aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--pdf-as-cli/src/main/java/at/gv/egiz/pdfas/cli/Main.java79
-rw-r--r--pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/BKUHeaderHolder.java9
-rw-r--r--pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/PdfAsImpl.java58
-rw-r--r--pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/SignParameterImpl.java13
-rw-r--r--pdf-as-lib/src/main/java/at/gv/egiz/sl/util/BKUSLConnector.java30
-rw-r--r--pdf-as-lib/src/main/java/at/gv/egiz/sl/util/ISignatureConnectorSLWrapper.java88
-rw-r--r--pdf-as-lib/src/main/java/at/gv/egiz/sl/util/RequestPackage.java9
7 files changed, 195 insertions, 91 deletions
diff --git a/pdf-as-cli/src/main/java/at/gv/egiz/pdfas/cli/Main.java b/pdf-as-cli/src/main/java/at/gv/egiz/pdfas/cli/Main.java
index a513ccf7..7c1255cf 100644
--- a/pdf-as-cli/src/main/java/at/gv/egiz/pdfas/cli/Main.java
+++ b/pdf-as-cli/src/main/java/at/gv/egiz/pdfas/cli/Main.java
@@ -88,7 +88,7 @@ public class Main {
public static final String CLI_ARG_VERIFY_WHICH_SHORT = "vw";
public static final String CLI_ARG_VERIFY_WHICH = "verify_which";
-
+
public static final String CLI_ARG_VERIFY_LEVEL_SHORT = "vl";
public static final String CLI_ARG_VERIFY_LEVEL = "verify_level";
public static final String CLI_ARG_VERIFY_LEVEL_OPTION_FULL = "full";
@@ -115,7 +115,7 @@ public class Main {
public static final String STANDARD_POSITION_STRING = "x:auto;y:auto;w:auto;p:auto;f:0";
private static final Logger logger = LoggerFactory.getLogger(Main.class);
-
+
private static Options createOptions() {
Options cliOptions = new Options();
@@ -182,12 +182,15 @@ public class Main {
true,
"[optional] zero based number of the signature to be verified. If omitted, all signatures are verified.");
cliOptions.addOption(verifywhichOption);
-
+
Option verifyLevelOption = new Option(
CLI_ARG_VERIFY_LEVEL_SHORT,
CLI_ARG_VERIFY_LEVEL,
true,
- "[optional] Verification Level Full certificate verification, or only integrity Verification (" + CLI_ARG_VERIFY_LEVEL_OPTION_FULL + " | " + CLI_ARG_VERIFY_LEVEL_OPTION_INT_ONLY + ")");
+ "[optional] Verification Level Full certificate verification, or only integrity Verification ("
+ + CLI_ARG_VERIFY_LEVEL_OPTION_FULL
+ + " | "
+ + CLI_ARG_VERIFY_LEVEL_OPTION_INT_ONLY + ")");
cliOptions.addOption(verifyLevelOption);
Option outputOption = new Option(CLI_ARG_OUTPUT_SHORT, CLI_ARG_OUTPUT,
@@ -204,8 +207,7 @@ public class Main {
public static void main(String[] args) {
// create the command line parser
-
-
+
CommandLineParser parser = new GnuParser();
ModeOfOperation mode = ModeOfOperation.INVALID;
try {
@@ -214,7 +216,8 @@ public class Main {
if (cli.hasOption(CLI_ARG_DEPLOY_SHORT)) {
PdfAsFactory.deployDefaultConfiguration(new File(
STANDARD_CONFIG_LOCATION));
- System.out.println("Configuration was deployed to: " + STANDARD_CONFIG_LOCATION);
+ System.out.println("Configuration was deployed to: "
+ + STANDARD_CONFIG_LOCATION);
}
if (cli.hasOption(CLI_ARG_MODE_SHORT)) {
@@ -247,7 +250,16 @@ public class Main {
usage();
System.exit(-1);
} catch (PDFASError e) {
- System.err.println("PDF-AS Error: [" + e.getCode() + "]" + e.getMessage());
+ System.err.println("PDF-AS Error: [" + e.getCode() + "]"
+ + e.getMessage());
+ Iterator<Entry<String, String>> infoIt = e.getProcessInformations()
+ .entrySet().iterator();
+
+ while (infoIt.hasNext()) {
+ Entry<String, String> infoEntry = infoIt.next();
+ logger.debug("Process Information: {} = {}",
+ infoEntry.getKey(), infoEntry.getValue());
+ }
e.printStackTrace(System.err);
System.exit(-1);
} catch (Throwable e) {
@@ -345,7 +357,7 @@ public class Main {
String id = UUID.randomUUID().toString();
signParameter.setTransactionId(id);
System.out.println("Transaction: " + id);
-
+
IPlainSigner slConnector = null;
if (connector != null) {
@@ -419,17 +431,23 @@ public class Main {
signParameter.setSignatureProfileId(profilID);
System.out.println("Starting signature for " + pdfFile);
System.out.println("Selected signature Profile " + profilID);
-
- @SuppressWarnings("unused")
- SignResult result = pdfAs.sign(signParameter);
-
- Iterator<Entry<String, String>> infoIt = result.getProcessInformations().entrySet().iterator();
-
- while(infoIt.hasNext()) {
- Entry<String, String> infoEntry = infoIt.next();
- logger.debug("Process Information: {} = {}", infoEntry.getKey(), infoEntry.getValue());
+
+ SignResult result = null;
+ try {
+ result = pdfAs.sign(signParameter);
+ } finally {
+ if (result != null) {
+ Iterator<Entry<String, String>> infoIt = result
+ .getProcessInformations().entrySet().iterator();
+
+ while (infoIt.hasNext()) {
+ Entry<String, String> infoEntry = infoIt.next();
+ logger.debug("Process Information: {} = {}",
+ infoEntry.getKey(), infoEntry.getValue());
+ }
+ }
}
-
+
fos.close();
System.out.println("Signed document " + outputFile);
}
@@ -451,29 +469,32 @@ public class Main {
String whichValue = cli.getOptionValue(CLI_ARG_VERIFY_WHICH_SHORT);
which = Integer.parseInt(whichValue);
}
-
+
SignatureVerificationLevel lvl = SignatureVerificationLevel.FULL_VERIFICATION;
-
+
if (cli.hasOption(CLI_ARG_VERIFY_LEVEL_SHORT)) {
String levelValue = cli.getOptionValue(CLI_ARG_VERIFY_LEVEL_SHORT);
- if(levelValue.equals(CLI_ARG_VERIFY_LEVEL_OPTION_FULL)) {
+ if (levelValue.equals(CLI_ARG_VERIFY_LEVEL_OPTION_FULL)) {
lvl = SignatureVerificationLevel.FULL_VERIFICATION;
- } else if(levelValue.equals(CLI_ARG_VERIFY_LEVEL_OPTION_INT_ONLY)) {
+ } else if (levelValue.equals(CLI_ARG_VERIFY_LEVEL_OPTION_INT_ONLY)) {
lvl = SignatureVerificationLevel.INTEGRITY_ONLY_VERIFICATION;
} else {
- System.out.println("Invalid value for verification Level: " + levelValue);
- System.out.println("Allowed values are: " + CLI_ARG_VERIFY_LEVEL_OPTION_FULL
- + ", " + CLI_ARG_VERIFY_LEVEL_OPTION_INT_ONLY);
- throw new Exception("Invalid value for verification Level: " + levelValue);
+ System.out.println("Invalid value for verification Level: "
+ + levelValue);
+ System.out.println("Allowed values are: "
+ + CLI_ARG_VERIFY_LEVEL_OPTION_FULL + ", "
+ + CLI_ARG_VERIFY_LEVEL_OPTION_INT_ONLY);
+ throw new Exception("Invalid value for verification Level: "
+ + levelValue);
}
}
String confOutputFile = null;
-
+
if (cli.hasOption(CLI_ARG_OUTPUT_SHORT)) {
confOutputFile = cli.getOptionValue(CLI_ARG_OUTPUT_SHORT);
}
-
+
String pdfFile = null;
pdfFile = cli.getArgs()[cli.getArgs().length - 1];
diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/BKUHeaderHolder.java b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/BKUHeaderHolder.java
new file mode 100644
index 00000000..f66f0c11
--- /dev/null
+++ b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/BKUHeaderHolder.java
@@ -0,0 +1,9 @@
+package at.gv.egiz.pdfas.lib.impl;
+
+import java.util.List;
+
+import at.gv.egiz.sl.util.BKUHeader;
+
+public interface BKUHeaderHolder {
+ public List<BKUHeader> getProcessInfo();
+}
diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/PdfAsImpl.java b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/PdfAsImpl.java
index aa524cc9..8e86364b 100644
--- a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/PdfAsImpl.java
+++ b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/PdfAsImpl.java
@@ -61,6 +61,7 @@ import at.gv.egiz.pdfas.lib.impl.signing.PDFASSignatureExtractor;
import at.gv.egiz.pdfas.lib.impl.status.OperationStatus;
import at.gv.egiz.pdfas.lib.impl.status.RequestedSignature;
import at.gv.egiz.pdfas.lib.util.SignatureUtils;
+import at.gv.egiz.sl.util.BKUHeader;
public class PdfAsImpl implements PdfAs, IConfigurationConstants,
ErrorConstants {
@@ -160,9 +161,34 @@ public class PdfAsImpl implements PdfAs, IConfigurationConstants,
status.setRequestedSignature(requestedSignature);
+ try {
requestedSignature.setCertificate(status.getSignParamter()
.getPlainSigner().getCertificate(parameter));
-
+ } finally {
+ if (parameter instanceof BKUHeaderHolder) {
+ BKUHeaderHolder holder = (BKUHeaderHolder) parameter;
+
+ Iterator<BKUHeader> bkuHeaderIt = holder.getProcessInfo()
+ .iterator();
+
+ while (bkuHeaderIt.hasNext()) {
+ BKUHeader header = bkuHeaderIt.next();
+ if ("Server".equalsIgnoreCase(header.getName())) {
+ requestedSignature
+ .getStatus()
+ .getMetaInformations()
+ .put(ErrorConstants.STATUS_INFO_SIGDEVICEVERSION,
+ header.getValue());
+ } else if (ErrorConstants.STATUS_INFO_SIGDEVICE.equalsIgnoreCase(header.getName())) {
+ requestedSignature
+ .getStatus()
+ .getMetaInformations()
+ .put(ErrorConstants.STATUS_INFO_SIGDEVICE,
+ header.getValue());
+ }
+ }
+ }
+ }
// Only use this profileID because validation was done in
// RequestedSignature
String signatureProfileID = requestedSignature
@@ -177,11 +203,35 @@ public class PdfAsImpl implements PdfAs, IConfigurationConstants,
// this.stampPdf(status);
// Create signature
-
- signer.signPDF(status.getPdfObject(), requestedSignature, signer
+ try {
+ signer.signPDF(status.getPdfObject(), requestedSignature, signer
.buildSignaturInterface(status.getSignParamter()
.getPlainSigner(), parameter, requestedSignature));
-
+ } finally {
+ if (parameter instanceof BKUHeaderHolder) {
+ BKUHeaderHolder holder = (BKUHeaderHolder) parameter;
+
+ Iterator<BKUHeader> bkuHeaderIt = holder.getProcessInfo()
+ .iterator();
+
+ while (bkuHeaderIt.hasNext()) {
+ BKUHeader header = bkuHeaderIt.next();
+ if ("Server".equalsIgnoreCase(header.getName())) {
+ requestedSignature
+ .getStatus()
+ .getMetaInformations()
+ .put(ErrorConstants.STATUS_INFO_SIGDEVICEVERSION,
+ header.getValue());
+ } else if (ErrorConstants.STATUS_INFO_SIGDEVICE.equalsIgnoreCase(header.getName())) {
+ requestedSignature
+ .getStatus()
+ .getMetaInformations()
+ .put(ErrorConstants.STATUS_INFO_SIGDEVICE,
+ header.getValue());
+ }
+ }
+ }
+ }
// ================================================================
// Create SignResult
SignResult result = createSignResult(status);
diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/SignParameterImpl.java b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/SignParameterImpl.java
index 9584e1bf..d2786f53 100644
--- a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/SignParameterImpl.java
+++ b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/SignParameterImpl.java
@@ -24,19 +24,25 @@
package at.gv.egiz.pdfas.lib.impl;
import java.io.OutputStream;
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
import javax.activation.DataSource;
import at.gv.egiz.pdfas.lib.api.Configuration;
import at.gv.egiz.pdfas.lib.api.sign.IPlainSigner;
import at.gv.egiz.pdfas.lib.api.sign.SignParameter;
+import at.gv.egiz.sl.util.BKUHeader;
-public class SignParameterImpl extends PdfAsParameterImpl implements SignParameter {
+public class SignParameterImpl extends PdfAsParameterImpl implements SignParameter, BKUHeaderHolder {
protected String signatureProfileId = null;
protected String signaturePosition = null;
protected DataSource output = null;
protected IPlainSigner signer = null;
protected OutputStream outputStream = null;
+ protected List<BKUHeader> processInfo = new ArrayList<BKUHeader>();
public SignParameterImpl(Configuration configuration,
DataSource dataSource, OutputStream outputStream) {
@@ -74,5 +80,8 @@ public class SignParameterImpl extends PdfAsParameterImpl implements SignParamet
public OutputStream getSignatureResult() {
return outputStream;
}
-
+
+ public List<BKUHeader> getProcessInfo() {
+ return processInfo;
+ }
}
diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/sl/util/BKUSLConnector.java b/pdf-as-lib/src/main/java/at/gv/egiz/sl/util/BKUSLConnector.java
index e1c7bf40..15d2fb38 100644
--- a/pdf-as-lib/src/main/java/at/gv/egiz/sl/util/BKUSLConnector.java
+++ b/pdf-as-lib/src/main/java/at/gv/egiz/sl/util/BKUSLConnector.java
@@ -42,6 +42,7 @@ import org.apache.http.impl.client.HttpClientBuilder;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
+import at.gv.egiz.pdfas.common.exceptions.ErrorConstants;
import at.gv.egiz.pdfas.common.exceptions.PDFIOException;
import at.gv.egiz.pdfas.common.exceptions.PdfAsException;
import at.gv.egiz.pdfas.common.exceptions.PdfAsWrappedIOException;
@@ -49,6 +50,7 @@ import at.gv.egiz.pdfas.common.exceptions.SLPdfAsException;
import at.gv.egiz.pdfas.common.utils.PDFUtils;
import at.gv.egiz.pdfas.lib.api.Configuration;
import at.gv.egiz.pdfas.lib.api.sign.SignParameter;
+import at.gv.egiz.pdfas.lib.impl.BKUHeaderHolder;
import at.gv.egiz.sl.schema.CreateCMSSignatureResponseType;
import at.gv.egiz.sl.schema.ErrorResponseType;
import at.gv.egiz.sl.schema.InfoboxReadRequestType;
@@ -59,6 +61,8 @@ public class BKUSLConnector extends BaseSLConnector {
private static final Logger logger = LoggerFactory
.getLogger(BKUSLConnector.class);
+ public static final String SIGNATURE_DEVICE = "BKU";
+
private String bkuUrl;
public BKUSLConnector(Configuration config) {
@@ -102,17 +106,23 @@ public class BKUSLConnector extends BaseSLConnector {
logger.debug("Response Code : "
+ response.getStatusLine().getStatusCode());
- if(pack != null) {
- Header[] headers = response.getAllHeaders();
-
- if (headers != null) {
- for (int i = 0; i < headers.length; i++) {
- BKUHeader hdr = new BKUHeader(headers[i].getName(), headers[i].getValue());
- logger.debug("Response Header : {}",
- hdr.toString());
- pack.getHeaders().add(hdr);
+ if (parameter instanceof BKUHeaderHolder) {
+ BKUHeaderHolder holder = (BKUHeaderHolder) parameter;
+ Header[] headers = response.getAllHeaders();
+
+ if (headers != null) {
+ for (int i = 0; i < headers.length; i++) {
+ BKUHeader hdr = new BKUHeader(headers[i].getName(),
+ headers[i].getValue());
+ logger.debug("Response Header : {}", hdr.toString());
+ holder.getProcessInfo().add(hdr);
+ }
}
- }
+
+ BKUHeader hdr = new BKUHeader(ErrorConstants.STATUS_INFO_SIGDEVICE,
+ SIGNATURE_DEVICE);
+ logger.debug("Response Header : {}", hdr.toString());
+ holder.getProcessInfo().add(hdr);
}
BufferedReader rd = new BufferedReader(new InputStreamReader(
diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/sl/util/ISignatureConnectorSLWrapper.java b/pdf-as-lib/src/main/java/at/gv/egiz/sl/util/ISignatureConnectorSLWrapper.java
index 0b6b1fff..96877828 100644
--- a/pdf-as-lib/src/main/java/at/gv/egiz/sl/util/ISignatureConnectorSLWrapper.java
+++ b/pdf-as-lib/src/main/java/at/gv/egiz/sl/util/ISignatureConnectorSLWrapper.java
@@ -42,6 +42,7 @@ import at.gv.egiz.pdfas.common.utils.StreamUtils;
import at.gv.egiz.pdfas.lib.api.IConfigurationConstants;
import at.gv.egiz.pdfas.lib.api.sign.SignParameter;
import at.gv.egiz.pdfas.lib.api.verify.VerifyResult;
+import at.gv.egiz.pdfas.lib.impl.BKUHeaderHolder;
import at.gv.egiz.pdfas.lib.impl.status.RequestedSignature;
import at.gv.egiz.pdfas.lib.util.SignatureUtils;
import at.gv.egiz.sl.schema.CreateCMSSignatureResponseType;
@@ -53,8 +54,6 @@ public class ISignatureConnectorSLWrapper implements ISignatureConnector {
public static final String SL_USE_BASE64 = "";
- public static final String SIGNATURE_DEVICE = "BKU";
-
private static final Logger logger = LoggerFactory
.getLogger(ISignatureConnectorSLWrapper.class);
@@ -86,7 +85,7 @@ public class ISignatureConnectorSLWrapper implements ISignatureConnector {
}
} catch (CertificateException e) {
throw new PdfAsSignatureException("error.pdf.sig.01", e);
- }
+ }
return certificate;
}
@@ -94,49 +93,62 @@ public class ISignatureConnectorSLWrapper implements ISignatureConnector {
RequestedSignature requestedSignature) throws PdfAsException {
RequestPackage pack = connector.createCMSRequest(input, byteRange,
parameter);
- CreateCMSSignatureResponseType response = connector.sendCMSRequest(
- pack, parameter);
+ try {
+ CreateCMSSignatureResponseType response = connector.sendCMSRequest(
+ pack, parameter);
+
+ VerifyResult verifyResult;
+ try {
+ verifyResult = SignatureUtils.verifySignature(
+ response.getCMSSignature(), input);
+ if (SettingsUtils.getBooleanValue(requestedSignature
+ .getStatus().getSettings(),
+ IConfigurationConstants.KEEP_INVALID_SIGNATURE, false)) {
+ Base64 b64 = new Base64();
+ requestedSignature
+ .getStatus()
+ .getMetaInformations()
+ .put(ErrorConstants.STATUS_INFO_INVALIDSIG,
+ b64.encodeToString(response
+ .getCMSSignature()));
+ }
+ } catch (PDFASError e) {
+ throw new PdfAsErrorCarrier(e);
+ }
- Iterator<BKUHeader> bkuHeaderIt = pack.getHeaders().iterator();
+ if (!StreamUtils.dataCompare(requestedSignature.getCertificate()
+ .getFingerprintSHA(), ((X509Certificate) verifyResult
+ .getSignerCertificate()).getFingerprintSHA())) {
+ throw new PdfAsSignatureException("Certificates missmatch!");
+ }
- requestedSignature.getStatus().getMetaInformations()
- .put(ErrorConstants.STATUS_INFO_SIGDEVICE, SIGNATURE_DEVICE);
- while (bkuHeaderIt.hasNext()) {
- BKUHeader header = bkuHeaderIt.next();
- if ("Server".equalsIgnoreCase(header.getName())) {
- requestedSignature
+ return response.getCMSSignature();
+ } finally {
+ if (parameter instanceof BKUHeaderHolder) {
+ BKUHeaderHolder holder = (BKUHeaderHolder) parameter;
+
+ Iterator<BKUHeader> bkuHeaderIt = holder.getProcessInfo()
+ .iterator();
+
+ while (bkuHeaderIt.hasNext()) {
+ BKUHeader header = bkuHeaderIt.next();
+ if ("Server".equalsIgnoreCase(header.getName())) {
+ requestedSignature
+ .getStatus()
+ .getMetaInformations()
+ .put(ErrorConstants.STATUS_INFO_SIGDEVICEVERSION,
+ header.getValue());
+ } else if (ErrorConstants.STATUS_INFO_SIGDEVICE.equalsIgnoreCase(header.getName())) {
+ requestedSignature
.getStatus()
.getMetaInformations()
- .put(ErrorConstants.STATUS_INFO_SIGDEVICEVERSION,
+ .put(ErrorConstants.STATUS_INFO_SIGDEVICE,
header.getValue());
- break;
- }
- }
-
- VerifyResult verifyResult;
- try {
- verifyResult = SignatureUtils.verifySignature(
- response.getCMSSignature(), input);
- if(SettingsUtils.getBooleanValue(requestedSignature.getStatus().getSettings(),
- IConfigurationConstants.KEEP_INVALID_SIGNATURE, false)) {
- Base64 b64 = new Base64();
- requestedSignature
- .getStatus()
- .getMetaInformations()
- .put(ErrorConstants.STATUS_INFO_INVALIDSIG,
- b64.encodeToString(response.getCMSSignature()));
+ }
+ }
}
- } catch (PDFASError e) {
- throw new PdfAsErrorCarrier(e);
- }
-
- if (!StreamUtils.dataCompare(requestedSignature.getCertificate()
- .getFingerprintSHA(), ((X509Certificate) verifyResult
- .getSignerCertificate()).getFingerprintSHA())) {
- throw new PdfAsSignatureException("Certificates missmatch!");
}
- return response.getCMSSignature();
}
}
diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/sl/util/RequestPackage.java b/pdf-as-lib/src/main/java/at/gv/egiz/sl/util/RequestPackage.java
index f08184d2..c7c778bb 100644
--- a/pdf-as-lib/src/main/java/at/gv/egiz/sl/util/RequestPackage.java
+++ b/pdf-as-lib/src/main/java/at/gv/egiz/sl/util/RequestPackage.java
@@ -23,17 +23,13 @@
******************************************************************************/
package at.gv.egiz.sl.util;
-import java.util.ArrayList;
-import java.util.List;
-
import at.gv.egiz.sl.schema.CreateCMSSignatureRequestType;
public class RequestPackage {
private CreateCMSSignatureRequestType requestType;
private byte[] signatureData;
private int[] byteRange;
- private List<BKUHeader> headers = new ArrayList<BKUHeader>();
-
+
public CreateCMSSignatureRequestType getRequestType() {
return requestType;
}
@@ -52,7 +48,4 @@ public class RequestPackage {
public void setByteRange(int[] byteRange) {
this.byteRange = byteRange;
}
- public List<BKUHeader> getHeaders() {
- return headers;
- }
}