diff options
Diffstat (limited to 'pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/signing')
6 files changed, 171 insertions, 11 deletions
diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/signing/IPdfSigner.java b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/signing/IPdfSigner.java index 8ff3a276..38c6530a 100644 --- a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/signing/IPdfSigner.java +++ b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/signing/IPdfSigner.java @@ -1,12 +1,12 @@ package at.gv.egiz.pdfas.lib.impl.signing; import at.gv.egiz.pdfas.common.exceptions.PdfAsException; -import at.gv.egiz.pdfas.lib.api.sign.IPlainSigner; +import at.gv.egiz.pdfas.lib.impl.signing.sig_interface.PDFASSignatureInterface; import at.gv.egiz.pdfas.lib.impl.status.PDFObject; import at.gv.egiz.pdfas.lib.impl.status.RequestedSignature; public interface IPdfSigner { void signPDF(PDFObject pdfObject, - RequestedSignature requestedSignature, IPlainSigner signer) throws PdfAsException; + RequestedSignature requestedSignature, PDFASSignatureInterface signer) throws PdfAsException; } diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/signing/pdfbox/PADESPDFBOXSigner.java b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/signing/pdfbox/PADESPDFBOXSigner.java index 7f16a87a..3f566f06 100644 --- a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/signing/pdfbox/PADESPDFBOXSigner.java +++ b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/signing/pdfbox/PADESPDFBOXSigner.java @@ -24,6 +24,7 @@ import at.gv.egiz.pdfas.common.utils.StreamUtils; import at.gv.egiz.pdfas.common.utils.TempFileHelper; import at.gv.egiz.pdfas.lib.api.sign.IPlainSigner; import at.gv.egiz.pdfas.lib.impl.signing.IPdfSigner; +import at.gv.egiz.pdfas.lib.impl.signing.sig_interface.PDFASSignatureInterface; import at.gv.egiz.pdfas.lib.impl.stamping.TableFactory; import at.gv.egiz.pdfas.lib.impl.stamping.ValueResolver; import at.gv.egiz.pdfas.lib.impl.status.PDFObject; @@ -33,7 +34,8 @@ public class PADESPDFBOXSigner implements IPdfSigner { private static final Logger logger = LoggerFactory.getLogger(PADESPDFBOXSigner.class); - public void signPDF(PDFObject pdfObject, RequestedSignature requestedSignature, IPlainSigner signer) + public void signPDF(PDFObject pdfObject, RequestedSignature requestedSignature, + PDFASSignatureInterface signer) throws PdfAsException { String fisTmpFile = null; @@ -70,10 +72,13 @@ public class PADESPDFBOXSigner implements IPdfSigner { signature.setReason("PDF-AS Signatur"); + logger.debug("Signing @ " + signer.getSigningDate().getTime().toString()); // the signing date, needed for valid signature - signature.setSignDate(Calendar.getInstance()); + signature.setSignDate(signer.getSigningDate()); - doc.addSignature(signature, new PdfboxSignerWrapper(signer, signature)); + signer.setPDSignature(signature); + + doc.addSignature(signature, signer); // pdfbox patched (FIS -> IS) doc.saveIncremental(fis, fos); diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/signing/pdfbox/PdfboxSignerWrapper.java b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/signing/pdfbox/PdfboxSignerWrapper.java index fb629dd6..91734312 100644 --- a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/signing/pdfbox/PdfboxSignerWrapper.java +++ b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/signing/pdfbox/PdfboxSignerWrapper.java @@ -3,35 +3,59 @@ package at.gv.egiz.pdfas.lib.impl.signing.pdfbox; import java.io.FileOutputStream; import java.io.IOException; import java.io.InputStream; +import java.util.Calendar; import org.apache.pdfbox.exceptions.SignatureException; import org.apache.pdfbox.pdmodel.interactive.digitalsignature.PDSignature; -import org.apache.pdfbox.pdmodel.interactive.digitalsignature.SignatureInterface; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import at.gv.egiz.pdfas.common.utils.StreamUtils; import at.gv.egiz.pdfas.common.utils.StringUtils; import at.gv.egiz.pdfas.lib.api.sign.IPlainSigner; +import at.gv.egiz.pdfas.lib.impl.signing.sig_interface.PDFASSignatureInterface; -public class PdfboxSignerWrapper implements SignatureInterface { +public class PdfboxSignerWrapper implements PDFASSignatureInterface { private static final Logger logger = LoggerFactory.getLogger(PdfboxSignerWrapper.class); private IPlainSigner signer; private PDSignature signature; - - public PdfboxSignerWrapper(IPlainSigner signer, PDSignature signature) { + private int[] byteRange; + private Calendar date; + + public PdfboxSignerWrapper(IPlainSigner signer) { this.signer = signer; - this.signature = signature; + this.date = Calendar.getInstance(); } public byte[] sign(InputStream inputStream) throws SignatureException, IOException { - byte[] signature = signer.sign(StreamUtils.inputStreamToByteArray(inputStream)); + byteRange = this.signature.getByteRange(); + byte[] signature = signer.sign(StreamUtils.inputStreamToByteArray(inputStream)); logger.debug("Signature Data: " + StringUtils.bytesToHexString(signature)); FileOutputStream fos = new FileOutputStream("/tmp/fos.bin"); fos.write(signature); fos.close(); return signature; } + + public int[] getByteRange() { + return byteRange; + } + + public String getPDFSubFilter() { + return this.signer.getPDFSubFilter(); + } + + public String getPDFFilter() { + return this.signer.getPDFFilter(); + } + + public void setPDSignature(PDSignature signature) { + this.signature = signature; + } + + public Calendar getSigningDate() { + return this.date; + } } diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/signing/sig_interface/PDFASSignatureInterface.java b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/signing/sig_interface/PDFASSignatureInterface.java new file mode 100644 index 00000000..43f0014d --- /dev/null +++ b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/signing/sig_interface/PDFASSignatureInterface.java @@ -0,0 +1,13 @@ +package at.gv.egiz.pdfas.lib.impl.signing.sig_interface; + +import java.util.Calendar; + +import org.apache.pdfbox.pdmodel.interactive.digitalsignature.PDSignature; +import org.apache.pdfbox.pdmodel.interactive.digitalsignature.SignatureInterface; + +public interface PDFASSignatureInterface extends SignatureInterface { + public String getPDFSubFilter(); + public String getPDFFilter(); + public void setPDSignature(PDSignature signature); + public Calendar getSigningDate(); +} diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/signing/sig_interface/SignatureDataExtractor.java b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/signing/sig_interface/SignatureDataExtractor.java new file mode 100644 index 00000000..4b7afa6c --- /dev/null +++ b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/signing/sig_interface/SignatureDataExtractor.java @@ -0,0 +1,70 @@ +package at.gv.egiz.pdfas.lib.impl.signing.sig_interface; + +import iaik.x509.X509Certificate; + +import java.io.IOException; +import java.io.InputStream; +import java.util.Calendar; + +import org.apache.pdfbox.exceptions.SignatureException; +import org.apache.pdfbox.pdmodel.interactive.digitalsignature.PDSignature; + +import at.gv.egiz.pdfas.common.utils.StreamUtils; + +public class SignatureDataExtractor implements PDFASSignatureInterface { + + protected X509Certificate certificate; + protected byte[] signatureData; + + protected String pdfSubFilter; + protected String pdfFilter; + protected PDSignature signature; + protected int[] byteRange; + protected Calendar date; + + public SignatureDataExtractor(X509Certificate certificate, + String filter, String subfilter, Calendar date) { + this.certificate = certificate; + this.pdfFilter = filter; + this.pdfSubFilter = subfilter; + this.date = date; + } + + public X509Certificate getCertificate() { + return certificate; + } + + public String getPDFSubFilter() { + return this.pdfSubFilter; + } + + public String getPDFFilter() { + return this.pdfFilter; + } + + public byte[] getSignatureData() { + return this.signatureData; + } + + public byte[] sign(InputStream content) throws SignatureException, + IOException { + signatureData = StreamUtils.inputStreamToByteArray(content); + byteRange = this.signature.getByteRange(); + return new byte[] { 0 }; + } + + public void setPDSignature(PDSignature signature) { + this.signature = signature; + } + + public int[] getByteRange() { + return byteRange; + } + + public Calendar getSigningDate() { + return this.date; + } + + + +} diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/signing/sig_interface/SignatureDataInjector.java b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/signing/sig_interface/SignatureDataInjector.java new file mode 100644 index 00000000..65083a36 --- /dev/null +++ b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/signing/sig_interface/SignatureDataInjector.java @@ -0,0 +1,48 @@ +package at.gv.egiz.pdfas.lib.impl.signing.sig_interface; + +import iaik.x509.X509Certificate; + +import java.io.FileOutputStream; +import java.io.IOException; +import java.io.InputStream; +import java.util.Calendar; + +import org.apache.pdfbox.exceptions.SignatureException; + +import at.gv.egiz.pdfas.common.utils.StreamUtils; + +public class SignatureDataInjector extends SignatureDataExtractor { + + protected byte[] signature; + protected byte[] oldSignatureData; + + public SignatureDataInjector(X509Certificate certificate, String filter, + String subfilter, Calendar date, byte[] signature, byte[] signatureData) { + super(certificate, filter, subfilter, date); + this.signature = signature; + this.oldSignatureData = signatureData; + } + + @Override + public byte[] sign(InputStream content) throws SignatureException, + IOException { + byte[] signatureData = StreamUtils.inputStreamToByteArray(content); + + FileOutputStream fos2 = new FileOutputStream("/home/afitzek/devel/pdfas_neu/sign2.pdf"); + fos2.write(signatureData); + fos2.close(); + + if(signatureData.length != this.oldSignatureData.length) { + throw new SignatureException("Signature Data missmatch!"); + } + + for(int i = 0; i < signatureData.length; i++) { + if(signatureData[i] != this.oldSignatureData[i]) { + throw new SignatureException("Signature Data missmatch! " + i + " " + signatureData[i] + " vs " + this.oldSignatureData[i]); + } + } + + return signature; + } + +} |