diff options
9 files changed, 114 insertions, 6 deletions
diff --git a/pdf-as-common/src/main/java/at/gv/egiz/pdfas/common/settings/DefaultSignatureProfileSettings.java b/pdf-as-common/src/main/java/at/gv/egiz/pdfas/common/settings/DefaultSignatureProfileSettings.java index 6f1519a4..3d70fe96 100644 --- a/pdf-as-common/src/main/java/at/gv/egiz/pdfas/common/settings/DefaultSignatureProfileSettings.java +++ b/pdf-as-common/src/main/java/at/gv/egiz/pdfas/common/settings/DefaultSignatureProfileSettings.java @@ -65,6 +65,9 @@ public class DefaultSignatureProfileSettings { public static final String VALUE_SIG_DATE_DEFAULT = "yyyy-MM-dd'T'HH:mm:ssXXX"; + public static final String SIG_BLOCK_PARAMETER_DEFAULT_KEY_REGEX = "^([A-za-z]){1,20}$"; + public static final String SIG_BLOCK_PARAMETER_DEFAULT_VALUE_REGEX = "^([\\p{Print}]){1,100}$"; + static { profileSettings.put(KEY_SIG_SUBJECT, new SignatureProfileEntry(KEY_SIG_SUBJECT, KEY_SIG_SUBJECT_DEFAULT, VALUE_SIG_SUBJECT_DEFAULT) ); diff --git a/pdf-as-common/src/main/java/at/gv/egiz/pdfas/common/utils/CheckSignatureBlockParameters.java b/pdf-as-common/src/main/java/at/gv/egiz/pdfas/common/utils/CheckSignatureBlockParameters.java new file mode 100644 index 00000000..c2e6b81d --- /dev/null +++ b/pdf-as-common/src/main/java/at/gv/egiz/pdfas/common/utils/CheckSignatureBlockParameters.java @@ -0,0 +1,31 @@ +package at.gv.egiz.pdfas.common.utils; + +import at.gv.egiz.pdfas.common.settings.DefaultSignatureProfileSettings; + +import java.util.Map; + +public class CheckSignatureBlockParameters { + + public static boolean checkSignatureBlockParameterMapIsValid(Map<String, String> map, String keyRegex, + String valueRegex) { + if(keyRegex == null || keyRegex.length() == 0) { + keyRegex = DefaultSignatureProfileSettings.SIG_BLOCK_PARAMETER_DEFAULT_KEY_REGEX; + } + if(valueRegex == null || valueRegex.length() == 0) { + valueRegex = DefaultSignatureProfileSettings.SIG_BLOCK_PARAMETER_DEFAULT_VALUE_REGEX; + } + for(String key : map.keySet()){ + if(isValid(key, keyRegex) == false) + return false; + if(isValid(map.get(key), valueRegex) == false) + return false; + } + + return true; + } + + public static boolean isValid(String s, String regex) { + return s.matches(regex); + } + +} diff --git a/pdf-as-lib/build.gradle b/pdf-as-lib/build.gradle index c7506a26..634d7df4 100644 --- a/pdf-as-lib/build.gradle +++ b/pdf-as-lib/build.gradle @@ -14,6 +14,7 @@ buildscript { mavenCentral() } dependencies { classpath("commons-io:commons-io:2.8.0") } + } sourceSets { @@ -22,6 +23,11 @@ sourceSets { srcDirs = [ 'src/main/java', 'src/generated/java' ] } } + test { + java { + srcDirs = ["src/test/java"] + } + } } configurations { @@ -78,6 +84,7 @@ dependencies { api group: 'com.google.zxing', name: 'core', version: '3.4.1' api group: 'com.google.zxing', name: 'javase', version: '3.4.1' testImplementation group: 'junit', name: 'junit', version: '4.+' + testCompile "junit:junit:4.11" ws group: 'org.apache.cxf', name: 'cxf-tools', version: cxfVersion ws group: 'org.apache.cxf', name: 'cxf-tools-wsdlto-databinding-jaxb', version: cxfVersion ws group: 'org.apache.cxf', name: 'cxf-tools-wsdlto-frontend-jaxws', version: cxfVersion diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/api/IConfigurationConstants.java b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/api/IConfigurationConstants.java index 610f5eba..4d6cef47 100644 --- a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/api/IConfigurationConstants.java +++ b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/api/IConfigurationConstants.java @@ -113,6 +113,9 @@ public interface IConfigurationConstants { public static final String BG_COLOR_DETECTION = "sigblock.placement.bgcolor.detection.enabled"; public static final String SIG_PLACEMENT_DEBUG_OUTPUT = "sigblock.placement.debug.file"; + public static final String SIG_BLOCK_PARAMETER_KEY_REGEX = "sigblockparameter.key.regex"; + public static final String SIG_BLOCK_PARAMETER_VALUE_REGEX = "sigblockparameter.value.regex"; + /** * PADES Constants */ diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/api/PdfAsParameter.java b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/api/PdfAsParameter.java index 6303c0a0..5a646505 100644 --- a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/api/PdfAsParameter.java +++ b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/api/PdfAsParameter.java @@ -23,6 +23,8 @@ ******************************************************************************/ package at.gv.egiz.pdfas.lib.api; +import at.gv.egiz.pdfas.common.exceptions.PdfAsException; + import java.util.Map; import javax.activation.DataSource; @@ -86,7 +88,7 @@ public interface PdfAsParameter { * * @param map the map */ - public void setDynamicSignatureBlockArguments(Map<String, String> map); + public void setDynamicSignatureBlockArguments(Map<String, String> map) throws PdfAsException; /** * Gets the dynamic signature-block values. diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/PdfAsParameterImpl.java b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/PdfAsParameterImpl.java index d6161f2c..19111342 100644 --- a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/PdfAsParameterImpl.java +++ b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/PdfAsParameterImpl.java @@ -23,11 +23,15 @@ ******************************************************************************/ package at.gv.egiz.pdfas.lib.impl; +import java.util.Collections; import java.util.Map; import javax.activation.DataSource; +import at.gv.egiz.pdfas.common.exceptions.PdfAsException; +import at.gv.egiz.pdfas.common.utils.CheckSignatureBlockParameters; import at.gv.egiz.pdfas.lib.api.Configuration; +import at.gv.egiz.pdfas.lib.api.IConfigurationConstants; import at.gv.egiz.pdfas.lib.api.PdfAsParameter; public class PdfAsParameterImpl implements PdfAsParameter { @@ -79,8 +83,16 @@ protected Configuration configuration; } @Override - public void setDynamicSignatureBlockArguments(Map<String, String> map) { - this.dynamicSignatureBlockArgumentsMap = map; + public void setDynamicSignatureBlockArguments(Map<String, String> map) throws PdfAsException { + Map<String, String> tmpMap = Collections.unmodifiableMap(map); + String keyRegex = configuration.getValue(IConfigurationConstants.SIG_BLOCK_PARAMETER_KEY_REGEX); + String valueRegex = configuration.getValue(IConfigurationConstants.SIG_BLOCK_PARAMETER_VALUE_REGEX); + if( CheckSignatureBlockParameters.checkSignatureBlockParameterMapIsValid(tmpMap, keyRegex, valueRegex) == true) { + this.dynamicSignatureBlockArgumentsMap = tmpMap; + }else{ + throw new PdfAsException("Invalid signature block parameters"); + } + } @Override diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/stamping/CertificateAndRequestParameterResolver.java b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/stamping/CertificateAndRequestParameterResolver.java index ab2e5729..024f377f 100644 --- a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/stamping/CertificateAndRequestParameterResolver.java +++ b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/stamping/CertificateAndRequestParameterResolver.java @@ -63,7 +63,6 @@ public class CertificateAndRequestParameterResolver implements IResolver { this.ctx = new OgnlContext(null, null, memberAccess); this.ctx.put(IProfileConstants.SIGNATURE_BLOCK_PARAMETER, operationStatus.getSignParamter().getDynamicSignatureBlockArguments()); -// this.ctx.put(IProfileConstants.DYNAMIC_REQUEST_PARAMETERS, operationStatus.getRequestParameters()); this.ctx.put("sn", this.certificate.getSerialNumber().toString()); diff --git a/pdf-as-lib/src/test/java/at/gv/egiz/pdfas/lib/test/mains/SignatureBlockParameterTest.java b/pdf-as-lib/src/test/java/at/gv/egiz/pdfas/lib/test/mains/SignatureBlockParameterTest.java new file mode 100644 index 00000000..3c76ce11 --- /dev/null +++ b/pdf-as-lib/src/test/java/at/gv/egiz/pdfas/lib/test/mains/SignatureBlockParameterTest.java @@ -0,0 +1,51 @@ +package at.gv.egiz.pdfas.lib.test.mains; + +import at.gv.egiz.pdfas.common.utils.CheckSignatureBlockParameters; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.junit.runners.JUnit4; + +@RunWith(JUnit4.class) +public class SignatureBlockParameterTest { + + + @Test + public void testKeyInvalid() { + if(checkValid( "aaaaaaaaaaaaaaaaaaaaa" , "^([A-za-z]){1,20}$") == true){assert(false);} + if(checkValid( "" , "^([A-za-z]){1,20}$") == true){assert(false);} + if(checkValid( "a9" , "^([A-za-z]){1,20}$") == true){assert(false);} + } + @Test + public void testKeyValid() { + if(checkValid( "aaa" +"aa", "^([A-za-z]){1,20}$") == false){assert(false);} + if(checkValid( "aaa" , "^([A-za-z]){1,20}$") == false){assert(false);} + if(checkValid( "aaaaaaaaaaaaaaaaaaaa", "^([A-za-z]){1,20}$") == false){assert(false);} + if(checkValid( "AA", "^([A-za-z]){1,20}$") == false){assert(false);} + } + @Test + public void testValueValid() { + if(checkValid( "aaa" +"aa", "^([\\p{Print}]){1,100}$") == false){assert(false);} + if(checkValid( "aaa" , "^([\\p{Print}]){1,100}$") == false){assert(false);} + if(checkValid( "a!\"$%&/()[]=?aa" , "^([\\p{Print}]){1,100}$") == false){assert(false);} + if(checkValid( "a!\"$%&/()[]=?aa-_,;.:[]|{}" , "^([\\p{Print}]){1,100}$") == false){assert(false);} +// if(checkValid( "a!\"ยง$%&/()=?aa" , "^([\\p{Print}]){1,100}$") == false){assert(false);} + if(checkValid( "aa!%&/()=?a" , "^([\\p{Print}]){1,100}$") == false){assert(false);} + if(checkValid( "a{\"a!%&/()=?a" , "^([\\p{Print}]){1,100}$") == false){assert(false);} + if(checkValid( "BB" , "^([\\p{Print}]){1,100}$") == false){assert(false);} + if(checkValid( "BB " , "^([\\p{Print}]){1,100}$") == false){assert(false);} + } + @Test + public void testValueInvalid() { + if(checkValid((char) 13 +"aaa" +"aa", "^([\\p{Print}]){1,100}$") == true){assert(false);} + if(checkValid((char) 13 +"", "^([\\p{Print}]){1,100}$") == true){assert(false);} + if(checkValid( "aaa" +(char) 13, "^([\\p{Print}]){1,100}$") == true){assert(false);} + if(checkValid("", "^([\\p{Print}]){1,100}$") == true){assert(false);} + if(checkValid("a", "^([\\p{Print}]){2,100}$") == true){assert(false);} + if(checkValid("aaa"+(char) 13 +"aa", "^([\\p{Print}]){1,100}$") == true){assert(false);} + + } + + public boolean checkValid(String s, String regex) { + return CheckSignatureBlockParameters.isValid(s, regex); + } +} diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsHelper.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsHelper.java index 0e08de59..34781461 100644 --- a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsHelper.java +++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsHelper.java @@ -509,7 +509,7 @@ public class PdfAsHelper { signParameter.setSignaturePosition(buildPosString(request, response)); //set signature block parameters - signParameter.getDynamicSignatureBlockArguments().putAll(dynamicSignatureBlockArguments); + signParameter.setDynamicSignatureBlockArguments(dynamicSignatureBlockArguments); @SuppressWarnings("unused") SignResult result = pdfAs.sign(signParameter); @@ -663,7 +663,7 @@ public class PdfAsHelper { .getMap()); } //TODO alex - signParameter.getDynamicSignatureBlockArguments().putAll(dynamicSignatureBlockArguments); + signParameter.setDynamicSignatureBlockArguments(dynamicSignatureBlockArguments); SignResult signResult = pdfAs.sign(signParameter); |