aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--pdf-as-cli/src/main/java/at/gv/egiz/pdfas/cli/Main.java130
-rw-r--r--pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/api/PdfAsFactory.java6
-rw-r--r--pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/api/PdfAsParameter.java2
-rw-r--r--pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/PdfAsImpl.java4
-rw-r--r--pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/signing/pdfbox/PdfboxSignerWrapper.java4
-rw-r--r--pdf-as-lib/src/main/java/at/gv/egiz/sl/util/ISignatureConnectorSLWrapper.java8
-rw-r--r--signature-standards/sigs-pades/src/main/java/at/gv/egiz/pdfas/sigs/pades/PAdESSigner.java1
-rw-r--r--signature-standards/sigs-pades/src/main/java/at/gv/egiz/pdfas/sigs/pades/PAdESVerifier.java4
-rw-r--r--signature-standards/sigs-pcks7detached/src/main/java/at/gv/egiz/pdfas/sigs/pkcs7detached/PKCS7DetachedSigner.java8
9 files changed, 98 insertions, 69 deletions
diff --git a/pdf-as-cli/src/main/java/at/gv/egiz/pdfas/cli/Main.java b/pdf-as-cli/src/main/java/at/gv/egiz/pdfas/cli/Main.java
index dfd33c34..e6b7f624 100644
--- a/pdf-as-cli/src/main/java/at/gv/egiz/pdfas/cli/Main.java
+++ b/pdf-as-cli/src/main/java/at/gv/egiz/pdfas/cli/Main.java
@@ -24,12 +24,16 @@ import at.gv.egiz.pdfas.lib.api.DataSink;
import at.gv.egiz.pdfas.lib.api.DataSource;
import at.gv.egiz.pdfas.lib.api.PdfAs;
import at.gv.egiz.pdfas.lib.api.PdfAsFactory;
+import at.gv.egiz.pdfas.lib.api.sign.IPlainSigner;
import at.gv.egiz.pdfas.lib.api.sign.SignParameter;
import at.gv.egiz.pdfas.lib.api.sign.SignResult;
import at.gv.egiz.pdfas.lib.api.verify.VerifyParameter;
import at.gv.egiz.pdfas.lib.api.verify.VerifyResult;
import at.gv.egiz.pdfas.sigs.pades.PAdESSigner;
import at.gv.egiz.sl.util.BKUSLConnector;
+import at.gv.egiz.sl.util.ISLConnector;
+import at.gv.egiz.sl.util.ISignatureConnectorSLWrapper;
+import at.gv.egiz.sl.util.MOAConnector;
public class Main {
@@ -179,13 +183,19 @@ public class Main {
if (cli.hasOption(CLI_ARG_PROFILE_SHORT)) {
profilID = cli.getOptionValue(CLI_ARG_PROFILE_SHORT);
}
-
+
String outputFile = null;
-
- if(cli.hasOption(CLI_ARG_OUTPUT_SHORT)) {
+
+ if (cli.hasOption(CLI_ARG_OUTPUT_SHORT)) {
outputFile = cli.getOptionValue(CLI_ARG_OUTPUT_SHORT);
}
+ String connector = null;
+
+ if(cli.hasOption(CLI_ARG_CONNECTOR_SHORT)) {
+ connector = cli.getOptionValue(CLI_ARG_CONNECTOR_SHORT);
+ }
+
String pdfFile = null;
pdfFile = cli.getArgs()[cli.getArgs().length - 1];
@@ -196,16 +206,18 @@ public class Main {
throw new Exception("Input file does not exists");
}
- if(outputFile == null) {
- if(pdfFile.endsWith(".pdf")) {
- outputFile = pdfFile.subSequence(0, pdfFile.length() - ".pdf".length()) + "_signed.pdf";
+ if (outputFile == null) {
+ if (pdfFile.endsWith(".pdf")) {
+ outputFile = pdfFile.subSequence(0,
+ pdfFile.length() - ".pdf".length())
+ + "_signed.pdf";
} else {
outputFile = pdfFile + "_signed.pdf";
}
}
-
+
File outputPdfFile = new File(outputFile);
-
+
DataSource dataSource = new ByteArrayDataSource(
StreamUtils.inputStreamToByteArray(new FileInputStream(
inputFile)));
@@ -221,23 +233,31 @@ public class Main {
SignParameter signParameter = PdfAsFactory.createSignParameter(
configuration, dataSource);
+ IPlainSigner slConnector = null;
+
+ if(connector != null) {
+ if(connector.equalsIgnoreCase("bku")) {
+ slConnector = new PAdESSigner(new BKUSLConnector(configuration));
+ } else if(connector.equalsIgnoreCase("moa")) {
+ slConnector = new PAdESSigner(new MOAConnector(configuration));
+ }
+ }
+ if(slConnector == null) {
+ slConnector = new PAdESSigner(new BKUSLConnector(configuration));
+ }
+
signParameter.setOutput(dataSink);
- signParameter.setPlainSigner(new PAdESSigner(new BKUSLConnector(configuration)));
+ signParameter.setPlainSigner(slConnector);
signParameter.setDataSource(dataSource);
signParameter.setSignaturePosition(positionString);
signParameter.setSignatureProfileId(profilID);
-
- // Set SL Signer! This will need connector value from cli
- // signParameter.setPlainSigner(signer);
-
+ System.out.println("Starting signature for " + pdfFile);
SignResult result = pdfAs.sign(signParameter);
-
- if(outputPdfFile.exists()) {
- }
-
+
FileOutputStream fos = new FileOutputStream(outputPdfFile, false);
fos.write(dataSink.getData());
fos.close();
+ System.out.println("Signed document " + outputFile);
}
private static void perform_verify(CommandLine cli) throws Exception {
@@ -249,14 +269,14 @@ public class Main {
} else {
configurationFile = STANDARD_CONFIG_LOCATION;
}
-
+
int which = -1;
if (cli.hasOption(CLI_ARG_VERIFY_WHICH_SHORT)) {
String whichValue = cli.getOptionValue(CLI_ARG_VERIFY_WHICH_SHORT);
which = Integer.parseInt(whichValue);
- }
-
+ }
+
String pdfFile = null;
pdfFile = cli.getArgs()[cli.getArgs().length - 1];
@@ -276,35 +296,63 @@ public class Main {
pdfAs = PdfAsFactory.createPdfAs(new File(configurationFile));
Configuration configuration = pdfAs.getConfiguration();
-
- VerifyParameter verifyParameter =
- PdfAsFactory.createVerifyParameter(configuration, dataSource);
-
+
+ VerifyParameter verifyParameter = PdfAsFactory.createVerifyParameter(
+ configuration, dataSource);
+
verifyParameter.setDataSource(dataSource);
verifyParameter.setConfiguration(configuration);
verifyParameter.setWhichSignature(which);
-
+
List<VerifyResult> results = pdfAs.verify(verifyParameter);
-
+
Iterator<VerifyResult> resultIterator = results.iterator();
-
- while(resultIterator.hasNext()) {
+
+ int idx = 0;
+ while (resultIterator.hasNext()) {
VerifyResult verifyResult = resultIterator.next();
- dumpVerifyResult(verifyResult);
+ dumpVerifyResult(verifyResult, pdfFile, idx);
+ idx++;
}
}
-
- private static void dumpVerifyResult(VerifyResult verifyResult) {
+
+ private static void dumpVerifyResult(VerifyResult verifyResult,
+ String inputFile, int idx) {
System.out.println("Verification Result:");
- System.out.println("\tValue Check: " +
- verifyResult.getValueCheckCode().getMessage() +
- " [" + verifyResult.getValueCheckCode().getCode() + "]");
- System.out.println("\tCertificate Check: " +
- verifyResult.getCertificateCheck().getMessage() +
- " [" + verifyResult.getCertificateCheck().getCode() + "]");
- System.out.println("\tQualified Certificate: " +
- verifyResult.isQualifiedCertificate());
- System.out.println("\tVerification done: " +
- verifyResult.isVerificationDone());
+ System.out.println("\tValue Check: "
+ + verifyResult.getValueCheckCode().getMessage() + " ["
+ + verifyResult.getValueCheckCode().getCode() + "]");
+ System.out.println("\tCertificate Check: "
+ + verifyResult.getCertificateCheck().getMessage() + " ["
+ + verifyResult.getCertificateCheck().getCode() + "]");
+ System.out.println("\tQualified Certificate: "
+ + verifyResult.isQualifiedCertificate());
+ System.out.println("\tVerification done: "
+ + verifyResult.isVerificationDone());
+ try {
+ if (verifyResult.isVerificationDone()
+ && verifyResult.getValueCheckCode().getCode() == 0) {
+ String outputFile = null;
+
+ if (inputFile.endsWith(".pdf")) {
+ outputFile = inputFile.subSequence(0, inputFile.length()
+ - ".pdf".length())
+ + "_verified_" + idx + ".pdf";
+ } else {
+ outputFile = inputFile + "_verified_" + idx + ".pdf";
+ }
+
+ File outputPdfFile = new File(outputFile);
+ FileOutputStream fos = new FileOutputStream(outputPdfFile,
+ false);
+ fos.write(verifyResult.getSignatureData());
+ fos.close();
+ System.out.println("\tSigned PDF: "
+ + outputFile);
+ }
+ } catch (Exception e) {
+ System.out.println("\tFailed to save signed PDF! [" + e.getMessage() + "]");
+ e.printStackTrace();
+ }
}
}
diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/api/PdfAsFactory.java b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/api/PdfAsFactory.java
index e26e3fdb..b303a139 100644
--- a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/api/PdfAsFactory.java
+++ b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/api/PdfAsFactory.java
@@ -1,5 +1,8 @@
package at.gv.egiz.pdfas.lib.api;
+import iaik.security.ecc.provider.ECCProvider;
+import iaik.security.provider.IAIK;
+
import java.io.File;
import org.apache.log4j.BasicConfigurator;
@@ -16,6 +19,9 @@ public class PdfAsFactory {
static {
PropertyConfigurator.configure(ClassLoader.getSystemResourceAsStream("resources/log4j.properties"));
//BasicConfigurator.configure();
+
+ IAIK.getInstance();
+ ECCProvider.addAsProvider();
}
public static PdfAs createPdfAs(File configuration) {
diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/api/PdfAsParameter.java b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/api/PdfAsParameter.java
index 8ffcf998..8ab9a4be 100644
--- a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/api/PdfAsParameter.java
+++ b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/api/PdfAsParameter.java
@@ -9,6 +9,4 @@ public interface PdfAsParameter {
public DataSource getDataSource();
public void setDataSource(DataSource dataSource);
-
-
}
diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/PdfAsImpl.java b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/PdfAsImpl.java
index 2f2d47c8..ddfc79ce 100644
--- a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/PdfAsImpl.java
+++ b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/PdfAsImpl.java
@@ -110,10 +110,6 @@ public class PdfAsImpl implements PdfAs, IConfigurationConstants {
this.stampPdf(status);
- FileOutputStream fos = new FileOutputStream("/home/afitzek/qr_2_stamped.pdf");
- fos.write(status.getPdfObject().getStampedDocument());
- fos.close();
-
/*
* if (requestedSignature.isVisual()) {
* logger.info("Creating visual siganture block"); //
diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/signing/pdfbox/PdfboxSignerWrapper.java b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/signing/pdfbox/PdfboxSignerWrapper.java
index 0420cd11..554a5b98 100644
--- a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/signing/pdfbox/PdfboxSignerWrapper.java
+++ b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/signing/pdfbox/PdfboxSignerWrapper.java
@@ -41,11 +41,11 @@ public class PdfboxSignerWrapper implements PDFASSignatureInterface {
byteRange = PDFUtils.extractSignatureByteRange(data);
try {
byte[] signature = signer.sign(data, byteRange);
- logger.debug("Signature Data: "
+ /*logger.debug("Signature Data: "
+ iaik.utils.Util.toBase64String(signature));
FileOutputStream fos = new FileOutputStream("/tmp/fos.bin");
fos.write(signature);
- fos.close();
+ fos.close();*/
return signature;
} catch (PdfAsException e) {
throw new PdfAsWrappedIOException(e);
diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/sl/util/ISignatureConnectorSLWrapper.java b/pdf-as-lib/src/main/java/at/gv/egiz/sl/util/ISignatureConnectorSLWrapper.java
index 6781f898..cf7333b4 100644
--- a/pdf-as-lib/src/main/java/at/gv/egiz/sl/util/ISignatureConnectorSLWrapper.java
+++ b/pdf-as-lib/src/main/java/at/gv/egiz/sl/util/ISignatureConnectorSLWrapper.java
@@ -60,14 +60,6 @@ public class ISignatureConnectorSLWrapper implements ISignatureConnector {
}
public byte[] sign(byte[] input, int[] byteRange) throws PdfAsException {
- try {
- MessageDigest md = MessageDigest.getInstance("SHA256", "IAIK");
- md.update(input);
- byte[] sha256 = md.digest();
- logger.info("Message digest should be: " + StringUtils.bytesToHexString(sha256) + " Size: " + input.length);
- } catch (Exception e) {
- e.printStackTrace();
- }
CreateCMSSignatureRequestType request = connector.createCMSRequest(
input, byteRange);
CreateCMSSignatureResponseType response = connector
diff --git a/signature-standards/sigs-pades/src/main/java/at/gv/egiz/pdfas/sigs/pades/PAdESSigner.java b/signature-standards/sigs-pades/src/main/java/at/gv/egiz/pdfas/sigs/pades/PAdESSigner.java
index 6945d9b3..7fc0081b 100644
--- a/signature-standards/sigs-pades/src/main/java/at/gv/egiz/pdfas/sigs/pades/PAdESSigner.java
+++ b/signature-standards/sigs-pades/src/main/java/at/gv/egiz/pdfas/sigs/pades/PAdESSigner.java
@@ -32,7 +32,6 @@ public class PAdESSigner implements IPlainSigner {
public String getPDFSubFilter() {
return PDSignature.SUBFILTER_ETSI_CADES_DETACHED.getName();
- //return PDSignature.SUBFILTER_ADBE_PKCS7_DETACHED.getName();
}
public String getPDFFilter() {
diff --git a/signature-standards/sigs-pades/src/main/java/at/gv/egiz/pdfas/sigs/pades/PAdESVerifier.java b/signature-standards/sigs-pades/src/main/java/at/gv/egiz/pdfas/sigs/pades/PAdESVerifier.java
index 4af66e42..291d6898 100644
--- a/signature-standards/sigs-pades/src/main/java/at/gv/egiz/pdfas/sigs/pades/PAdESVerifier.java
+++ b/signature-standards/sigs-pades/src/main/java/at/gv/egiz/pdfas/sigs/pades/PAdESVerifier.java
@@ -22,7 +22,6 @@ import at.gv.egiz.moa.SignatureVerificationServiceStub;
import at.gv.egiz.moa.SignatureVerificationServiceStub.CMSContentBaseType;
import at.gv.egiz.moa.SignatureVerificationServiceStub.CMSDataObjectOptionalMetaType;
import at.gv.egiz.moa.SignatureVerificationServiceStub.KeyInfoTypeChoice;
-import at.gv.egiz.moa.SignatureVerificationServiceStub.QualifiedCertificate;
import at.gv.egiz.moa.SignatureVerificationServiceStub.VerifyCMSSignatureRequest;
import at.gv.egiz.moa.SignatureVerificationServiceStub.VerifyCMSSignatureResponse;
import at.gv.egiz.moa.SignatureVerificationServiceStub.VerifyCMSSignatureResponseTypeSequence;
@@ -36,7 +35,6 @@ import at.gv.egiz.pdfas.lib.impl.verify.FilterEntry;
import at.gv.egiz.pdfas.lib.impl.verify.IVerifyFilter;
import at.gv.egiz.pdfas.lib.impl.verify.SignatureCheckImpl;
import at.gv.egiz.pdfas.lib.impl.verify.VerifyResultImpl;
-import at.gv.egiz.sl.util.BKUSLConnector;
public class PAdESVerifier implements IVerifyFilter {
@@ -125,7 +123,7 @@ public class PAdESVerifier implements IVerifyFilter {
KeyInfoTypeChoice[] keyInfo = verifySequence[i].getSignerInfo()
.getKeyInfoTypeChoice();
KeyInfoTypeChoice choice = keyInfo[0];
- result.setSignatureData(signatureContent);
+ result.setSignatureData(data);
// extract certificate
if (choice.isX509DataSpecified()) {
diff --git a/signature-standards/sigs-pcks7detached/src/main/java/at/gv/egiz/pdfas/sigs/pkcs7detached/PKCS7DetachedSigner.java b/signature-standards/sigs-pcks7detached/src/main/java/at/gv/egiz/pdfas/sigs/pkcs7detached/PKCS7DetachedSigner.java
index d90049a2..83df6a59 100644
--- a/signature-standards/sigs-pcks7detached/src/main/java/at/gv/egiz/pdfas/sigs/pkcs7detached/PKCS7DetachedSigner.java
+++ b/signature-standards/sigs-pcks7detached/src/main/java/at/gv/egiz/pdfas/sigs/pkcs7detached/PKCS7DetachedSigner.java
@@ -128,14 +128,6 @@ public class PKCS7DetachedSigner implements IPlainSigner {
// }
// }
// SubjectKeyID subjectKeyId = new SubjectKeyID(cert);
- try {
- MessageDigest md = MessageDigest.getInstance("SHA256", "IAIK");
- md.update(input);
- byte[] sha256 = md.digest();
- logger.info("Message digest: " + StringUtils.bytesToHexString(sha256));
- } catch (Exception e) {
- e.printStackTrace();
- }
IssuerAndSerialNumber issuer = new IssuerAndSerialNumber(cert);
SignerInfo signer1 = new SignerInfo(issuer, AlgorithmID.sha256,
AlgorithmID.ecdsa_plain_With_SHA256,