From 1be82e61c0acf4d7380dcee3e3fcaaa8a8386f1b Mon Sep 17 00:00:00 2001
From: Alexander Marsalek <amarsalek@iaik.tugraz.at>
Date: Wed, 14 Apr 2021 19:05:02 +0200
Subject: added sbp check

---
 .../at/gv/egiz/pdfas/lib/impl/PdfAsParameterImpl.java    | 16 ++++++++++++++--
 .../stamping/CertificateAndRequestParameterResolver.java |  1 -
 2 files changed, 14 insertions(+), 3 deletions(-)

(limited to 'pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl')

diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/PdfAsParameterImpl.java b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/PdfAsParameterImpl.java
index d6161f2c..19111342 100644
--- a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/PdfAsParameterImpl.java
+++ b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/PdfAsParameterImpl.java
@@ -23,11 +23,15 @@
  ******************************************************************************/
 package at.gv.egiz.pdfas.lib.impl;
 
+import java.util.Collections;
 import java.util.Map;
 
 import javax.activation.DataSource;
 
+import at.gv.egiz.pdfas.common.exceptions.PdfAsException;
+import at.gv.egiz.pdfas.common.utils.CheckSignatureBlockParameters;
 import at.gv.egiz.pdfas.lib.api.Configuration;
+import at.gv.egiz.pdfas.lib.api.IConfigurationConstants;
 import at.gv.egiz.pdfas.lib.api.PdfAsParameter;
 
 public class PdfAsParameterImpl implements PdfAsParameter {
@@ -79,8 +83,16 @@ protected Configuration configuration;
 	}
 
 	@Override
-	public void setDynamicSignatureBlockArguments(Map<String, String> map) {
-		this.dynamicSignatureBlockArgumentsMap = map;
+	public void setDynamicSignatureBlockArguments(Map<String, String> map) throws PdfAsException {
+		Map<String, String> tmpMap = Collections.unmodifiableMap(map);
+		String keyRegex = configuration.getValue(IConfigurationConstants.SIG_BLOCK_PARAMETER_KEY_REGEX);
+		String valueRegex = configuration.getValue(IConfigurationConstants.SIG_BLOCK_PARAMETER_VALUE_REGEX);
+		if( CheckSignatureBlockParameters.checkSignatureBlockParameterMapIsValid(tmpMap, keyRegex, valueRegex) == true) {
+			this.dynamicSignatureBlockArgumentsMap = tmpMap;
+		}else{
+			throw new PdfAsException("Invalid signature block parameters");
+		}
+
 	}
 
 	@Override
diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/stamping/CertificateAndRequestParameterResolver.java b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/stamping/CertificateAndRequestParameterResolver.java
index ab2e5729..024f377f 100644
--- a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/stamping/CertificateAndRequestParameterResolver.java
+++ b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/stamping/CertificateAndRequestParameterResolver.java
@@ -63,7 +63,6 @@ public class CertificateAndRequestParameterResolver implements IResolver {
 
         this.ctx = new OgnlContext(null, null, memberAccess);
         this.ctx.put(IProfileConstants.SIGNATURE_BLOCK_PARAMETER, operationStatus.getSignParamter().getDynamicSignatureBlockArguments());
-//        this.ctx.put(IProfileConstants.DYNAMIC_REQUEST_PARAMETERS, operationStatus.getRequestParameters());
 
         this.ctx.put("sn", this.certificate.getSerialNumber().toString());
         
-- 
cgit v1.2.3