From 0876981fd70fdab07f7c3e1666cf77071b5fe03d Mon Sep 17 00:00:00 2001
From: Andreas Fitzek <andreas.fitzek@iaik.tugraz.at>
Date: Wed, 2 Oct 2013 10:28:30 +0200
Subject: + added PKCS7 detached siganture standard via keystore + added simple
 verification implementation

---
 .../gv/egiz/pdfas/lib/impl/verify/FilterEntry.java | 28 ++++++++
 .../egiz/pdfas/lib/impl/verify/IVerifyFilter.java  | 11 ++++
 .../pdfas/lib/impl/verify/VerifierDispatcher.java  | 61 ++++++++++++++++++
 .../pdfas/lib/impl/verify/VerifyResultImpl.java    | 75 ++++++++++++++++++++++
 .../egiz/pdfas/lib/impl/verify/package-info.java   |  8 +++
 5 files changed, 183 insertions(+)
 create mode 100644 pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/verify/FilterEntry.java
 create mode 100644 pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/verify/IVerifyFilter.java
 create mode 100644 pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/verify/VerifierDispatcher.java
 create mode 100644 pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/verify/VerifyResultImpl.java
 create mode 100644 pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/verify/package-info.java

(limited to 'pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/verify')

diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/verify/FilterEntry.java b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/verify/FilterEntry.java
new file mode 100644
index 00000000..59b20c97
--- /dev/null
+++ b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/verify/FilterEntry.java
@@ -0,0 +1,28 @@
+package at.gv.egiz.pdfas.lib.impl.verify;
+
+import org.apache.pdfbox.cos.COSName;
+
+public class FilterEntry {
+	private COSName filter;
+	private COSName subFilter;
+	
+	public FilterEntry(COSName filter, COSName subfilter) {
+		this.filter = filter;
+		this.subFilter = subfilter;
+	}
+	
+	public COSName getFilter() {
+		return filter;
+	}
+	public void setFilter(COSName filter) {
+		this.filter = filter;
+	}
+	public COSName getSubFilter() {
+		return subFilter;
+	}
+	public void setSubFilter(COSName subFilter) {
+		this.subFilter = subFilter;
+	}
+	
+	
+}
diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/verify/IVerifyFilter.java b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/verify/IVerifyFilter.java
new file mode 100644
index 00000000..7aca582b
--- /dev/null
+++ b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/verify/IVerifyFilter.java
@@ -0,0 +1,11 @@
+package at.gv.egiz.pdfas.lib.impl.verify;
+
+import java.util.List;
+
+import at.gv.egiz.pdfas.common.exceptions.PdfAsException;
+import at.gv.egiz.pdfas.lib.api.verify.VerifyResult;
+
+public interface IVerifyFilter {
+	public List<VerifyResult> verify(byte[] contentData, byte[] signatureContent) throws PdfAsException;
+	public List<FilterEntry> getFiters();
+}
diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/verify/VerifierDispatcher.java b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/verify/VerifierDispatcher.java
new file mode 100644
index 00000000..0de3a71e
--- /dev/null
+++ b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/verify/VerifierDispatcher.java
@@ -0,0 +1,61 @@
+package at.gv.egiz.pdfas.lib.impl.verify;
+
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Map;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import at.gv.egiz.pdfas.common.exceptions.PdfAsException;
+import at.gv.egiz.pdfas.common.settings.ISettings;
+
+public class VerifierDispatcher {
+	
+	private static final Logger logger = LoggerFactory.getLogger(VerifierDispatcher.class);
+	
+	public static final String currentClass = "at.gv.egiz.pdfas.sigs.pkcs7detached.PKCS7DetachedVerifier";
+	
+	public Map<String, HashMap<String, IVerifyFilter>> filterMap = new HashMap<String, HashMap<String, IVerifyFilter>>();
+	
+	public VerifierDispatcher(ISettings settings) {
+		// TODO: read config build verify filter
+		try {
+			Class<? extends IVerifyFilter> cls = (Class<? extends IVerifyFilter>) Class.forName(currentClass);
+			IVerifyFilter fitler = cls.newInstance();
+			List<FilterEntry> entries = fitler.getFiters();
+			Iterator<FilterEntry> it = entries.iterator();
+			while(it.hasNext()) {
+				FilterEntry entry = it.next();
+				HashMap<String, IVerifyFilter> filters = filterMap.get(entry.getFilter().getName());
+				if(filters == null) {
+					filters = new HashMap<String, IVerifyFilter>();
+					filterMap.put(entry.getFilter().getName(), filters);
+				}
+				
+				IVerifyFilter oldFilter = filters.get(entry.getSubFilter().getName());
+				
+				if(oldFilter != null) {
+					throw new PdfAsException("Filter allready registered");
+				}
+				
+				filters.put(entry.getSubFilter().getName(), fitler);
+				logger.debug("Registered Filter: " + cls.getName() + " for " + entry.getFilter().getName() + "/" + entry.getSubFilter().getName());
+			}
+		} catch(Throwable e) {
+			e.printStackTrace();
+		}
+		
+	}
+	
+	public IVerifyFilter getVerifier(String filter, String subfilter) {
+		HashMap<String, IVerifyFilter> filters = filterMap.get(filter);
+		if(filters == null) {
+			return null;
+		}
+		
+		return filters.get(subfilter);
+	}
+}
diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/verify/VerifyResultImpl.java b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/verify/VerifyResultImpl.java
new file mode 100644
index 00000000..451c1706
--- /dev/null
+++ b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/verify/VerifyResultImpl.java
@@ -0,0 +1,75 @@
+package at.gv.egiz.pdfas.lib.impl.verify;
+
+import iaik.x509.X509Certificate;
+import at.gv.egiz.pdfas.common.exceptions.PdfAsException;
+import at.gv.egiz.pdfas.lib.api.verify.SignatureCheck;
+import at.gv.egiz.pdfas.lib.api.verify.VerifyResult;
+
+public class VerifyResultImpl implements VerifyResult {
+
+	private boolean verificationDone;
+	private boolean qualifiedCertificate;
+	private PdfAsException verificationException;
+	private SignatureCheck certificateCheck;
+	private SignatureCheck valueCheck;
+	private SignatureCheck manifestCheck;
+	
+	private X509Certificate signerCertificate;
+	
+	public boolean isVerificationDone() {
+		return verificationDone;
+	}
+	
+	public void setVerificationDone(boolean value) {
+		this.verificationDone = value;
+	}
+
+	public PdfAsException getVerificationException() {
+		return verificationException;
+	}
+	
+	public void setVerificationException(PdfAsException e) {
+		verificationException = e;
+	}
+
+	public SignatureCheck getCertificateCheck() {
+		return certificateCheck;
+	}
+
+	public void setCertificateCheck(SignatureCheck certificateCheck) {
+		this.certificateCheck=certificateCheck;
+	}
+	
+	public SignatureCheck getValueCheckCode() {
+		return valueCheck;
+	}
+	
+	public void setValueCheckCode(SignatureCheck valueCheck) {
+		this.valueCheck=valueCheck;
+	}
+
+	public SignatureCheck getManifestCheckCode() {
+		return manifestCheck;
+	}
+	
+	public void setManifestCheckCode(SignatureCheck manifestCheck) {
+		this.manifestCheck=manifestCheck;
+	}
+
+	public boolean isQualifiedCertificate() {
+		return qualifiedCertificate;
+	}
+	
+	public void setQualifiedCertificate(boolean value) {
+		this.qualifiedCertificate = value;
+	}
+
+	public X509Certificate getSignerCertificate() {
+		return signerCertificate;
+	}
+	
+	public void setSignerCertificate(X509Certificate signerCertificate) {
+		this.signerCertificate = signerCertificate;
+	}
+
+}
diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/verify/package-info.java b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/verify/package-info.java
new file mode 100644
index 00000000..393a65b4
--- /dev/null
+++ b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/verify/package-info.java
@@ -0,0 +1,8 @@
+/**
+ * 
+ */
+/**
+ * @author afitzek
+ *
+ */
+package at.gv.egiz.pdfas.lib.impl.verify;
\ No newline at end of file
-- 
cgit v1.2.3