sigs-pades/src/main/java/at/gv/egiz/pdfas/sigs/pades/PAdESVerifier.java index 4af66e42..291d6898 100644 --- a/signature-standards/sigs-pades/src/main/java/at/gv/egiz/pdfas/sigs/pades/PAdESVerifier.java +++ b/signature-standards/sigs-pades/src/main/java/at/gv/egiz/pdfas/sigs/pades/PAdESVerifier.java @@ -22,7 +22,6 @@ import at.gv.egiz.moa.SignatureVerificationServiceStub; import at.gv.egiz.moa.SignatureVerificationServiceStub.CMSContentBaseType; import at.gv.egiz.moa.SignatureVerificationServiceStub.CMSDataObjectOptionalMetaType; import at.gv.egiz.moa.SignatureVerificationServiceStub.KeyInfoTypeChoice; -import at.gv.egiz.moa.SignatureVerificationServiceStub.QualifiedCertificate; import at.gv.egiz.moa.SignatureVerificationServiceStub.VerifyCMSSignatureRequest; import at.gv.egiz.moa.SignatureVerificationServiceStub.VerifyCMSSignatureResponse; import at.gv.egiz.moa.SignatureVerificationServiceStub.VerifyCMSSignatureResponseTypeSequence; @@ -36,7 +35,6 @@ import at.gv.egiz.pdfas.lib.impl.verify.FilterEntry; import at.gv.egiz.pdfas.lib.impl.verify.IVerifyFilter; import at.gv.egiz.pdfas.lib.impl.verify.SignatureCheckImpl; import at.gv.egiz.pdfas.lib.impl.verify.VerifyResultImpl; -import at.gv.egiz.sl.util.BKUSLConnector; public class PAdESVerifier implements IVerifyFilter { @@ -125,7 +123,7 @@ public class PAdESVerifier implements IVerifyFilter { KeyInfoTypeChoice[] keyInfo = verifySequence[i].getSignerInfo() .getKeyInfoTypeChoice(); KeyInfoTypeChoice choice = keyInfo[0]; - result.setSignatureData(signatureContent); + result.setSignatureData(data); // extract certificate if (choice.isX509DataSpecified()) { diff --git a/signature-standards/sigs-pcks7detached/src/main/java/at/gv/egiz/pdfas/sigs/pkcs7detached/PKCS7DetachedSigner.java b/signature-standards/sigs-pcks7detached/src/main/java/at/gv/egiz/pdfas/sigs/pkcs7detached/PKCS7DetachedSigner.java index d90049a2..83df6a59 100644 --- a/signature-standards/sigs-pcks7detached/src/main/java/at/gv/egiz/pdfas/sigs/pkcs7detached/PKCS7DetachedSigner.java +++ b/signature-standards/sigs-pcks7detached/src/main/java/at/gv/egiz/pdfas/sigs/pkcs7detached/PKCS7DetachedSigner.java @@ -128,14 +128,6 @@ public class PKCS7DetachedSigner implements IPlainSigner { // } // } // SubjectKeyID subjectKeyId = new SubjectKeyID(cert); - try { - MessageDigest md = MessageDigest.getInstance("SHA256", "IAIK"); - md.update(input); - byte[] sha256 = md.digest(); - logger.info("Message digest: " + StringUtils.bytesToHexString(sha256)); - } catch (Exception e) { - e.printStackTrace(); - } IssuerAndSerialNumber issuer = new IssuerAndSerialNumber(cert); SignerInfo signer1 = new SignerInfo(issuer, AlgorithmID.sha256, AlgorithmID.ecdsa_plain_With_SHA256, |