From 8ed8e4e931c1cb3d3c814a53a07f73b566c3b719 Mon Sep 17 00:00:00 2001 From: Alexander Marsalek Date: Fri, 2 Jul 2021 14:06:44 +0200 Subject: v4.2.0 --- .../java/at/gv/egiz/pdfas/lib/impl/PdfAsImpl.java | 6 +- .../gv/egiz/pdfas/lib/impl/PdfAsParameterImpl.java | 27 +++++- .../lib/impl/placeholder/PlaceholderExtractor.java | 4 + .../lib/impl/placeholder/PlaceholderFilter.java | 63 ++++++++++++++ .../CertificateAndRequestParameterResolver.java | 99 ++++++++++++++++++++++ .../lib/impl/stamping/CertificateResolver.java | 17 +++- .../impl/stamping/RequestParameterResolver.java | 38 +++++++++ .../egiz/pdfas/lib/impl/stamping/TableFactory.java | 14 +-- .../pdfas/lib/impl/stamping/ValueResolver.java | 25 ++++-- .../pdfas/lib/impl/status/OperationStatus.java | 6 ++ .../gv/egiz/pdfas/lib/impl/status/PDFObject.java | 6 ++ 11 files changed, 288 insertions(+), 17 deletions(-) create mode 100644 pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/stamping/CertificateAndRequestParameterResolver.java create mode 100644 pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/stamping/RequestParameterResolver.java (limited to 'pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl') diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/PdfAsImpl.java b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/PdfAsImpl.java index 324712cb..bca1ff2b 100644 --- a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/PdfAsImpl.java +++ b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/PdfAsImpl.java @@ -23,6 +23,7 @@ ******************************************************************************/ package at.gv.egiz.pdfas.lib.impl; +import at.gv.egiz.pdfas.lib.impl.status.PDFObject; import iaik.x509.X509Certificate; import java.awt.Image; @@ -144,7 +145,10 @@ public class PdfAsImpl implements PdfAs, IConfigurationConstants, IPdfSigner signer = backend.getPdfSigner(); - status.setPdfObject(signer.buildPDFObject(status)); + + PDFObject pdfObject = signer.buildPDFObject(status); + + status.setPdfObject(pdfObject); // set Original PDF Document Data status.getPdfObject() diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/PdfAsParameterImpl.java b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/PdfAsParameterImpl.java index fb737c13..1929f95e 100644 --- a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/PdfAsParameterImpl.java +++ b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/PdfAsParameterImpl.java @@ -23,11 +23,16 @@ ******************************************************************************/ package at.gv.egiz.pdfas.lib.impl; +import java.util.Collections; +import java.util.HashMap; import java.util.Map; import javax.activation.DataSource; +import at.gv.egiz.pdfas.common.exceptions.PdfAsException; +import at.gv.egiz.pdfas.common.utils.CheckSignatureBlockParameters; import at.gv.egiz.pdfas.lib.api.Configuration; +import at.gv.egiz.pdfas.lib.api.IConfigurationConstants; import at.gv.egiz.pdfas.lib.api.PdfAsParameter; public class PdfAsParameterImpl implements PdfAsParameter { @@ -36,7 +41,7 @@ protected Configuration configuration; protected DataSource dataSource; protected String transactionId; protected Map preProcessorProps; - + protected Map dynamicSignatureBlockArgumentsMap; public PdfAsParameterImpl(Configuration configuration, DataSource dataSource) { this.configuration = configuration; @@ -77,4 +82,24 @@ protected Configuration configuration; public void setPreprocessorArguments(Map map) { this.preProcessorProps = map; } + + @Override + public void setDynamicSignatureBlockArguments(Map map) throws PdfAsException { + if(map == null) + map = new HashMap(); + Map tmpMap = Collections.unmodifiableMap(map); + String keyRegex = configuration.getValue(IConfigurationConstants.SIG_BLOCK_PARAMETER_KEY_REGEX); + String valueRegex = configuration.getValue(IConfigurationConstants.SIG_BLOCK_PARAMETER_VALUE_REGEX); + if( CheckSignatureBlockParameters.checkSignatureBlockParameterMapIsValid(tmpMap, keyRegex, valueRegex) == true) { + this.dynamicSignatureBlockArgumentsMap = tmpMap; + }else{ + throw new PdfAsException("error.invalid.signature.parameter.01"); + } + + } + + @Override + public Map getDynamicSignatureBlockArguments() { + return this.dynamicSignatureBlockArgumentsMap; + } } diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/placeholder/PlaceholderExtractor.java b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/placeholder/PlaceholderExtractor.java index 4c352b90..0a55b834 100644 --- a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/placeholder/PlaceholderExtractor.java +++ b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/placeholder/PlaceholderExtractor.java @@ -3,6 +3,10 @@ package at.gv.egiz.pdfas.lib.impl.placeholder; import at.gv.egiz.pdfas.common.exceptions.PdfAsException; import at.gv.egiz.pdfas.lib.impl.status.PDFObject; +import java.util.List; + public interface PlaceholderExtractor { SignaturePlaceholderData extract(PDFObject doc, String placeholderId, int matchMode) throws PdfAsException; + + List extractList(PDFObject pdfObject, String placeholderID, int placeholderMode) throws PdfAsException; } diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/placeholder/PlaceholderFilter.java b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/placeholder/PlaceholderFilter.java index 500b9e24..99c09295 100644 --- a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/placeholder/PlaceholderFilter.java +++ b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/placeholder/PlaceholderFilter.java @@ -24,6 +24,7 @@ package at.gv.egiz.pdfas.lib.impl.placeholder; import java.io.IOException; +import java.util.List; import at.gv.egiz.pdfas.common.exceptions.PDFASError; import at.gv.egiz.pdfas.common.exceptions.PdfAsErrorCarrier; @@ -102,4 +103,66 @@ public class PlaceholderFilter implements IConfigurationConstants, return null; } + public static List checkPlaceholderSignatureLocationList(OperationStatus status, ISettings settings, String signatureLocation) throws PdfAsException, + IOException { + String placeholderID; + + if (status.getPlaceholderConfiguration().isGlobalPlaceholderEnabled()) { + PlaceholderExtractor extractor = status.getBackend().getPlaceholderExtractor(); + + if(StringUtils.isNotEmpty(signatureLocation)) { + placeholderID = signatureLocation; + } else { + placeholderID = PlaceholderWebConfiguration.getValue(PLACEHOLDER_WEB_ID); + if(StringUtils.isEmpty(placeholderID)) { + placeholderID = settings.getValue(PLACEHOLDER_ID); + } + } + + String placeholderModeString = settings.getValue(PLACEHOLDER_MODE); + int placeholderMode = PLACEHOLDER_MATCH_MODE_MODERATE; + if (StringUtils.isNotEmpty(placeholderModeString)) { + try { + placeholderMode = Integer.parseInt(placeholderModeString); + if (placeholderMode < PLACEHOLDER_MODE_MIN + || placeholderMode > PLACEHOLDER_MODE_MAX) { + throw new PdfAsErrorCarrier(new PDFASError( + PDFASError.ERROR_INVALID_PLACEHOLDER_MODE)); + } + } catch (NumberFormatException e) { + throw new PdfAsErrorCarrier(new PDFASError( + PDFASError.ERROR_INVALID_PLACEHOLDER_MODE, e)); + } + } + return extractor.extractList(status.getPdfObject(), placeholderID, + placeholderMode); + + } else if (status.getPlaceholderConfiguration().isProfileConfigurationEnabled(status.getRequestedSignature().getSignatureProfileID())) { + //filter for local placeholder in selected profiles + PlaceholderExtractor extractor = status.getBackend().getPlaceholderExtractor(); + int placeholderMode = PLACEHOLDER_MATCH_MODE_SORTED; + + placeholderID = status.getPlaceholderConfiguration().getProfilePlaceholderID(status.getRequestedSignature().getSignatureProfileID()); + if(StringUtils.isNotEmpty(placeholderID)) { + placeholderMode = PLACEHOLDER_MATCH_MODE_MODERATE; + } + String placeholderModeString = settings.getValue(PLACEHOLDER_MODE); + if (StringUtils.isNotEmpty(placeholderModeString)) { + try { + placeholderMode = Integer.parseInt(placeholderModeString); + if (placeholderMode < PLACEHOLDER_MODE_MIN + || placeholderMode > PLACEHOLDER_MODE_MAX) { + throw new PdfAsErrorCarrier(new PDFASError( + PDFASError.ERROR_INVALID_PLACEHOLDER_MODE)); + } + } catch (NumberFormatException e) { + throw new PdfAsErrorCarrier(new PDFASError( + PDFASError.ERROR_INVALID_PLACEHOLDER_MODE, e)); + } + } + return extractor.extractList(status.getPdfObject(), placeholderID, + placeholderMode); + } + return null; + } } \ No newline at end of file diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/stamping/CertificateAndRequestParameterResolver.java b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/stamping/CertificateAndRequestParameterResolver.java new file mode 100644 index 00000000..c53a9a4f --- /dev/null +++ b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/stamping/CertificateAndRequestParameterResolver.java @@ -0,0 +1,99 @@ +/******************************************************************************* + * Copyright 2014 by E-Government Innovation Center EGIZ, Graz, Austria + * PDF-AS has been contracted by the E-Government Innovation Center EGIZ, a + * joint initiative of the Federal Chancellery Austria and Graz University of + * Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + ******************************************************************************/ +package at.gv.egiz.pdfas.lib.impl.stamping; + +import at.gv.egiz.pdfas.common.settings.IProfileConstants; +import at.gv.egiz.pdfas.common.settings.SignatureProfileSettings; +import at.gv.egiz.pdfas.common.utils.DNUtils; +import at.gv.egiz.pdfas.common.utils.OgnlUtils; +import at.gv.egiz.pdfas.lib.impl.status.OperationStatus; +import iaik.x509.X509Certificate; +import ognl.AbstractMemberAccess; +import ognl.MemberAccess; +import ognl.OgnlContext; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import javax.naming.InvalidNameException; +import java.lang.reflect.Member; +import java.lang.reflect.Modifier; +import java.util.HashMap; +import java.util.Map; + +public class CertificateAndRequestParameterResolver implements IResolver { + + private static final Logger logger = LoggerFactory.getLogger(CertificateAndRequestParameterResolver.class); + + private OgnlContext ctx; + private X509Certificate certificate; + + public CertificateAndRequestParameterResolver(X509Certificate certificate, OperationStatus operationStatus) { + this.certificate = certificate; + + MemberAccess memberAccess = new AbstractMemberAccess() { + @Override + public boolean isAccessible(Map context, Object target, Member member, String propertyName) { + int modifiers = member.getModifiers(); + return Modifier.isPublic(modifiers); + } + }; + + this.ctx = new OgnlContext(null, null, memberAccess); + + this.ctx = new OgnlContext(null, null, memberAccess); + Map map = operationStatus.getSignParamter().getDynamicSignatureBlockArguments(); + if(map == null) + map = new HashMap<>(); + this.ctx.put(IProfileConstants.SIGNATURE_BLOCK_PARAMETER, map); + + this.ctx.put("sn", this.certificate.getSerialNumber().toString()); + + try { + Map issuerDNMap = DNUtils.dnToMap(certificate.getIssuerDN().getName()); + this.ctx.put("issuer", issuerDNMap); + } catch (InvalidNameException e) { + logger.warn("Failed to build issuer Map", e); + } + + try { + Map subjectDNMap = DNUtils.dnToMap(certificate.getSubjectDN().getName()); + this.ctx.put("subject", subjectDNMap); + } catch (InvalidNameException e) { + logger.warn("Failed to build subject Map", e); + } + + Map iuiMap = new HashMap(); + try { + iuiMap.put("pdfVersion", operationStatus.getPdfObject().getPDFVersion()); + } catch(Throwable e) { + logger.warn("Cannot determine pdfVersion: " + e.getMessage()); + } + this.ctx.put("iui", iuiMap); + } + + public String resolve(String key, String value, SignatureProfileSettings settings) { + return OgnlUtils.resolvsOgnlExpression(value, this.ctx); + } + +} diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/stamping/CertificateResolver.java b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/stamping/CertificateResolver.java index edb87eb2..d7d83b34 100644 --- a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/stamping/CertificateResolver.java +++ b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/stamping/CertificateResolver.java @@ -28,11 +28,17 @@ import at.gv.egiz.pdfas.common.utils.DNUtils; import at.gv.egiz.pdfas.common.utils.OgnlUtils; import at.gv.egiz.pdfas.lib.impl.status.OperationStatus; import iaik.x509.X509Certificate; +import ognl.AbstractMemberAccess; +import ognl.MemberAccess; +import ognl.Ognl; import ognl.OgnlContext; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import javax.naming.InvalidNameException; + +import java.lang.reflect.Member; +import java.lang.reflect.Modifier; import java.util.HashMap; import java.util.Map; @@ -45,7 +51,16 @@ public class CertificateResolver implements IResolver { public CertificateResolver(X509Certificate certificate, OperationStatus operationStatus) { this.certificate = certificate; - this.ctx = new OgnlContext(); + + MemberAccess memberAccess = new AbstractMemberAccess() { + @Override + public boolean isAccessible(Map context, Object target, Member member, String propertyName) { + int modifiers = member.getModifiers(); + return Modifier.isPublic(modifiers); + } + }; + + this.ctx = new OgnlContext(null, null, memberAccess); this.ctx.put("sn", this.certificate.getSerialNumber().toString()); diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/stamping/RequestParameterResolver.java b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/stamping/RequestParameterResolver.java new file mode 100644 index 00000000..a4e88682 --- /dev/null +++ b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/stamping/RequestParameterResolver.java @@ -0,0 +1,38 @@ +package at.gv.egiz.pdfas.lib.impl.stamping; + +import java.lang.reflect.Member; +import java.lang.reflect.Modifier; +import java.util.Map; + +import at.gv.egiz.pdfas.common.settings.IProfileConstants; +import at.gv.egiz.pdfas.common.settings.SignatureProfileSettings; +import at.gv.egiz.pdfas.common.utils.OgnlUtils; +import ognl.AbstractMemberAccess; +import ognl.MemberAccess; +import ognl.OgnlContext; + + +public class RequestParameterResolver implements IResolver { + + private OgnlContext ctx; + + public RequestParameterResolver(Map requestParameters) { + + MemberAccess memberAccess = new AbstractMemberAccess() { + @Override + public boolean isAccessible(Map context, Object target, Member member, String propertyName) { + int modifiers = member.getModifiers(); + return Modifier.isPublic(modifiers); + } + }; + + this.ctx = new OgnlContext(null, null, memberAccess); + this.ctx.put(IProfileConstants.SIGNATURE_BLOCK_PARAMETER, requestParameters); + } + + @Override + public String resolve(String key, String value, SignatureProfileSettings settings) { + return OgnlUtils.resolvsOgnlExpression(value, this.ctx); + } + +} diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/stamping/TableFactory.java b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/stamping/TableFactory.java index 01a3a298..2908cfcd 100644 --- a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/stamping/TableFactory.java +++ b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/stamping/TableFactory.java @@ -221,19 +221,23 @@ public class TableFactory implements IProfileConstants { row.add(entry); } } - if ((TYPE_VALUE + TYPE_CAPTION).equals(type) || (TYPE_CAPTION + TYPE_VALUE).equals(type)) + + if ((TYPE_VALUE + TYPE_CAPTION).equals(type) || (TYPE_CAPTION + TYPE_VALUE).equals(type) || "req".equals(type)) { // add a caption value pair String caption = profile.getCaption(key); String value = profile.getValue(key); //String caption = getSigCaption(key); //String value = getSigValue(key); - if (value != null) - { + + ValueResolver resolver = new ValueResolver(certProvider, operationStatus); + + if (value != null) { Entry c_entry = new Entry(Entry.TYPE_CAPTION, caption, key); c_entry.setNoWrap(true); // dferbas fix bug #331 c_entry.setStyle(defaultCaptionStyle_); - ValueResolver resolver = new ValueResolver(certProvider, operationStatus); + + Entry v_entry = new Entry(Entry.TYPE_VALUE, resolver.resolve(key, value, profile), key); v_entry.setStyle(defaultValueStyle_); @@ -248,8 +252,6 @@ public class TableFactory implements IProfileConstants { c_entry.setNoWrap(true); // dferbas fix bug #331 c_entry.setStyle(defaultCaptionStyle_); - ValueResolver resolver = new ValueResolver(certProvider, operationStatus); - Entry v_entry = new Entry(Entry.TYPE_VALUE, resolver.resolve(key, value, profile), key); v_entry.setStyle(defaultValueStyle_); diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/stamping/ValueResolver.java b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/stamping/ValueResolver.java index f7210036..f71b639a 100644 --- a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/stamping/ValueResolver.java +++ b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/stamping/ValueResolver.java @@ -27,12 +27,17 @@ import at.gv.egiz.pdfas.common.settings.IProfileConstants; import at.gv.egiz.pdfas.common.settings.SignatureProfileSettings; import at.gv.egiz.pdfas.lib.impl.status.ICertificateProvider; import at.gv.egiz.pdfas.lib.impl.status.OperationStatus; + +import at.gv.egiz.pdfas.lib.impl.status.RequestedSignature; +import org.apache.commons.lang3.RandomStringUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import java.nio.charset.Charset; import java.text.SimpleDateFormat; import java.util.Calendar; +import java.util.HashMap; +import java.util.Map; import java.util.TimeZone; import java.util.regex.Matcher; import java.util.regex.Pattern; @@ -56,13 +61,12 @@ public class ValueResolver implements IProfileConstants, IResolver { private static final Charset UTF_8 = Charset.forName("UTF-8"); - private CertificateResolver certificateResolver; - + private IResolver internalResolver; public ValueResolver(ICertificateProvider certProvider, OperationStatus operationStatus) { - certificateResolver = new CertificateResolver( - certProvider.getCertificate(), operationStatus); + internalResolver = new CertificateAndRequestParameterResolver(certProvider.getCertificate(), + operationStatus); } - + public String resolve(String key, String value, SignatureProfileSettings settings) { @@ -102,11 +106,16 @@ public class ValueResolver implements IProfileConstants, IResolver { do { int idx = matcher.start(0); int idxe = matcher.end(0); - result += value.substring(curidx, idx); + String tmp1 = value.substring(curidx, idx); + result += tmp1; curidx = idxe; - result += certificateResolver.resolve(key, - matcher.group(1), settings); + String tmpValue = matcher.group(1); + String tmp2 = internalResolver.resolve(key, tmpValue, settings); + result += tmp2; } while (matcher.find()); + if(value.length() > curidx){ + result += value.substring(curidx); + } } else { result = value; } diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/status/OperationStatus.java b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/status/OperationStatus.java index ecdddfa1..898b7a00 100644 --- a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/status/OperationStatus.java +++ b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/status/OperationStatus.java @@ -56,6 +56,8 @@ public class OperationStatus implements Serializable { private PDFASBackend backend; private Map metaInformations = new HashMap(); +// private HashMap requestParameters = new HashMap(); + public OperationStatus(ISettings configuration, SignParameter signParameter, PDFASBackend backend) { this.configuration = configuration; this.signParamter = signParameter; @@ -174,4 +176,8 @@ public class OperationStatus implements Serializable { public Map getMetaInformations() { return metaInformations; } + +// public HashMap getRequestParameters() { +// return requestParameters; +// } } diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/status/PDFObject.java b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/status/PDFObject.java index de88f610..6ba7251c 100644 --- a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/status/PDFObject.java +++ b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/status/PDFObject.java @@ -24,6 +24,8 @@ package at.gv.egiz.pdfas.lib.impl.status; import java.io.IOException; +import java.util.HashMap; +import java.util.Map; import javax.activation.DataSource; @@ -69,4 +71,8 @@ public abstract class PDFObject { } public abstract String getPDFVersion(); + + public Map getRequestParameters() { + return status.getSignParamter().getDynamicSignatureBlockArguments(); + } } -- cgit v1.2.3