diff options
3 files changed, 69 insertions, 11 deletions
diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/sl20/utils/SL20Constants.java b/pdf-as-lib/src/main/java/at/gv/egiz/sl20/utils/SL20Constants.java index 59c3079d..fdefa1d9 100644 --- a/pdf-as-lib/src/main/java/at/gv/egiz/sl20/utils/SL20Constants.java +++ b/pdf-as-lib/src/main/java/at/gv/egiz/sl20/utils/SL20Constants.java @@ -160,6 +160,8 @@ public class SL20Constants { //createCAdES Signture public static final String SL20_COMMAND_PARAM_CREATE_SIG_CADES_KEYID = "keyId"; public static final String SL20_COMMAND_PARAM_CREATE_SIG_CADES_CONTENT = "content"; + public static final String SL20_COMMAND_PARAM_CREATE_SIG_CADES_CONTENTURL = "contentUrl"; + public static final String SL20_COMMAND_PARAM_CREATE_SIG_CADES_CONTENTMODE = "contentMode"; public static final String SL20_COMMAND_PARAM_CREATE_SIG_CADES_MIMETYPE = "mimeType"; public static final String SL20_COMMAND_PARAM_CREATE_SIG_CADES_PADES_COMBATIBILTY = "padesComatibility"; public static final String SL20_COMMAND_PARAM_CREATE_SIG_CADES_EXCLUDEBYTERANGE = "excludedByteRange"; @@ -176,7 +178,8 @@ public class SL20Constants { public static final String SL20_COMMAND_PARAM_CREATE_SIG_CADES_CADESLEVEL_XL = "cAdES-X-L"; public static final String SL20_COMMAND_PARAM_CREATE_SIG_CADES_CADESLEVEL_A = "cAdES-A"; - + public static final String SL20_COMMAND_PARAM_CREATE_SIG_CADES_CONTENTMODE_DETACHED = "detached"; + public static final String SL20_COMMAND_PARAM_CREATE_SIG_CADES_CONTENTMODE_ENVELOPING = "enveloping"; //create binding key command public static final String SL20_COMMAND_PARAM_BINDING_CREATE_KONTOID = "kontoID"; diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/sl20/utils/SL20JSONBuilderUtils.java b/pdf-as-lib/src/main/java/at/gv/egiz/sl20/utils/SL20JSONBuilderUtils.java index 40edb74b..7cbb7800 100644 --- a/pdf-as-lib/src/main/java/at/gv/egiz/sl20/utils/SL20JSONBuilderUtils.java +++ b/pdf-as-lib/src/main/java/at/gv/egiz/sl20/utils/SL20JSONBuilderUtils.java @@ -2,13 +2,10 @@ package at.gv.egiz.sl20.utils; import java.security.cert.CertificateEncodingException; import java.security.cert.X509Certificate; -import java.util.Arrays; import java.util.List; import java.util.Map; import java.util.Map.Entry; -import org.apache.commons.codec.binary.Base64; -import org.bouncycastle.util.encoders.Base64Encoder; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -182,14 +179,37 @@ public class SL20JSONBuilderUtils { } public static JsonObject createCreateCAdESCommandParameters(String keyId, - byte[] content, String mimeType, boolean padesCompatiblem, List<String> byteRanges, String cadesLevel, + byte[] content, String contentUrl, String contentMode, String mimeType, boolean padesCompatiblem, List<JsonElement> byteRanges, String cadesLevel, String dataUrl, X509Certificate x5cEnc) throws CertificateEncodingException, SLCommandoBuildException { JsonObject params = new JsonObject(); addSingleStringElement(params, SL20Constants.SL20_COMMAND_PARAM_CREATE_SIG_CADES_KEYID, keyId, true); - addSingleByteElement(params, SL20Constants.SL20_COMMAND_PARAM_CREATE_SIG_CADES_CONTENT, content, true); + + if (content != null && contentUrl != null) { + log.warn(SL20Constants.SL20_COMMAND_PARAM_CREATE_SIG_CADES_CONTENT + " and " + + SL20Constants.SL20_COMMAND_PARAM_CREATE_SIG_CADES_CONTENTURL + " can not SET TWICE"); + throw new SLCommandoBuildException(); + + } + + if (content != null) + addSingleByteElement(params, SL20Constants.SL20_COMMAND_PARAM_CREATE_SIG_CADES_CONTENT, content, true); + + else if (contentUrl != null ) + addSingleStringElement(params, SL20Constants.SL20_COMMAND_PARAM_CREATE_SIG_CADES_CONTENTURL, contentUrl, true); + + else { + log.warn(SL20Constants.SL20_COMMAND_PARAM_CREATE_SIG_CADES_CONTENT + " and " + + SL20Constants.SL20_COMMAND_PARAM_CREATE_SIG_CADES_CONTENTURL + " is NULL"); + throw new SLCommandoBuildException(); + + } + + addSingleStringElement(params, SL20Constants.SL20_COMMAND_PARAM_CREATE_SIG_CADES_CONTENTMODE, contentMode, true); addSingleStringElement(params, SL20Constants.SL20_COMMAND_PARAM_CREATE_SIG_CADES_MIMETYPE, mimeType, true); addSingleBooleanElement(params, SL20Constants.SL20_COMMAND_PARAM_CREATE_SIG_CADES_PADES_COMBATIBILTY, padesCompatiblem, false); - addArrayOfStrings(params, SL20Constants.SL20_COMMAND_PARAM_CREATE_SIG_CADES_EXCLUDEBYTERANGE, byteRanges); + + //addArrayOfStrings(params, SL20Constants.SL20_COMMAND_PARAM_CREATE_SIG_CADES_EXCLUDEBYTERANGE, byteRanges); + addArrayOfElements(params, SL20Constants.SL20_COMMAND_PARAM_CREATE_SIG_CADES_EXCLUDEBYTERANGE, byteRanges); addSingleStringElement(params, SL20Constants.SL20_COMMAND_PARAM_CREATE_SIG_CADES_CADESLEVEL, cadesLevel, false); addSingleStringElement(params, SL20Constants.SL20_COMMAND_PARAM_GETCERTIFICATE_DATAURL, dataUrl, true); addSingleCertificateElement(params, SL20Constants.SL20_COMMAND_PARAM_GETCERTIFICATE_X5CENC, x5cEnc, false); @@ -452,6 +472,18 @@ public class SL20JSONBuilderUtils { } } + private static void addArrayOfElements(JsonObject parent, String keyId, List<JsonElement> values) throws SLCommandoBuildException { + validateParentAndKey(parent, keyId); + if (values != null) { + JsonArray callReqParamsArray = new JsonArray(); + parent.add(keyId, callReqParamsArray ); + for(JsonElement el : values) + callReqParamsArray.add(el); + + } + + } + private static void addArrayOfStrings(JsonObject parent, String keyId, List<String> values) throws SLCommandoBuildException { validateParentAndKey(parent, keyId); if (values != null) { diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsHelper.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsHelper.java index 6eb80650..75249e78 100644 --- a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsHelper.java +++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsHelper.java @@ -60,6 +60,8 @@ import org.apache.http.entity.ContentType; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import com.google.gson.JsonArray; +import com.google.gson.JsonElement; import com.google.gson.JsonObject; import at.gv.egiz.pdfas.api.ws.PDFASSignParameters; @@ -67,6 +69,7 @@ import at.gv.egiz.pdfas.api.ws.PDFASSignParameters.Connector; import at.gv.egiz.pdfas.api.ws.PDFASSignResponse; import at.gv.egiz.pdfas.api.ws.PDFASVerificationResponse; import at.gv.egiz.pdfas.common.exceptions.PDFASError; +import at.gv.egiz.pdfas.common.utils.PDFUtils; import at.gv.egiz.pdfas.lib.api.ByteArrayDataSource; import at.gv.egiz.pdfas.lib.api.Configuration; import at.gv.egiz.pdfas.lib.api.IConfigurationConstants; @@ -1190,9 +1193,24 @@ public class PdfAsHelper { } else if (slConnector instanceof SL20Connector) { //convert byte range - List<String> byteRanges = new ArrayList<String>(); - for (int el : statusRequest.getSignatureDataByteRange()) - byteRanges.add(String.valueOf(el)); + + int[] exclude_range = PDFUtils.buildExcludeRange(statusRequest.getSignatureDataByteRange()); + logger.info("Exclude Byte Range: " + exclude_range[0] + " " + exclude_range[1]); + + List<JsonElement> byteRanges = new ArrayList<JsonElement>(); + if (statusRequest.getSignatureDataByteRange().length % 2 != 0) { + logger.warn("ByteRange is not a set of pairs. Something is maybe suspect"); + + } + + for (int i=0; i<exclude_range.length/2; i++) { + JsonArray el = new JsonArray(); + el.add(exclude_range[2*i]); + el.add(exclude_range[2*i + 1]); + byteRanges.add(el); + + } + java.security.cert.X509Certificate x5cEnc = null; if (WebConfiguration.isSL20EncryptionEnabled() && joseTools != null) @@ -1203,10 +1221,15 @@ public class PdfAsHelper { if (pack.getRequestType().getPAdESFlag() != null) padesCompatibel = pack.getRequestType().getPAdESFlag(); + byte[] data = PDFUtils.blackOutSignature(statusRequest.getSignatureData(), + statusRequest.getSignatureDataByteRange()); + JsonObject createCAdESSigParams = SL20JSONBuilderUtils.createCreateCAdESCommandParameters( pack.getRequestType().getKeyboxIdentifier(), - statusRequest.getSignatureData(), + data, + null, + SL20Constants.SL20_COMMAND_PARAM_CREATE_SIG_CADES_CONTENTMODE_DETACHED, pack.getRequestType().getDataObject().getMetaInfo().getMimeType(), padesCompatibel , byteRanges, |