diff options
Diffstat (limited to 'pdf-as-lib')
17 files changed, 819 insertions, 987 deletions
diff --git a/pdf-as-lib/build.gradle b/pdf-as-lib/build.gradle index e63dfe2d..67e4b6ac 100644 --- a/pdf-as-lib/build.gradle +++ b/pdf-as-lib/build.gradle @@ -69,7 +69,7 @@ dependencies { api group: 'javax.activation', name: 'activation', version: '1.1.1' api group: 'javax.xml.bind', name: 'jaxb-api', version: '2.3.1' api group: 'com.google.code.gson', name: 'gson', version: '2.10.1' - api group: 'org.bitbucket.b_c', name: 'jose4j', version: '0.9.2' + api group: 'org.bitbucket.b_c', name: 'jose4j', version: '0.9.3' api group: 'commons-io', name: 'commons-io', version: '2.11.0' api group: 'org.glassfish.jaxb', name: 'jaxb-runtime', version: '2.3.3' api 'org.apache.commons:commons-collections4:4.4' @@ -80,8 +80,8 @@ dependencies { api files('libs/iaik_cms-5.1.1.jar') api group: 'org.slf4j', name: 'slf4j-api', version: slf4jVersion api group: 'org.slf4j', name: 'jcl-over-slf4j', version: slf4jVersion - api group: 'com.google.zxing', name: 'core', version: '3.4.1' - api group: 'com.google.zxing', name: 'javase', version: '3.4.1' + api group: 'com.google.zxing', name: 'core', version: '3.5.0' + api group: 'com.google.zxing', name: 'javase', version: '3.5.0' ws group: 'org.apache.cxf', name: 'cxf-tools', version: cxfVersion ws group: 'org.apache.cxf', name: 'cxf-tools-wsdlto-databinding-jaxb', version: cxfVersion diff --git a/pdf-as-lib/src/configuration/cfg/advancedconfig.properties b/pdf-as-lib/src/configuration/cfg/advancedconfig.properties index 7eb1ec37..d00f2872 100644 --- a/pdf-as-lib/src/configuration/cfg/advancedconfig.properties +++ b/pdf-as-lib/src/configuration/cfg/advancedconfig.properties @@ -41,6 +41,8 @@ # MATCH_MODE_SORTED = 3
#placeholder_mode=
+# Allow profile over-write from placeholder content [true|false], default=true
+#placeholder_profile_overwrite=true
### stop processing it signature-block can not valid placed on document
sigblock.placement.less.space.failing=false
diff --git a/pdf-as-lib/src/configuration/cfg/log4j.properties b/pdf-as-lib/src/configuration/cfg/log4j.properties deleted file mode 100644 index 9cc9f155..00000000 --- a/pdf-as-lib/src/configuration/cfg/log4j.properties +++ /dev/null @@ -1,23 +0,0 @@ -log4j.rootLogger = INFO, CONSOLE -#, ROLLINGFILE - -# DETAIL LEVELS -log4j.logger.at.gv.egiz = INFO -log4j.logger.at.knowcenter = INFO -# Statistical logger -#log4j.logger.statistic = INFO, STATISTIC - -# CONSOLE -log4j.appender.CONSOLE = org.apache.log4j.ConsoleAppender -log4j.appender.CONSOLE.layout = org.apache.log4j.PatternLayout -log4j.appender.CONSOLE.layout.ConversionPattern = %-4r [%t] %-5p %c %x - %m%n -log4j.appender.CONSOLE.threshold = DEBUG -log4j.appender.CONSOLE.Target = System.out - -# ROLLINGFILE -#log4j.appender.ROLLINGFILE = org.apache.log4j.RollingFileAppender -#log4j.appender.ROLLINGFILE.File = ${catalina.base}/logs/pdf-as.log -#log4j.appender.ROLLINGFILE.MaxFileSize = 10240KB -#log4j.appender.ROLLINGFILE.MaxBackupIndex = 1 -#log4j.appender.ROLLINGFILE.layout = org.apache.log4j.PatternLayout -#log4j.appender.ROLLINGFILE.layout.ConversionPattern = [%-5p@%d{dd.MM.yyyy HH:mm:ss}] %c:%M:%L - %m%n diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/api/IConfigurationConstants.java b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/api/IConfigurationConstants.java index 21a8e3b9..d031e2f7 100644 --- a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/api/IConfigurationConstants.java +++ b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/api/IConfigurationConstants.java @@ -45,9 +45,13 @@ public interface IConfigurationConstants { public static final String LEGACY_40_POSITIONING = ".legacy40.pos"; public static final String MIN_WIDTH = "minWidth"; - public static final String PLACEHOLDER_WEB_ID = "placeholder_web_id"; public static final String PLACEHOLDER_ID = "placeholder_id"; public static final String PLACEHOLDER_MODE = "placeholder_mode"; + public static final String PLACEHOLDER_PROFILE_OVERWRITE = "placeholder_profile_overwrite"; + + + public static final String PLACEHOLDER_WEB_ID = "placeholder_web_id"; + public static final String PLACEHOLDER_WEB_ENABLED = "placeholder_web_enabled"; public static final String PLACEHOLDER_SEARCH_ENABLED = "enable_placeholder_search"; public static final String DEFAULT_SIGNATURE_PROFILE = SIG_OBJECT + SEPERATOR + TYPE + SEPERATOR + DEFAULT; diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/api/sign/SignParameter.java b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/api/sign/SignParameter.java index 6a7ccf24..e123d453 100644 --- a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/api/sign/SignParameter.java +++ b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/api/sign/SignParameter.java @@ -54,6 +54,39 @@ public interface SignParameter extends PdfAsParameter { */ public void setSignaturePosition(String signaturePosition); + + /** + * Get Id of a placeholder that should be used for positioning. + * + * @return Id of a placeholder + */ + String getPlaceHolderId(); + + + /** + * Set Id of a placeholder that should be used for positioning. + * + * @param id Id of a placeholder + */ + void setPlaceHolderId(String id); + + /** + * Is QR-Code placeholder search enabled for this request. + * + * @return <code>true</code> if it's enabled, otherwise <code>false</code> + */ + boolean isPlaceHolderSearchEnabled(); + + + /** + * Enable / disable QR-Code placeholder search on request level. + * + * <p>Default value is <code>true</code></p> + * + * @param flag <code>true</code> to enable, <code>false</code> to disable + */ + void setPlaceHolderSearchEnabled(boolean flag); + /** * Sets the signer to use * diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/ErrorExtractor.java b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/ErrorExtractor.java index 9b2a8d79..bcf04611 100644 --- a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/ErrorExtractor.java +++ b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/ErrorExtractor.java @@ -5,6 +5,7 @@ import org.slf4j.LoggerFactory; import at.gv.egiz.pdfas.common.exceptions.ErrorConstants; import at.gv.egiz.pdfas.common.exceptions.PDFASError; +import at.gv.egiz.pdfas.common.exceptions.PdfAsException; import at.gv.egiz.pdfas.common.exceptions.PdfAsMOAException; import at.gv.egiz.pdfas.common.exceptions.SLPdfAsException; import at.gv.egiz.pdfas.lib.impl.status.OperationStatus; @@ -42,6 +43,10 @@ public class ErrorExtractor implements ErrorConstants { } else { return new PDFASError(code, e); } + + } else if(e instanceof PdfAsException) { + return new PDFASError(11020, e.getMessage(), e); + } // TODO: Handle more exceptions diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/PdfAsImpl.java b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/PdfAsImpl.java index 47e46bcf..ebd8ec90 100644 --- a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/PdfAsImpl.java +++ b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/PdfAsImpl.java @@ -27,6 +27,7 @@ import java.awt.Image; import java.io.File; import java.io.IOException; import java.util.Calendar; +import java.util.Date; import java.util.Iterator; import java.util.List; @@ -165,8 +166,9 @@ public class PdfAsImpl implements PdfAs, IConfigurationConstants, status.setRequestedSignature(requestedSignature); - try { - requestedSignature.setCertificate(status.getSignParamter().getPlainSigner().getCertificate(parameter)); + try { + requestedSignature.setCertificate(getValidCertificate( + status.getSignParamter().getPlainSigner().getCertificate(parameter))); } finally { if (parameter instanceof BKUHeaderHolder) { @@ -208,9 +210,10 @@ public class PdfAsImpl implements PdfAs, IConfigurationConstants, // Create signature try { - signer.signPDF(status.getPdfObject(), requestedSignature, signer - .buildSignaturInterface(status.getSignParamter() - .getPlainSigner(), parameter, requestedSignature)); + signer.signPDF(status.getPdfObject(), requestedSignature, + signer.buildSignaturInterface(status.getSignParamter().getPlainSigner(), + parameter, requestedSignature)); + } finally { if (parameter instanceof BKUHeaderHolder) { final BKUHeaderHolder holder = (BKUHeaderHolder) parameter; @@ -266,6 +269,22 @@ public class PdfAsImpl implements PdfAs, IConfigurationConstants, } } + private X509Certificate getValidCertificate(X509Certificate certificate) throws PDFASError { + Date notAfter = certificate.getNotAfter(); + Date notBefore = certificate.getNotBefore(); + Date now = new Date(); + + if (now.after(notAfter) || now.before(notBefore)) { + logger.warn("Signer certificate is not valid. notBefore:{} | notAfter:{} | now:{}", + notBefore, notAfter, now); + throw new PDFASError(11021); + + } else { + return certificate; + + } + } + @Override public List<VerifyResult> verify(VerifyParameter parameter) throws PDFASError { @@ -400,6 +419,7 @@ public class PdfAsImpl implements PdfAs, IConfigurationConstants, } catch (final Throwable e) { logger.warn("process", e); throw ErrorExtractor.searchPdfAsError(e, status); + } } else if (request.needSignature()) { request.setNeedSignature(false); diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/SignParameterImpl.java b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/SignParameterImpl.java index d2786f53..06b1b34f 100644 --- a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/SignParameterImpl.java +++ b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/SignParameterImpl.java @@ -25,9 +25,7 @@ package at.gv.egiz.pdfas.lib.impl; import java.io.OutputStream; import java.util.ArrayList; -import java.util.HashMap; import java.util.List; -import java.util.Map; import javax.activation.DataSource; @@ -35,10 +33,21 @@ import at.gv.egiz.pdfas.lib.api.Configuration; import at.gv.egiz.pdfas.lib.api.sign.IPlainSigner; import at.gv.egiz.pdfas.lib.api.sign.SignParameter; import at.gv.egiz.sl.util.BKUHeader; +import lombok.Getter; +import lombok.Setter; public class SignParameterImpl extends PdfAsParameterImpl implements SignParameter, BKUHeaderHolder { protected String signatureProfileId = null; protected String signaturePosition = null; + + @Getter + @Setter + protected String placeHolderId; + + @Getter + @Setter + protected boolean placeHolderSearchEnabled; + protected DataSource output = null; protected IPlainSigner signer = null; protected OutputStream outputStream = null; diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/configuration/ConfigurationImpl.java b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/configuration/ConfigurationImpl.java index bfc05c85..8c841301 100644 --- a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/configuration/ConfigurationImpl.java +++ b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/configuration/ConfigurationImpl.java @@ -3,19 +3,19 @@ * PDF-AS has been contracted by the E-Government Innovation Center EGIZ, a * joint initiative of the Federal Chancellery Austria and Graz University of * Technology. - * + * * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by * the European Commission - subsequent versions of the EUPL (the "Licence"); * You may not use this work except in compliance with the Licence. * You may obtain a copy of the Licence at: * http://www.osor.eu/eupl/ - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the Licence is distributed on an "AS IS" basis, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the Licence for the specific language governing permissions and * limitations under the Licence. - * + * * This product combines work with different licenses. See the "NOTICE" text * file for details on the various modules and licenses. * The "NOTICE" text file is part of the distribution. Any derivative works @@ -23,147 +23,166 @@ ******************************************************************************/ package at.gv.egiz.pdfas.lib.impl.configuration; -import java.util.HashMap; import java.util.Iterator; import java.util.Map; import java.util.Properties; import java.util.Vector; +import org.apache.commons.lang3.StringUtils; + import at.gv.egiz.pdfas.common.settings.ISettings; import at.gv.egiz.pdfas.lib.api.Configuration; import at.gv.egiz.pdfas.lib.settings.Settings; public class ConfigurationImpl implements ISettings, Configuration { - protected Properties overwrittenProperties = new Properties(); - - protected ISettings settings; - - public ConfigurationImpl(ISettings settings) { - this.settings = settings; - } - - public void setValue(String key, String value) { - overwrittenProperties.setProperty(key, value); - } - - public String getValue(String key) { - if(overwrittenProperties.containsKey(key)) { - return overwrittenProperties.getProperty(key); - } else { - return this.settings.getValue(key); - } - } - - public boolean hasValue(String key) { - if(overwrittenProperties.containsKey(key)) { - return true; - } else { - return this.settings.hasValue(key); - } - } - - public Map<String, String> getValuesPrefix(String prefix) { - - Map<String, String> valueMap = null; - valueMap = this.settings.getValuesPrefix(prefix); - if(valueMap == null) { - valueMap = new HashMap<String, String>(); - } - - Iterator<Object> keyIterator = overwrittenProperties.keySet().iterator(); + protected Properties overwrittenProperties = new Properties(); + + protected ISettings settings; + + public ConfigurationImpl(ISettings settings) { + this.settings = settings; + } + + @Override + public void setValue(String key, String value) { + overwrittenProperties.setProperty(key, value); + } + + @Override + public String getValue(String key) { + if (overwrittenProperties.containsKey(key)) { + return overwrittenProperties.getProperty(key); + } else { + return this.settings.getValue(key); + } + } + + @Override + public boolean isValue(String key) { + return isValue(key, false); + } + + @Override + public boolean isValue(String key, boolean defaultValue) { + if (overwrittenProperties.containsKey(key)) { + String value = overwrittenProperties.getProperty(key); + if (StringUtils.isNotEmpty(value)) { + return Boolean.valueOf(value); - while(keyIterator.hasNext()) { - String key = keyIterator.next().toString(); - - if(key.startsWith(prefix)) { - valueMap.put(key, overwrittenProperties.getProperty(key)); - } - } - - if(valueMap.isEmpty()) { - return null; - } - - return valueMap; - } - - public Vector<String> getFirstLevelKeys(String prefix) { - - Vector<String> valueMap = this.settings.getFirstLevelKeys(prefix); - if(valueMap == null) { - valueMap = new Vector<String>(); - } - - - String mPrefix = prefix.endsWith(".")?prefix:prefix+"."; - Iterator<Object> keyIterator = overwrittenProperties.keySet().iterator(); + } else { + return defaultValue; - while(keyIterator.hasNext()) { - String key = keyIterator.next().toString(); - - if(key.startsWith(prefix)) { - int keyIdx = key.indexOf('.', mPrefix.length()) > 0 ? key.indexOf('.', mPrefix.length()) : key.length(); - String firstLevels = key.substring(0, keyIdx); - if(!valueMap.contains(firstLevels)) { - valueMap.add(firstLevels); - } - } - } - - if(valueMap.isEmpty()) { - return null; - } - - return valueMap; - } - - public boolean hasPrefix(String prefix) { - - if(this.settings.hasPrefix(prefix)) { - return true; - } - - Iterator<Object> keyIterator = overwrittenProperties.keySet().iterator(); - while(keyIterator.hasNext()) { - String key = keyIterator.next().toString(); - - if(key.startsWith(prefix)) { - return true; - } - } - return false; - } - - public String getWorkingDirectory() { - return this.settings.getWorkingDirectory(); - } - - public void cloneProfile(String originalPrefix, String clonedPrefix) { - Map<String, String> source = getValuesPrefix(originalPrefix); - - Iterator<String> keyIt = source.keySet().iterator(); - - while(keyIt.hasNext()) { - String origKey = keyIt.next(); - String cloneKey = origKey.replace(originalPrefix, clonedPrefix); - this.overwrittenProperties.setProperty(cloneKey, source.get(origKey)); - } - } - - public void removeProfile(String configurationPrefix) { - Iterator<Object> keyIterator = overwrittenProperties.keySet().iterator(); - while(keyIterator.hasNext()) { - String key = keyIterator.next().toString(); - - if(key.startsWith(configurationPrefix)) { - overwrittenProperties.remove(key); - } + } + } else { + return this.settings.isValue(key, defaultValue); + + } + } + + @Override + public boolean hasValue(String key) { + if (overwrittenProperties.containsKey(key)) { + return true; + } else { + return this.settings.hasValue(key); + } + } + + @Override + public Map<String, String> getValuesPrefix(String prefix) { + final Map<String, String> valueMap = this.settings.getValuesPrefix(prefix); + final Iterator<Object> keyIterator = overwrittenProperties.keySet().iterator(); + + while (keyIterator.hasNext()) { + final String key = keyIterator.next().toString(); + + if (key.startsWith(prefix)) { + valueMap.put(key, overwrittenProperties.getProperty(key)); + } + } + + return valueMap; + } + + @Override + public Vector<String> getFirstLevelKeys(String prefix) { + + Vector<String> valueMap = this.settings.getFirstLevelKeys(prefix); + if (valueMap == null) { + valueMap = new Vector<>(); + } + + final String mPrefix = prefix.endsWith(".") ? prefix : prefix + "."; + final Iterator<Object> keyIterator = overwrittenProperties.keySet().iterator(); + + while (keyIterator.hasNext()) { + final String key = keyIterator.next().toString(); + + if (key.startsWith(prefix)) { + final int keyIdx = key.indexOf('.', mPrefix.length()) > 0 ? key.indexOf('.', mPrefix.length()) + : key.length(); + final String firstLevels = key.substring(0, keyIdx); + if (!valueMap.contains(firstLevels)) { + valueMap.add(firstLevels); } - } + } + } + + if (valueMap.isEmpty()) { + return null; + } + + return valueMap; + } + + @Override + public boolean hasPrefix(String prefix) { + + if (this.settings.hasPrefix(prefix)) { + return true; + } + + final Iterator<Object> keyIterator = overwrittenProperties.keySet().iterator(); + while (keyIterator.hasNext()) { + final String key = keyIterator.next().toString(); + + if (key.startsWith(prefix)) { + return true; + } + } + return false; + } + + @Override + public String getWorkingDirectory() { + return this.settings.getWorkingDirectory(); + } + + @Override + public void cloneProfile(String originalPrefix, String clonedPrefix) { + final Map<String, String> source = getValuesPrefix(originalPrefix); + + for (final String origKey : source.keySet()) { + final String cloneKey = origKey.replace(originalPrefix, clonedPrefix); + this.overwrittenProperties.setProperty(cloneKey, source.get(origKey)); + } + } + + @Override + public void removeProfile(String configurationPrefix) { + final Iterator<Object> keyIterator = overwrittenProperties.keySet().iterator(); + while (keyIterator.hasNext()) { + final String key = keyIterator.next().toString(); + + if (key.startsWith(configurationPrefix)) { + overwrittenProperties.remove(key); + } + } + } + + public void debugDumpProfileSettings(String profileName) { + ((Settings) settings).debugDumpProfileSettings(profileName); + } - public void debugDumpProfileSettings(String profileName) { - ((Settings)settings).debugDumpProfileSettings(profileName); - } - } diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/configuration/PlaceholderConfiguration.java b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/configuration/PlaceholderConfiguration.java index 326ed142..a3719168 100644 --- a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/configuration/PlaceholderConfiguration.java +++ b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/configuration/PlaceholderConfiguration.java @@ -3,19 +3,19 @@ * PDF-AS has been contracted by the E-Government Innovation Center EGIZ, a * joint initiative of the Federal Chancellery Austria and Graz University of * Technology. - * + * * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by * the European Commission - subsequent versions of the EUPL (the "Licence"); * You may not use this work except in compliance with the Licence. * You may obtain a copy of the Licence at: * http://www.osor.eu/eupl/ - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the Licence is distributed on an "AS IS" basis, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the Licence for the specific language governing permissions and * limitations under the Licence. - * + * * This product combines work with different licenses. See the "NOTICE" text * file for details on the various modules and licenses. * The "NOTICE" text file is part of the distribution. Any derivative works @@ -25,60 +25,57 @@ package at.gv.egiz.pdfas.lib.impl.configuration; import at.gv.egiz.pdfas.common.settings.ISettings; import at.gv.egiz.pdfas.lib.api.IConfigurationConstants; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; +import lombok.extern.slf4j.Slf4j; -import java.util.Map; +@Slf4j +public class PlaceholderConfiguration extends SpecificBaseConfiguration + implements IConfigurationConstants { + public PlaceholderConfiguration(ISettings configuration) { + super(configuration); + } -public class PlaceholderConfiguration extends SpecificBaseConfiguration - implements IConfigurationConstants { + public boolean isGlobalPlaceholderEnabled() { + if (configuration.hasValue(PLACEHOLDER_SEARCH_ENABLED)) { + final String value = configuration.getValue(PLACEHOLDER_SEARCH_ENABLED); + if (value.equalsIgnoreCase(TRUE)) { + return true; + } + } + return false; + } - private static final Logger logger = LoggerFactory.getLogger(PlaceholderConfiguration.class); + /** + * Match selected Profile for Placeholder Enables to activate placeholder + * search/match for different profiles + * + * @return + */ + public boolean isProfileConfigurationEnabled(String profileID) { + log.trace("Check if placeHolders are enabled for profile: {}", profileID); + + final String profileMatch = SIG_OBJECT + SEPERATOR + profileID + SEPERATOR + + PLACEHOLDER_SEARCH_ENABLED; + final String value = configuration.getValue(profileMatch); + if (TRUE.equalsIgnoreCase(value)) { + log.debug("Placeholders enabled for profile: {} ", profileID); + return true; + + } + return false; + + } - public PlaceholderConfiguration(ISettings configuration) { - super(configuration); - } + /** + * Get placeholderId for a specific profile. + * + * @param selectedProfileID ProfileName + * @return Placeholder Id + */ + public String getProfilePlaceholderID(String selectedProfileID) { + log.info("SelectedProfileID in ProfileConfEnabled: " + selectedProfileID); + final String profileMatch = SIG_OBJECT + SEPERATOR + selectedProfileID + SEPERATOR + PLACEHOLDER_ID; + return configuration.getValue(profileMatch); - public boolean isGlobalPlaceholderEnabled() { - if (configuration.hasValue(PLACEHOLDER_SEARCH_ENABLED)) { - String value = configuration.getValue(PLACEHOLDER_SEARCH_ENABLED); - if (value.equalsIgnoreCase(TRUE)) { - return true; - } - } - return false; - } - - /** - * Match selected Profile for Placeholder - * Enables to activate placeholder search/match for different profiles - * @return - */ - public boolean isProfileConfigurationEnabled(String selectedProfileID) - { - logger.info("SelectedProfileID in ProfileConfEnabled: "+selectedProfileID); - String profileMatch = SIG_OBJECT+SEPERATOR+selectedProfileID+SEPERATOR+PLACEHOLDER_SEARCH_ENABLED; - if (configuration.getValuesPrefix(profileMatch)!=null) { - Map<String, String> map = configuration.getValuesPrefix(profileMatch); - String value = map.get(profileMatch); - if (value.equalsIgnoreCase(TRUE)) { - logger.info("Configuration has Value: "+value); - return true; - } - } - return false; - } - - public String getProfilePlaceholderID(String selectedProfileID) - { - logger.info("SelectedProfileID in ProfileConfEnabled: "+selectedProfileID); - String profileMatch = SIG_OBJECT+SEPERATOR+selectedProfileID+SEPERATOR+PLACEHOLDER_ID; - if (configuration.getValuesPrefix(profileMatch)!=null) { - Map<String, String> map = configuration.getValuesPrefix(profileMatch); - return map.get(profileMatch); - } - return null; - } + } } - diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/configuration/PlaceholderWebConfiguration.java b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/configuration/PlaceholderWebConfiguration.java deleted file mode 100644 index 3a78f24f..00000000 --- a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/configuration/PlaceholderWebConfiguration.java +++ /dev/null @@ -1,24 +0,0 @@ -package at.gv.egiz.pdfas.lib.impl.configuration; - -import java.util.Properties; - -public class PlaceholderWebConfiguration { - - protected static Properties properties = new Properties(); - - //todo properties not cleaned - public static void setValue(String key, String value) - { - properties.clear(); - properties.setProperty(key,value); - } - public static String getValue(String key) - { - return properties.getProperty(key); - } - - public static void clear () { - properties.clear(); - } - -} diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/placeholder/PlaceholderExtractor.java b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/placeholder/PlaceholderExtractor.java index 0a55b834..436024cd 100644 --- a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/placeholder/PlaceholderExtractor.java +++ b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/placeholder/PlaceholderExtractor.java @@ -3,10 +3,7 @@ package at.gv.egiz.pdfas.lib.impl.placeholder; import at.gv.egiz.pdfas.common.exceptions.PdfAsException; import at.gv.egiz.pdfas.lib.impl.status.PDFObject; -import java.util.List; - public interface PlaceholderExtractor { - SignaturePlaceholderData extract(PDFObject doc, String placeholderId, int matchMode) throws PdfAsException; - - List<SignaturePlaceholderData> extractList(PDFObject pdfObject, String placeholderID, int placeholderMode) throws PdfAsException; + SignaturePlaceholderData extract(PDFObject pdfObject, String placeholderID, int placeholderMode) throws PdfAsException; + } diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/placeholder/PlaceholderFilter.java b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/placeholder/PlaceholderFilter.java index 99c09295..1615482f 100644 --- a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/placeholder/PlaceholderFilter.java +++ b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/placeholder/PlaceholderFilter.java @@ -24,145 +24,77 @@ package at.gv.egiz.pdfas.lib.impl.placeholder; import java.io.IOException; -import java.util.List; + +import org.apache.commons.lang3.StringUtils; import at.gv.egiz.pdfas.common.exceptions.PDFASError; import at.gv.egiz.pdfas.common.exceptions.PdfAsErrorCarrier; import at.gv.egiz.pdfas.common.exceptions.PdfAsException; import at.gv.egiz.pdfas.common.settings.ISettings; import at.gv.egiz.pdfas.lib.api.IConfigurationConstants; -import at.gv.egiz.pdfas.lib.impl.configuration.PlaceholderWebConfiguration; import at.gv.egiz.pdfas.lib.impl.status.OperationStatus; -import org.apache.commons.lang3.StringUtils; +import lombok.extern.slf4j.Slf4j; +@Slf4j public class PlaceholderFilter implements IConfigurationConstants, PlaceholderExtractorConstants { - + public static SignaturePlaceholderData checkPlaceholderSignatureLocation( - OperationStatus status, ISettings settings, String signatureLocation) throws PdfAsException, - IOException { - - String placeholderID; - - if (status.getPlaceholderConfiguration().isGlobalPlaceholderEnabled()) { - PlaceholderExtractor extractor = status.getBackend().getPlaceholderExtractor(); - - if(StringUtils.isNotEmpty(signatureLocation)) { - placeholderID = signatureLocation; - } else { - placeholderID = PlaceholderWebConfiguration.getValue(PLACEHOLDER_WEB_ID); - if(StringUtils.isEmpty(placeholderID)) { - placeholderID = settings.getValue(PLACEHOLDER_ID); - } - } - - String placeholderModeString = settings.getValue(PLACEHOLDER_MODE); - int placeholderMode = PLACEHOLDER_MATCH_MODE_MODERATE; - if (StringUtils.isNotEmpty(placeholderModeString)) { - try { - placeholderMode = Integer.parseInt(placeholderModeString); - if (placeholderMode < PLACEHOLDER_MODE_MIN - || placeholderMode > PLACEHOLDER_MODE_MAX) { - throw new PdfAsErrorCarrier(new PDFASError( - PDFASError.ERROR_INVALID_PLACEHOLDER_MODE)); - } - } catch (NumberFormatException e) { - throw new PdfAsErrorCarrier(new PDFASError( - PDFASError.ERROR_INVALID_PLACEHOLDER_MODE, e)); - } - } - SignaturePlaceholderData signaturePlaceholderData = extractor.extract(status.getPdfObject(), placeholderID, placeholderMode); - return signaturePlaceholderData; - - } else if (status.getPlaceholderConfiguration().isProfileConfigurationEnabled(status.getRequestedSignature().getSignatureProfileID())) { - //filter for local placeholder in selected profiles - PlaceholderExtractor extractor = status.getBackend().getPlaceholderExtractor(); - int placeholderMode = PLACEHOLDER_MATCH_MODE_SORTED; - - placeholderID = status.getPlaceholderConfiguration().getProfilePlaceholderID(status.getRequestedSignature().getSignatureProfileID()); - if(StringUtils.isNotEmpty(placeholderID)) { - placeholderMode = PLACEHOLDER_MATCH_MODE_MODERATE; - } - String placeholderModeString = settings.getValue(PLACEHOLDER_MODE); - if (StringUtils.isNotEmpty(placeholderModeString)) { - try { - placeholderMode = Integer.parseInt(placeholderModeString); - if (placeholderMode < PLACEHOLDER_MODE_MIN - || placeholderMode > PLACEHOLDER_MODE_MAX) { - throw new PdfAsErrorCarrier(new PDFASError( - PDFASError.ERROR_INVALID_PLACEHOLDER_MODE)); - } - } catch (NumberFormatException e) { - throw new PdfAsErrorCarrier(new PDFASError( - PDFASError.ERROR_INVALID_PLACEHOLDER_MODE, e)); - } - } - SignaturePlaceholderData signaturePlaceholderData = extractor.extract(status.getPdfObject(), placeholderID, placeholderMode); - return signaturePlaceholderData; - } + OperationStatus status, ISettings settings, String placeholderId) throws PdfAsException, IOException { + + String signingProfile = status.getRequestedSignature().getSignatureProfileID(); + + if (status.getSignParamter().isPlaceHolderSearchEnabled()) { + if (status.getPlaceholderConfiguration().isGlobalPlaceholderEnabled()) { + String defaultPlaceHolderId = settings.getValue(PLACEHOLDER_ID); + return status.getBackend().getPlaceholderExtractor().extract( + status.getPdfObject(), getPlaceHolderId(placeholderId, defaultPlaceHolderId) , + getPlaceHolderMode(settings, PLACEHOLDER_MATCH_MODE_SORTED)); + + } else if (status.getPlaceholderConfiguration().isProfileConfigurationEnabled(signingProfile)) { + String defaultPlaceHolderId = status.getPlaceholderConfiguration().getProfilePlaceholderID(signingProfile); + return status.getBackend().getPlaceholderExtractor().extract( + status.getPdfObject(), getPlaceHolderId(placeholderId, defaultPlaceHolderId), + getPlaceHolderMode(settings, + StringUtils.isNotEmpty(defaultPlaceHolderId) ? PLACEHOLDER_MATCH_MODE_MODERATE : PLACEHOLDER_MATCH_MODE_SORTED)); + } + } else { + log.debug("Searching placeholders are disabled for this request"); + + } + return null; } - - public static List<SignaturePlaceholderData> checkPlaceholderSignatureLocationList(OperationStatus status, ISettings settings, String signatureLocation) throws PdfAsException, - IOException { - String placeholderID; - - if (status.getPlaceholderConfiguration().isGlobalPlaceholderEnabled()) { - PlaceholderExtractor extractor = status.getBackend().getPlaceholderExtractor(); - - if(StringUtils.isNotEmpty(signatureLocation)) { - placeholderID = signatureLocation; - } else { - placeholderID = PlaceholderWebConfiguration.getValue(PLACEHOLDER_WEB_ID); - if(StringUtils.isEmpty(placeholderID)) { - placeholderID = settings.getValue(PLACEHOLDER_ID); - } - } - - String placeholderModeString = settings.getValue(PLACEHOLDER_MODE); - int placeholderMode = PLACEHOLDER_MATCH_MODE_MODERATE; - if (StringUtils.isNotEmpty(placeholderModeString)) { - try { - placeholderMode = Integer.parseInt(placeholderModeString); - if (placeholderMode < PLACEHOLDER_MODE_MIN - || placeholderMode > PLACEHOLDER_MODE_MAX) { - throw new PdfAsErrorCarrier(new PDFASError( - PDFASError.ERROR_INVALID_PLACEHOLDER_MODE)); - } - } catch (NumberFormatException e) { - throw new PdfAsErrorCarrier(new PDFASError( - PDFASError.ERROR_INVALID_PLACEHOLDER_MODE, e)); - } - } - return extractor.extractList(status.getPdfObject(), placeholderID, - placeholderMode); - - } else if (status.getPlaceholderConfiguration().isProfileConfigurationEnabled(status.getRequestedSignature().getSignatureProfileID())) { - //filter for local placeholder in selected profiles - PlaceholderExtractor extractor = status.getBackend().getPlaceholderExtractor(); - int placeholderMode = PLACEHOLDER_MATCH_MODE_SORTED; - - placeholderID = status.getPlaceholderConfiguration().getProfilePlaceholderID(status.getRequestedSignature().getSignatureProfileID()); - if(StringUtils.isNotEmpty(placeholderID)) { - placeholderMode = PLACEHOLDER_MATCH_MODE_MODERATE; - } - String placeholderModeString = settings.getValue(PLACEHOLDER_MODE); - if (StringUtils.isNotEmpty(placeholderModeString)) { - try { - placeholderMode = Integer.parseInt(placeholderModeString); - if (placeholderMode < PLACEHOLDER_MODE_MIN - || placeholderMode > PLACEHOLDER_MODE_MAX) { - throw new PdfAsErrorCarrier(new PDFASError( - PDFASError.ERROR_INVALID_PLACEHOLDER_MODE)); - } - } catch (NumberFormatException e) { - throw new PdfAsErrorCarrier(new PDFASError( - PDFASError.ERROR_INVALID_PLACEHOLDER_MODE, e)); - } - } - return extractor.extractList(status.getPdfObject(), placeholderID, - placeholderMode); - } - return null; + + private static int getPlaceHolderMode(ISettings settings, int defaultValue) throws PdfAsErrorCarrier { + String placeholderModeString = settings.getValue(PLACEHOLDER_MODE); + if (StringUtils.isNotEmpty(placeholderModeString)) { + try { + int placeholderMode = Integer.parseInt(placeholderModeString); + if (placeholderMode < PLACEHOLDER_MODE_MIN || placeholderMode > PLACEHOLDER_MODE_MAX) { + throw new PdfAsErrorCarrier(new PDFASError(PDFASError.ERROR_INVALID_PLACEHOLDER_MODE)); + + } + return placeholderMode; + + } catch (NumberFormatException e) { + throw new PdfAsErrorCarrier(new PDFASError( + PDFASError.ERROR_INVALID_PLACEHOLDER_MODE, e)); + } + + } else { + return defaultValue; + + } } + + private static String getPlaceHolderId(String requestId, String defaultValue) { + if (StringUtils.isEmpty(requestId)) { + return defaultValue; + + } else { + return requestId; + + } + } }
\ No newline at end of file diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/placeholder/SignaturePlaceholderContext.java b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/placeholder/SignaturePlaceholderContext.java deleted file mode 100644 index 3c8a6d76..00000000 --- a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/placeholder/SignaturePlaceholderContext.java +++ /dev/null @@ -1,95 +0,0 @@ -/******************************************************************************* - * <copyright> Copyright 2014 by E-Government Innovation Center EGIZ, Graz, Austria </copyright> - * PDF-AS has been contracted by the E-Government Innovation Center EGIZ, a - * joint initiative of the Federal Chancellery Austria and Graz University of - * Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - ******************************************************************************/ -/** - * <copyright> Copyright 2006 by Know-Center, Graz, Austria </copyright> - * PDF-AS has been contracted by the E-Government Innovation Center EGIZ, a - * joint initiative of the Federal Chancellery Austria and Graz University of - * Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ -package at.gv.egiz.pdfas.lib.impl.placeholder; - -/** - * Store and retrieve {@link SignaturePlaceholderData} in/from a thread local context. - * - * @author exthex - * - */ -public class SignaturePlaceholderContext { - - private ThreadLocal<SignaturePlaceholderData> sigHolder = new ThreadLocal<SignaturePlaceholderData>(); - - private static SignaturePlaceholderContext instance = new SignaturePlaceholderContext(); - - /** - * Constructor. Private because this is a singleton. - */ - private SignaturePlaceholderContext() { - - } - - /** - * Get the {@link SignaturePlaceholderData} which is currently bound to this thread. - * Might be null. - * - * @return - */ - public static SignaturePlaceholderData getSignaturePlaceholderData(){ - return instance.sigHolder.get(); - } - - /** - * - * @return true if there is currently a {@link SignaturePlaceholderData} bound to this thread, false otherwise. - */ - public static boolean isSignaturePlaceholderDataSet() { - return instance.sigHolder.get() != null; - } - - /** - * Bind a {@link SignaturePlaceholderData} to this thread. - * If the given data is null, the context will be cleared. - * - * @param data if null, clears the ThreadLocal, else binds the data to the current thread. - */ - public static void setSignaturePlaceholderData(SignaturePlaceholderData data) { - instance.sigHolder.set(data); - } -} diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/settings/Settings.java b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/settings/Settings.java index c5b6dc57..8138f061 100644 --- a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/settings/Settings.java +++ b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/settings/Settings.java @@ -35,438 +35,380 @@ import java.util.Map; import java.util.Map.Entry; import java.util.Properties; import java.util.Vector; +import java.util.stream.Collectors; import org.apache.commons.io.FileUtils; import org.apache.commons.io.IOCase; import org.apache.commons.io.filefilter.WildcardFileFilter; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; +import org.apache.commons.lang3.StringUtils; import at.gv.egiz.pdfas.common.exceptions.PdfAsSettingsException; import at.gv.egiz.pdfas.common.settings.IProfileConstants; import at.gv.egiz.pdfas.common.settings.ISettings; import at.gv.egiz.pdfas.common.settings.Profiles; +import lombok.extern.slf4j.Slf4j; + +@Slf4j +public class Settings implements ISettings, IProfileConstants { + protected Properties properties = new Properties(); + protected File workDirectory; + + public Settings(File workDirectory) { + try { + this.workDirectory = workDirectory; + loadSettings(workDirectory); + } catch (final PdfAsSettingsException e) { + log.error(e.getMessage(), e); + } + } -public class Settings implements ISettings, IProfileConstants { + private void loadSettingsRecursive(File workDirectory, File file) + throws RuntimeException { + try { + final String configDir = workDirectory.getAbsolutePath() + File.separator + + CFG_DIR; + final Properties tmpProps = new Properties(); + log.debug("Loading: " + file.getName()); + tmpProps.load(new FileInputStream(file)); - private static final Logger logger = LoggerFactory - .getLogger(Settings.class); + properties.putAll(tmpProps); - protected Properties properties = new Properties(); + this.getValuesPrefix(INCLUDE, tmpProps).values() + .forEach(el -> loadAdditionConfigFile(el, configDir)); - protected File workDirectory; + } catch (final IOException e) { + throw new RuntimeException(e); - public Settings(File workDirectory) { - try { - this.workDirectory = workDirectory; - loadSettings(workDirectory); - } catch (PdfAsSettingsException e) { - logger.error(e.getMessage(), e); - } } + } - private void loadSettingsRecursive(File workDirectory, File file) - throws PdfAsSettingsException { - try { - String configDir = workDirectory.getAbsolutePath() + File.separator - + CFG_DIR; - Properties tmpProps = new Properties(); - logger.debug("Loading: " + file.getName()); - tmpProps.load(new FileInputStream(file)); - - properties.putAll(tmpProps); - - Map<String, String> includes = this.getValuesPrefix(INCLUDE, - tmpProps); - File contextFolder = new File(configDir); - if (includes != null) { - Iterator<String> includeIterator = includes.values().iterator(); - while (includeIterator.hasNext()) { - contextFolder = new File(configDir); - String includeFileName = includeIterator.next(); - - File includeInstruction = new File(contextFolder, - includeFileName); - contextFolder = includeInstruction.getParentFile(); - String includeName = includeInstruction.getName(); - - WildcardFileFilter fileFilter = new WildcardFileFilter( - includeName, IOCase.SENSITIVE); - Collection<File> includeFiles = null; - - if (contextFolder != null && contextFolder.exists() - && contextFolder.isDirectory()) { - includeFiles = FileUtils.listFiles(contextFolder, - fileFilter, null); - } - if (includeFiles != null && !includeFiles.isEmpty()) { - logger.debug("Including '" + includeFileName + "'."); - for (File includeFile : includeFiles) { - loadSettingsRecursive(workDirectory, includeFile); - } - } - } - } - - } catch (IOException e) { - throw new PdfAsSettingsException("Failed to read settings!", e); - } - } + private void loadAdditionConfigFile(String includeFileName, String configDir) { + File contextFolder = new File(configDir); - private void showAugments(Profiles profiles) { - if (!profiles.getAugments().isEmpty()) { - logger.debug("\tAugments for {}", profiles.getName()); - for (int i = 0; i < profiles.getAugments().size(); i++) { - logger.debug("\t\t{}", profiles.getAugments().get(i).getName()); - } - } + final File includeInstruction = new File(contextFolder, includeFileName); + contextFolder = includeInstruction.getParentFile(); + final String includeName = includeInstruction.getName(); + + final WildcardFileFilter fileFilter = new WildcardFileFilter( + includeName, IOCase.SENSITIVE); + Collection<File> includeFiles = null; + + if (contextFolder != null && contextFolder.exists() + && contextFolder.isDirectory()) { + includeFiles = FileUtils.listFiles(contextFolder, + fileFilter, null); + } + if (includeFiles != null && !includeFiles.isEmpty()) { + log.debug("Including '" + includeFileName + "'."); + for (final File includeFile : includeFiles) { + loadSettingsRecursive(workDirectory, includeFile); + } } - private boolean isAugmentsReady(Profiles profiles) { - Iterator<Profiles> augmentingProfiles = profiles.getAugments().iterator(); - boolean allInitialized = true; - while (augmentingProfiles.hasNext()) { - if (!augmentingProfiles.next().isInitialized()) { - allInitialized = false; - } + } + + private void showAugments(Profiles profiles) { + if (!profiles.getAugments().isEmpty()) { + log.debug("\tAugments for {}", profiles.getName()); + for (final Profiles element : profiles.getAugments()) { + log.debug("\t\t{}", element.getName()); + } + } + } + + private boolean isAugmentsReady(Profiles profiles) { + boolean allInitialized = true; + for (final Profiles element : profiles.getAugments()) { + if (!element.isInitialized()) { + allInitialized = false; + } + } + return allInitialized; + } + + private boolean isParentReady(Profiles profiles) { + if (profiles.getParent() != null) { + return profiles.getParent().isInitialized(); + } else { + return false; + } + } + + private void performAugmentConfiguration(Profiles profiles) { + final String childBase = "sig_obj." + + profiles.getName(); + + for (final Profiles augmentingProfile : profiles.getAugments()) { + final String augmentingBase = "sig_obj." + augmentingProfile.getName(); + + for (final String key : this.getKeys( + augmentingBase + ".")) { + final String keyToCopy = key.substring(augmentingBase + .length()); + // log.debug("Profile: {} => {}", + // key, childBase+keyToCopy); + final String sourceKey = augmentingBase + keyToCopy; + final String targetKey = childBase + keyToCopy; + + if (!this.hasValue(targetKey)) { + properties.setProperty(targetKey, + this.getValue(sourceKey)); + // log.debug("Replaced: {} with Value from {}", + // childBase+keyToCopy, parentBase+keyToCopy); + } else { + // log.debug("NOT Replaced: {} with Value from {}", + // childBase+keyToCopy, parentBase+keyToCopy); } - return allInitialized; + } } - - private boolean isParentReady(Profiles profiles) { - if (profiles.getParent() != null) { - return profiles.getParent().isInitialized(); + } + + private void performParentConfiguration(Profiles profiles) { + if (profiles.getParent() != null) { + // If Parent is initialized Copy Properties from Parent + // to this profile + final String parentBase = "sig_obj." + profiles.getParent().getName(); + final String childBase = "sig_obj." + + profiles.getName(); + + for (final String key : this.getKeys( + parentBase + ".")) { + final String keyToCopy = key.substring(parentBase + .length()); + // log.debug("Profile: {} => {}", + // key, childBase+keyToCopy); + final String sourceKey = parentBase + keyToCopy; + final String targetKey = childBase + keyToCopy; + + if (!this.hasValue(targetKey)) { + properties.setProperty(targetKey, + this.getValue(sourceKey)); + // log.debug("Replaced: {} with Value from {}", + // childBase+keyToCopy, parentBase+keyToCopy); } else { - return false; + // log.debug("NOT Replaced: {} with Value from {}", + // childBase+keyToCopy, parentBase+keyToCopy); } + } + } + } + + private void buildProfiles() { + final Map<String, Profiles> profiles = new HashMap<>(); + + for (final String key : this.getFirstLevelKeys("sig_obj.types.")) { + final String profile = key.substring("sig_obj.types.".length()); + // System.out.println("[" + profile + "]: " + this.getValue(key)); + if (this.getValue(key).equals("on")) { + final Profiles prof = new Profiles(profile); + profiles.put(profile, prof); + } } - private void performAugmentConfiguration(Profiles profiles) { - Iterator<Profiles> augmentingProfiles = profiles.getAugments().iterator(); - - String childBase = "sig_obj." - + profiles.getName(); - - while (augmentingProfiles.hasNext()) { - Profiles augmentingProfile = augmentingProfiles.next(); - String augmentingBase = "sig_obj." + augmentingProfile.getName(); - - Iterator<String> augmentingKeyIt = this.getKeys( - augmentingBase + ".").iterator(); - - while (augmentingKeyIt.hasNext()) { - String key = augmentingKeyIt.next(); - String keyToCopy = key.substring(augmentingBase - .length()); - //logger.debug("Profile: {} => {}", - // key, childBase+keyToCopy); - String sourceKey = augmentingBase + keyToCopy; - String targetKey = childBase + keyToCopy; - - if (!this.hasValue(targetKey)) { - properties.setProperty(targetKey, - this.getValue(sourceKey)); - //logger.debug("Replaced: {} with Value from {}", - // childBase+keyToCopy, parentBase+keyToCopy); - } else { - //logger.debug("NOT Replaced: {} with Value from {}", - // childBase+keyToCopy, parentBase+keyToCopy); - } - } - } + for (final Entry<String, Profiles> entry : profiles.entrySet()) { + entry.getValue().findParent(properties, profiles); } - private void performParentConfiguration(Profiles profiles) { - if (profiles.getParent() != null) { - // If Parent is initialized Copy Properties from Parent - // to this profile - String parentBase = "sig_obj." + profiles.getParent().getName(); - String childBase = "sig_obj." - + profiles.getName(); - - Iterator<String> parentKeyIt = this.getKeys( - parentBase + ".").iterator(); - while (parentKeyIt.hasNext()) { - String key = parentKeyIt.next(); - String keyToCopy = key.substring(parentBase - .length()); - //logger.debug("Profile: {} => {}", - // key, childBase+keyToCopy); - String sourceKey = parentBase + keyToCopy; - String targetKey = childBase + keyToCopy; - - if (!this.hasValue(targetKey)) { - properties.setProperty(targetKey, - this.getValue(sourceKey)); - //logger.debug("Replaced: {} with Value from {}", - // childBase+keyToCopy, parentBase+keyToCopy); - } else { - //logger.debug("NOT Replaced: {} with Value from {}", - // childBase+keyToCopy, parentBase+keyToCopy); - } - } - } + for (final Entry<String, Profiles> entry : profiles.entrySet()) { + if (entry.getValue().getParent() == null) { + log.debug("Got Profile: [{}] : {}", entry.getKey(), entry.getValue().getName()); + showAugments(entry.getValue()); + } else { + log.debug("Got Profile: [{}] : {} (Parent {})", entry.getKey(), + entry.getValue().getName(), entry.getValue().getParent().getName()); + showAugments(entry.getValue()); + } } - private void buildProfiles() { - Map<String, Profiles> profiles = new HashMap<String, Profiles>(); - - Iterator<String> itKeys = this.getFirstLevelKeys("sig_obj.types.") - .iterator(); - while (itKeys.hasNext()) { - String key = itKeys.next(); - String profile = key.substring("sig_obj.types.".length()); - //System.out.println("[" + profile + "]: " + this.getValue(key)); - if (this.getValue(key).equals("on")) { - Profiles prof = new Profiles(profile); - profiles.put(profile, prof); - } - } + log.debug("Configured Settings: {}", + properties.size()); + + // Resolve Parent Structures ... + while (!profiles.isEmpty()) { + final List<String> removes = new ArrayList<>(); + for (final Entry<String, Profiles> entry : profiles.entrySet()) { + // Remove all base Profiles ... + if (entry.getValue().getParent() == null && entry.getValue().getAugments().isEmpty()) { + // Has neither parent or augmenting profiles + + entry.getValue().setInitialized(true); + removes.add(entry.getKey()); + } else if (entry.getValue().getParent() == null) { + // Has augmenting profiles but no parent + + // check if all augmenting profiles are initialized if so + // add them + + final Profiles profile = entry.getValue(); + if (this.isAugmentsReady(profile)) { + this.performAugmentConfiguration(profile); + // Copy done + entry.getValue().setInitialized(true); + removes.add(entry.getKey()); + } else { + log.debug("Not all augmenting profiles are ready yet for {}", entry.getValue().getName()); + } + } else if (entry.getValue().getAugments().isEmpty()) { + + // Has parent but no augmenting profiles + final Profiles profile = entry.getValue(); + + if (this.isParentReady(profile)) { + this.performParentConfiguration(profile); + // Copy done + entry.getValue().setInitialized(true); + removes.add(entry.getKey()); + } + } else { - // Initialize Parent Structure ... - Iterator<Entry<String, Profiles>> profileIterator = profiles.entrySet() - .iterator(); - while (profileIterator.hasNext()) { - Entry<String, Profiles> entry = profileIterator.next(); - entry.getValue().findParent(properties, profiles); - } + // Has parent and augmenting profiles - // Debug Output - Iterator<Entry<String, Profiles>> profileIteratorDbg = profiles.entrySet() - .iterator(); - while (profileIteratorDbg.hasNext()) { - Entry<String, Profiles> entry = profileIteratorDbg.next(); - if (entry.getValue().getParent() == null) { - logger.debug("Got Profile: [{}] : {}", entry.getKey(), entry.getValue().getName()); - showAugments(entry.getValue()); - } else { - logger.debug("Got Profile: [{}] : {} (Parent {})", entry.getKey(), - entry.getValue().getName(), entry.getValue().getParent().getName()); - showAugments(entry.getValue()); - } - } + final Profiles profile = entry.getValue(); + if (this.isAugmentsReady(profile) && this.isParentReady(profile)) { + // order is curcial, augments preceed over parent configuration + this.performAugmentConfiguration(profile); + this.performParentConfiguration(profile); - logger.debug("Configured Settings: {}", - properties.size()); - - // Resolve Parent Structures ... - while (!profiles.isEmpty()) { - List<String> removes = new ArrayList<String>(); - Iterator<Entry<String, Profiles>> profileIt = profiles.entrySet() - .iterator(); - while (profileIt.hasNext()) { - Entry<String, Profiles> entry = profileIt.next(); - - // Remove all base Profiles ... - if (entry.getValue().getParent() == null && entry.getValue().getAugments().isEmpty()) { - // Has neither parent or augmenting profiles - - entry.getValue().setInitialized(true); - removes.add(entry.getKey()); - } else if (entry.getValue().getParent() == null) { - // Has augmenting profiles but no parent - - // check if all augmenting profiles are initialized if so - // add them - - Profiles profile = entry.getValue(); - if (this.isAugmentsReady(profile)) { - this.performAugmentConfiguration(profile); - // Copy done - entry.getValue().setInitialized(true); - removes.add(entry.getKey()); - } else { - logger.debug("Not all augmenting profiles are ready yet for {}", entry.getValue().getName()); - } - } else if (entry.getValue().getAugments().isEmpty()) { - - // Has parent but no augmenting profiles - Profiles profile = entry.getValue(); - - if (this.isParentReady(profile)) { - this.performParentConfiguration(profile); - // Copy done - entry.getValue().setInitialized(true); - removes.add(entry.getKey()); - } - } else { - - // Has parent and augmenting profiles - - Profiles profile = entry.getValue(); - if (this.isAugmentsReady(profile) && this.isParentReady(profile)) { - // order is curcial, augments preceed over parent configuration - this.performAugmentConfiguration(profile); - this.performParentConfiguration(profile); - - // Copy done - entry.getValue().setInitialized(true); - removes.add(entry.getKey()); - } - } - } - - // Remove all Profiles from Remove List - - if (removes.isEmpty() && !profiles.isEmpty()) { - logger.error("Failed to build inheritant Profiles, running in infinite loop! (aborting ...)"); - logger.error("Profiles that cannot be resolved completly:"); - Iterator<Entry<String, Profiles>> failedProfiles = profiles.entrySet().iterator(); - while (failedProfiles.hasNext()) { - Entry<String, Profiles> entry = failedProfiles.next(); - logger.error("Problem Profile: [{}] : {}", entry.getKey(), entry.getValue().getName()); - } - return; - } - - Iterator<String> removeIt = removes.iterator(); - while (removeIt.hasNext()) { - profiles.remove(removeIt.next()); - } + // Copy done + entry.getValue().setInitialized(true); + removes.add(entry.getKey()); + } } + } - logger.debug("Derived Settings: {}", - properties.size()); + // Remove all Profiles from Remove List - } - - public void debugDumpProfileSettings(String profileName) { - Iterator<String> keysIterator = this.getKeys("sig_obj." + profileName + ".").iterator(); - - logger.debug("Configuration for {}", profileName); - while(keysIterator.hasNext()) { - String key = keysIterator.next(); - logger.debug(" {}: {}", key, this.getValue(key)); + if (removes.isEmpty() && !profiles.isEmpty()) { + log.error("Failed to build inheritant Profiles, running in infinite loop! (aborting ...)"); + log.error("Profiles that cannot be resolved completly:"); + for (final Entry<String, Profiles> entry : profiles.entrySet()) { + log.error("Problem Profile: [{}] : {}", entry.getKey(), entry.getValue().getName()); } - } + return; + } - public void loadSettings(File workDirectory) throws PdfAsSettingsException { - // try { - String configDir = workDirectory.getAbsolutePath() + File.separator - + CFG_DIR; - String configFile = configDir + File.separator + CFG_FILE; - loadSettingsRecursive(workDirectory, new File(configFile)); - buildProfiles(); - /* - * logger.debug("Loading cfg file: " + configFile); - * - * - * properties.load(new FileInputStream(configFile)); - * - * Map<String, String> includes = this.getValuesPrefix(INCLUDE); File - * contextFolder = new File(configDir); if (includes != null) { - * Iterator<String> includeIterator = includes.values().iterator(); - * while (includeIterator.hasNext()) { String includeFileName = - * includeIterator.next(); if (includeFileName.contains("*")) { - * WildcardFileFilter fileFilter = new WildcardFileFilter( - * includeFileName, IOCase.SENSITIVE); Collection<File> includeFiles = - * null; - * - * if (contextFolder != null && contextFolder.exists() && - * contextFolder.isDirectory()) { includeFiles = - * FileUtils.listFiles(contextFolder, fileFilter, null); } if - * (includeFiles != null && !includeFiles.isEmpty()) { - * logger.info("Including '" + includeFileName + "'."); for (File - * includeFile : includeFiles) { properties .load(new - * FileInputStream(includeFile)); } } } else { String includeFile = - * configDir + File.separator + includeFileName; - * logger.debug("Loading included cfg file: " + includeFile); try { - * properties.load(new FileInputStream(includeFile)); } catch (Throwable - * e) { logger.error("Failed to load cfg file " + includeFile, e); } } } - * } - */ - // logger.debug("Configured Properties:"); - /* - * if(logger.isDebugEnabled()) { properties.list(System.out); } - */ - - // } catch (IOException e) { - // throw new PdfAsSettingsException("Failed to read settings!", e); - // } + for (final String element : removes) { + profiles.remove(element); + } } - public String getValue(String key) { - return properties.getProperty(key); - } + log.debug("Derived Settings: {}", + properties.size()); - public boolean hasValue(String key) { - return properties.containsKey(key); - } + } - private Map<String, String> getValuesPrefix(String prefix, Properties props) { - Iterator<Object> keyIterator = props.keySet().iterator(); - Map<String, String> valueMap = new HashMap<String, String>(); - while (keyIterator.hasNext()) { - String key = keyIterator.next().toString(); + public void debugDumpProfileSettings(String profileName) { + log.debug("Configuration for {}", profileName); + for (final String key : this.getKeys("sig_obj." + profileName + ".")) { + log.debug(" {}: {}", key, this.getValue(key)); + } + } + public void loadSettings(File workDirectory) throws PdfAsSettingsException { + try { + final String configDir = workDirectory.getAbsolutePath() + File.separator + + CFG_DIR; + final String configFile = configDir + File.separator + CFG_FILE; + loadSettingsRecursive(workDirectory, new File(configFile)); + buildProfiles(); - if (key.startsWith(prefix)) { - valueMap.put(key, props.getProperty(key)); - } - } + } catch (final RuntimeException e) { + throw new PdfAsSettingsException("Failed to read settings!", e); - if (valueMap.isEmpty()) { - return null; - } - - return valueMap; } - - public Map<String, String> getValuesPrefix(String prefix) { - return getValuesPrefix(prefix, properties); + } + + @Override + public String getValue(String key) { + return properties.getProperty(key); + } + + public boolean isValue(String key) { + return isValue(key, false); + + } + public boolean isValue(String key, boolean defaultValue) { + String value = getValue(key); + if (StringUtils.isNotEmpty(value)) { + return Boolean.valueOf(value); + + } else { + return defaultValue; + } - - public Vector<String> getKeys(String prefix) { - Iterator<Object> keyIterator = properties.keySet().iterator(); - Vector<String> valueMap = new Vector<String>(); - while (keyIterator.hasNext()) { - String key = keyIterator.next().toString(); - - if (key.startsWith(prefix)) { - valueMap.add(key); - } - } - return valueMap; + } + + @Override + public boolean hasValue(String key) { + return properties.containsKey(key); + } + + private Map<String, String> getValuesPrefix(String prefix, Properties props) { + return props.entrySet().stream() + .filter(el -> el.getKey().toString().startsWith(prefix)) + .collect(Collectors.toMap(key -> key.getKey().toString(), value -> value.getValue().toString())); + + } + + @Override + public Map<String, String> getValuesPrefix(String prefix) { + return getValuesPrefix(prefix, properties); + } + + public Vector<String> getKeys(String prefix) { + final Iterator<Object> keyIterator = properties.keySet().iterator(); + final Vector<String> valueMap = new Vector<>(); + while (keyIterator.hasNext()) { + final String key = keyIterator.next().toString(); + + if (key.startsWith(prefix)) { + valueMap.add(key); + } } - - public Vector<String> getFirstLevelKeys(String prefix) { - String mPrefix = prefix.endsWith(".") ? prefix : prefix + "."; - Iterator<Object> keyIterator = properties.keySet().iterator(); - Vector<String> valueMap = new Vector<String>(); - while (keyIterator.hasNext()) { - String key = keyIterator.next().toString(); - - if (key.startsWith(prefix)) { - int keyIdx = key.indexOf('.', mPrefix.length()) > 0 ? key - .indexOf('.', mPrefix.length()) : key.length(); - String firstLevels = key.substring(0, keyIdx); - if (!valueMap.contains(firstLevels)) { - valueMap.add(firstLevels); - } - } - } - - if (valueMap.isEmpty()) { - return null; + return valueMap; + } + + @Override + public Vector<String> getFirstLevelKeys(String prefix) { + final String mPrefix = prefix.endsWith(".") ? prefix : prefix + "."; + final Iterator<Object> keyIterator = properties.keySet().iterator(); + final Vector<String> valueMap = new Vector<>(); + while (keyIterator.hasNext()) { + final String key = keyIterator.next().toString(); + + if (key.startsWith(prefix)) { + final int keyIdx = key.indexOf('.', mPrefix.length()) > 0 ? key + .indexOf('.', mPrefix.length()) : key.length(); + final String firstLevels = key.substring(0, keyIdx); + if (!valueMap.contains(firstLevels)) { + valueMap.add(firstLevels); } + } + } - return valueMap; + if (valueMap.isEmpty()) { + return null; } - public boolean hasPrefix(String prefix) { - Iterator<Object> keyIterator = properties.keySet().iterator(); - while (keyIterator.hasNext()) { - String key = keyIterator.next().toString(); + return valueMap; + } - if (key.startsWith(prefix)) { - return true; - } - } - return false; - } + @Override + public boolean hasPrefix(String prefix) { + final Iterator<Object> keyIterator = properties.keySet().iterator(); + while (keyIterator.hasNext()) { + final String key = keyIterator.next().toString(); - public String getWorkingDirectory() { - return this.workDirectory.getAbsolutePath(); + if (key.startsWith(prefix)) { + return true; + } } + return false; + } + + @Override + public String getWorkingDirectory() { + return this.workDirectory.getAbsolutePath(); + } } diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/util/SignatureUtils.java b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/util/SignatureUtils.java index 6e584f32..6282d9c1 100644 --- a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/util/SignatureUtils.java +++ b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/util/SignatureUtils.java @@ -1,144 +1,138 @@ package at.gv.egiz.pdfas.lib.util; -import iaik.asn1.CodingException; -import iaik.asn1.ObjectID; -import iaik.asn1.structures.Attribute; -import iaik.cms.CMSException; -import iaik.cms.SignedData; -import iaik.cms.SignerInfo; -import iaik.smime.ess.ESSCertID; -import iaik.smime.ess.ESSCertIDv2; -import iaik.smime.ess.SigningCertificate; -import iaik.smime.ess.SigningCertificateV2; -import iaik.x509.X509Certificate; - import java.io.ByteArrayInputStream; import java.io.IOException; -import java.security.NoSuchAlgorithmException; import java.security.SignatureException; -import java.security.cert.CertificateException; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import at.gv.egiz.pdfas.common.exceptions.ErrorConstants; import at.gv.egiz.pdfas.common.exceptions.PDFASError; -import at.gv.egiz.pdfas.common.exceptions.PdfAsSignatureException; -import at.gv.egiz.pdfas.common.utils.StreamUtils; import at.gv.egiz.pdfas.lib.api.verify.VerifyResult; import at.gv.egiz.pdfas.lib.impl.verify.VerifyResultImpl; +import iaik.asn1.ObjectID; +import iaik.asn1.structures.Attribute; +import iaik.cms.CMSException; +import iaik.cms.SignedData; +import iaik.cms.SignerInfo; +import iaik.smime.ess.SigningCertificate; +import iaik.smime.ess.SigningCertificateV2; +import iaik.x509.X509Certificate; public class SignatureUtils implements ErrorConstants { - - private static final Logger logger = LoggerFactory - .getLogger(SignatureUtils.class); - - public static VerifyResult verifySignature(byte[] signature, byte[] input) - throws PDFASError { - // List<VerifyResult> results = new ArrayList<VerifyResult>(); - try { - SignedData signedData = new SignedData(new ByteArrayInputStream( - signature)); - - signedData.setContent(input); - - // get the signer infos - SignerInfo[] signerInfos = signedData.getSignerInfos(); - if (signerInfos.length == 0) { - logger.warn("Invalid signature (no signer information)"); - throw new PDFASError(ERROR_SIG_INVALID_BKU_SIG); - } - - if (signerInfos.length != 1) { - logger.warn("Invalid signature (multiple signer information)"); - throw new PDFASError(ERROR_SIG_INVALID_BKU_SIG); - } - // verify the signatures - // for (int i = 0; i < signerInfos.length; i++) { - VerifyResultImpl verifyResult = new VerifyResultImpl(); - // results.add(verifyResult); - try { - logger.debug("Signature Algo: {}, Digest {}", - signedData.getSignerInfos()[0].getSignatureAlgorithm(), - signedData.getSignerInfos()[0].getDigestAlgorithm()); - // verify the signature for SignerInfo at index i - X509Certificate signer_cert = signedData.verify(0); - - // Must include Signing Certificate! - Attribute signedCertificate = signerInfos[0] - .getSignedAttribute(ObjectID.signingCertificate); - - if (signedCertificate == null) { - signedCertificate = signerInfos[0] - .getSignedAttribute(ObjectID.signingCertificateV2); - if (signedCertificate == null) { - logger.warn("Signature ERROR missing signed Signing Certificate: "); - - throw new PDFASError(ERROR_SIG_INVALID_BKU_SIG); - } else { - // Validate signingCertificate2 - try { - SigningCertificateV2 signingCert = (SigningCertificateV2)signedCertificate.getAttributeValue(); - - if (signingCert.isSignerCertificate(signer_cert)) { - // OK - logger.debug("Found and verified SigningCertificateV2"); - } else { - logger.error("Signature ERROR certificate missmatch, misbehaving Signature Backend?"); - - throw new PDFASError(ERROR_SIG_INVALID_BKU_SIG); - } - } catch (Throwable e) { - logger.error("Signature ERROR wrong encoding for ESSCertIDv2, misbehaving Signature Backend?"); - - throw new PDFASError(ERROR_SIG_INVALID_BKU_SIG, e); - } - } - } else { - // Validate signingCertificate - try { - SigningCertificate signingCert = (SigningCertificate)signedCertificate.getAttributeValue(); - if (signingCert.isSignerCertificate(signer_cert)) { - // OK - logger.debug("Found and verified SigningCertificate"); - } else { - logger.warn("Signature ERROR certificate missmatch, misbehaving Signature Backend?"); - - throw new PDFASError(ERROR_SIG_INVALID_BKU_SIG); - } - } catch (Throwable e) { - logger.error("Signature ERROR wrong encoding for ESSCertIDv2, misbehaving Signature Backend?"); - - throw new PDFASError(ERROR_SIG_INVALID_BKU_SIG, e); - } - } - - // if the signature is OK the certificate of the - // signer is returned - logger.debug("Signature OK"); - verifyResult.setSignerCertificate(signer_cert); - - } catch (SignatureException ex) { - // if the signature is not OK a SignatureException - // is thrown - logger.warn( - "Signature ERROR from signer: " - + signedData.getCertificate( - signerInfos[0].getSignerIdentifier()) - .getSubjectDN(), ex); - - verifyResult.setSignerCertificate(signedData - .getCertificate(signerInfos[0].getSignerIdentifier())); - throw new PDFASError(ERROR_SIG_INVALID_BKU_SIG, ex); - } - - return verifyResult; - // } - } catch (CMSException e) { - throw new PDFASError(ERROR_SIG_INVALID_BKU_SIG, e); - } catch (IOException e) { - throw new PDFASError(ERROR_SIG_INVALID_BKU_SIG, e); - } - - } + private static final Logger logger = LoggerFactory.getLogger(SignatureUtils.class); + + public static VerifyResult verifySignature(byte[] signature, byte[] input) + throws PDFASError { + // List<VerifyResult> results = new ArrayList<VerifyResult>(); + try { + final SignedData signedData = new SignedData(new ByteArrayInputStream(signature)); + signedData.setContent(input); + + // get the signer infos + final SignerInfo[] signerInfos = signedData.getSignerInfos(); + if (signerInfos.length == 0) { + logger.warn("Invalid signature (no signer information)"); + throw new PDFASError(ERROR_SIG_INVALID_BKU_SIG); + + } + + if (signerInfos.length != 1) { + logger.warn("Invalid signature (multiple signer information)"); + throw new PDFASError(ERROR_SIG_INVALID_BKU_SIG); + + } + // verify the signatures + // for (int i = 0; i < signerInfos.length; i++) { + final VerifyResultImpl verifyResult = new VerifyResultImpl(); + // results.add(verifyResult); + try { + logger.debug("Signature Algo: {}, Digest {}", + signedData.getSignerInfos()[0].getSignatureAlgorithm(), + signedData.getSignerInfos()[0].getDigestAlgorithm()); + // verify the signature for SignerInfo at index i + final X509Certificate signer_cert = signedData.verify(0); + + // Must include Signing Certificate! + Attribute signedCertificate = signerInfos[0].getSignedAttribute(ObjectID.signingCertificate); + + if (signedCertificate == null) { + signedCertificate = signerInfos[0].getSignedAttribute(ObjectID.signingCertificateV2); + + if (signedCertificate == null) { + logger.warn("Signature ERROR missing signed Signing Certificate: "); + throw new PDFASError(ERROR_SIG_INVALID_BKU_SIG); + + } else { + // Validate signingCertificate2 + try { + final SigningCertificateV2 signingCert = (SigningCertificateV2) signedCertificate.getAttributeValue(); + if (signingCert.isSignerCertificate(signer_cert)) { + // OK + logger.debug("Found and verified SigningCertificateV2"); + + } else { + logger.error("Signature ERROR certificate missmatch, misbehaving Signature Backend?"); + + throw new PDFASError(ERROR_SIG_INVALID_BKU_SIG); + } + + } catch (final Throwable e) { + logger.error("Signature ERROR wrong encoding for ESSCertIDv2, misbehaving Signature Backend?"); + throw new PDFASError(ERROR_SIG_INVALID_BKU_SIG, e); + + } + } + + } else { + // Validate signingCertificate + try { + final SigningCertificate signingCert = (SigningCertificate) signedCertificate.getAttributeValue(); + if (signingCert.isSignerCertificate(signer_cert)) { + // OK + logger.debug("Found and verified SigningCertificate"); + } else { + logger.warn("Signature ERROR certificate missmatch, misbehaving Signature Backend?"); + + throw new PDFASError(ERROR_SIG_INVALID_BKU_SIG); + } + } catch (final Throwable e) { + logger.error("Signature ERROR wrong encoding for ESSCertIDv2, misbehaving Signature Backend?"); + + throw new PDFASError(ERROR_SIG_INVALID_BKU_SIG, e); + } + } + + // if the signature is OK the certificate of the + // signer is returned + logger.debug("Signature OK"); + verifyResult.setSignerCertificate(signer_cert); + + } catch (final SignatureException ex) { + // if the signature is not OK a SignatureException + // is thrown + logger.warn( + "Signature ERROR from signer: " + + signedData.getCertificate( + signerInfos[0].getSignerIdentifier()) + .getSubjectDN(), ex); + + verifyResult.setSignerCertificate(signedData + .getCertificate(signerInfos[0].getSignerIdentifier())); + throw new PDFASError(ERROR_SIG_INVALID_BKU_SIG, ex); + + } + + return verifyResult; + // } + } catch (final CMSException e) { + throw new PDFASError(ERROR_SIG_INVALID_BKU_SIG, e); + + } catch (final IOException e) { + throw new PDFASError(ERROR_SIG_INVALID_BKU_SIG, e); + + } + + } } diff --git a/pdf-as-lib/src/test/java/at/gv/egiz/pdfas/lib/test/stamping/CertificateAndRequestParameterResolverTest.java b/pdf-as-lib/src/test/java/at/gv/egiz/pdfas/lib/test/stamping/CertificateAndRequestParameterResolverTest.java index fdc8fa7e..e94d21e8 100644 --- a/pdf-as-lib/src/test/java/at/gv/egiz/pdfas/lib/test/stamping/CertificateAndRequestParameterResolverTest.java +++ b/pdf-as-lib/src/test/java/at/gv/egiz/pdfas/lib/test/stamping/CertificateAndRequestParameterResolverTest.java @@ -4,8 +4,10 @@ import static org.junit.Assert.assertEquals; import java.io.IOException; import java.security.cert.CertificateException; +import java.util.HashMap; import java.util.Map; import java.util.Vector; +import java.util.stream.Collectors; import org.junit.Before; import org.junit.Test; @@ -13,6 +15,7 @@ import org.junit.runner.RunWith; import org.junit.runners.JUnit4; import at.gv.egiz.pdfas.common.exceptions.PDFASError; +import at.gv.egiz.pdfas.common.settings.IProfileConstants; import at.gv.egiz.pdfas.common.settings.ISettings; import at.gv.egiz.pdfas.common.settings.SignatureProfileSettings; import at.gv.egiz.pdfas.lib.api.sign.SignParameter; @@ -76,18 +79,23 @@ public class CertificateAndRequestParameterResolverTest { } private ISettings buildDummySettings() { - return new ISettings() { - + Map<String, String> configMap = new HashMap<>(); + configMap.put(IProfileConstants.SIG_OBJ + "test", "test"); + + return new ISettings() { + @Override public boolean hasValue(String key) { - // TODO Auto-generated method stub - return false; + return configMap.containsKey(key); } @Override public boolean hasPrefix(String prefix) { - // TODO Auto-generated method stub - return false; + return configMap.keySet().stream() + .filter(el -> el.startsWith(prefix)) + .findFirst() + .isPresent(); + } @Override @@ -98,14 +106,16 @@ public class CertificateAndRequestParameterResolverTest { @Override public Map<String, String> getValuesPrefix(String prefix) { - // TODO Auto-generated method stub - return null; + return configMap.entrySet().stream() + .filter(el -> el.getKey().startsWith(prefix)) + .collect(Collectors.toMap(key -> key.getKey(), value -> value.getValue())); + } @Override public String getValue(String key) { - // TODO Auto-generated method stub - return null; + return configMap.get(key); + } @Override @@ -113,6 +123,16 @@ public class CertificateAndRequestParameterResolverTest { // TODO Auto-generated method stub return null; } - }; + + @Override + public boolean isValue(String key) { + return isValue(key, false); + } + + @Override + public boolean isValue(String key, boolean defaultValue) { + return hasValue(key) ? Boolean.valueOf(getValue(key)) : defaultValue; + } + }; } } |