From fed2e4a84d0d7e3ffa714e7c0685247be76715fb Mon Sep 17 00:00:00 2001 From: Andreas Fitzek Date: Fri, 31 Oct 2014 09:38:35 +0100 Subject: better integration of Process Information --- .../at/gv/egiz/pdfas/lib/impl/BKUHeaderHolder.java | 9 +++ .../java/at/gv/egiz/pdfas/lib/impl/PdfAsImpl.java | 58 +++++++++++++- .../gv/egiz/pdfas/lib/impl/SignParameterImpl.java | 13 +++- .../java/at/gv/egiz/sl/util/BKUSLConnector.java | 30 +++++--- .../egiz/sl/util/ISignatureConnectorSLWrapper.java | 88 ++++++++++++---------- .../java/at/gv/egiz/sl/util/RequestPackage.java | 9 +-- 6 files changed, 145 insertions(+), 62 deletions(-) create mode 100644 pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/BKUHeaderHolder.java (limited to 'pdf-as-lib/src') diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/BKUHeaderHolder.java b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/BKUHeaderHolder.java new file mode 100644 index 00000000..f66f0c11 --- /dev/null +++ b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/BKUHeaderHolder.java @@ -0,0 +1,9 @@ +package at.gv.egiz.pdfas.lib.impl; + +import java.util.List; + +import at.gv.egiz.sl.util.BKUHeader; + +public interface BKUHeaderHolder { + public List getProcessInfo(); +} diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/PdfAsImpl.java b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/PdfAsImpl.java index aa524cc9..8e86364b 100644 --- a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/PdfAsImpl.java +++ b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/PdfAsImpl.java @@ -61,6 +61,7 @@ import at.gv.egiz.pdfas.lib.impl.signing.PDFASSignatureExtractor; import at.gv.egiz.pdfas.lib.impl.status.OperationStatus; import at.gv.egiz.pdfas.lib.impl.status.RequestedSignature; import at.gv.egiz.pdfas.lib.util.SignatureUtils; +import at.gv.egiz.sl.util.BKUHeader; public class PdfAsImpl implements PdfAs, IConfigurationConstants, ErrorConstants { @@ -160,9 +161,34 @@ public class PdfAsImpl implements PdfAs, IConfigurationConstants, status.setRequestedSignature(requestedSignature); + try { requestedSignature.setCertificate(status.getSignParamter() .getPlainSigner().getCertificate(parameter)); - + } finally { + if (parameter instanceof BKUHeaderHolder) { + BKUHeaderHolder holder = (BKUHeaderHolder) parameter; + + Iterator bkuHeaderIt = holder.getProcessInfo() + .iterator(); + + while (bkuHeaderIt.hasNext()) { + BKUHeader header = bkuHeaderIt.next(); + if ("Server".equalsIgnoreCase(header.getName())) { + requestedSignature + .getStatus() + .getMetaInformations() + .put(ErrorConstants.STATUS_INFO_SIGDEVICEVERSION, + header.getValue()); + } else if (ErrorConstants.STATUS_INFO_SIGDEVICE.equalsIgnoreCase(header.getName())) { + requestedSignature + .getStatus() + .getMetaInformations() + .put(ErrorConstants.STATUS_INFO_SIGDEVICE, + header.getValue()); + } + } + } + } // Only use this profileID because validation was done in // RequestedSignature String signatureProfileID = requestedSignature @@ -177,11 +203,35 @@ public class PdfAsImpl implements PdfAs, IConfigurationConstants, // this.stampPdf(status); // Create signature - - signer.signPDF(status.getPdfObject(), requestedSignature, signer + try { + signer.signPDF(status.getPdfObject(), requestedSignature, signer .buildSignaturInterface(status.getSignParamter() .getPlainSigner(), parameter, requestedSignature)); - + } finally { + if (parameter instanceof BKUHeaderHolder) { + BKUHeaderHolder holder = (BKUHeaderHolder) parameter; + + Iterator bkuHeaderIt = holder.getProcessInfo() + .iterator(); + + while (bkuHeaderIt.hasNext()) { + BKUHeader header = bkuHeaderIt.next(); + if ("Server".equalsIgnoreCase(header.getName())) { + requestedSignature + .getStatus() + .getMetaInformations() + .put(ErrorConstants.STATUS_INFO_SIGDEVICEVERSION, + header.getValue()); + } else if (ErrorConstants.STATUS_INFO_SIGDEVICE.equalsIgnoreCase(header.getName())) { + requestedSignature + .getStatus() + .getMetaInformations() + .put(ErrorConstants.STATUS_INFO_SIGDEVICE, + header.getValue()); + } + } + } + } // ================================================================ // Create SignResult SignResult result = createSignResult(status); diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/SignParameterImpl.java b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/SignParameterImpl.java index 9584e1bf..d2786f53 100644 --- a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/SignParameterImpl.java +++ b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/SignParameterImpl.java @@ -24,19 +24,25 @@ package at.gv.egiz.pdfas.lib.impl; import java.io.OutputStream; +import java.util.ArrayList; +import java.util.HashMap; +import java.util.List; +import java.util.Map; import javax.activation.DataSource; import at.gv.egiz.pdfas.lib.api.Configuration; import at.gv.egiz.pdfas.lib.api.sign.IPlainSigner; import at.gv.egiz.pdfas.lib.api.sign.SignParameter; +import at.gv.egiz.sl.util.BKUHeader; -public class SignParameterImpl extends PdfAsParameterImpl implements SignParameter { +public class SignParameterImpl extends PdfAsParameterImpl implements SignParameter, BKUHeaderHolder { protected String signatureProfileId = null; protected String signaturePosition = null; protected DataSource output = null; protected IPlainSigner signer = null; protected OutputStream outputStream = null; + protected List processInfo = new ArrayList(); public SignParameterImpl(Configuration configuration, DataSource dataSource, OutputStream outputStream) { @@ -74,5 +80,8 @@ public class SignParameterImpl extends PdfAsParameterImpl implements SignParamet public OutputStream getSignatureResult() { return outputStream; } - + + public List getProcessInfo() { + return processInfo; + } } diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/sl/util/BKUSLConnector.java b/pdf-as-lib/src/main/java/at/gv/egiz/sl/util/BKUSLConnector.java index e1c7bf40..15d2fb38 100644 --- a/pdf-as-lib/src/main/java/at/gv/egiz/sl/util/BKUSLConnector.java +++ b/pdf-as-lib/src/main/java/at/gv/egiz/sl/util/BKUSLConnector.java @@ -42,6 +42,7 @@ import org.apache.http.impl.client.HttpClientBuilder; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import at.gv.egiz.pdfas.common.exceptions.ErrorConstants; import at.gv.egiz.pdfas.common.exceptions.PDFIOException; import at.gv.egiz.pdfas.common.exceptions.PdfAsException; import at.gv.egiz.pdfas.common.exceptions.PdfAsWrappedIOException; @@ -49,6 +50,7 @@ import at.gv.egiz.pdfas.common.exceptions.SLPdfAsException; import at.gv.egiz.pdfas.common.utils.PDFUtils; import at.gv.egiz.pdfas.lib.api.Configuration; import at.gv.egiz.pdfas.lib.api.sign.SignParameter; +import at.gv.egiz.pdfas.lib.impl.BKUHeaderHolder; import at.gv.egiz.sl.schema.CreateCMSSignatureResponseType; import at.gv.egiz.sl.schema.ErrorResponseType; import at.gv.egiz.sl.schema.InfoboxReadRequestType; @@ -59,6 +61,8 @@ public class BKUSLConnector extends BaseSLConnector { private static final Logger logger = LoggerFactory .getLogger(BKUSLConnector.class); + public static final String SIGNATURE_DEVICE = "BKU"; + private String bkuUrl; public BKUSLConnector(Configuration config) { @@ -102,17 +106,23 @@ public class BKUSLConnector extends BaseSLConnector { logger.debug("Response Code : " + response.getStatusLine().getStatusCode()); - if(pack != null) { - Header[] headers = response.getAllHeaders(); - - if (headers != null) { - for (int i = 0; i < headers.length; i++) { - BKUHeader hdr = new BKUHeader(headers[i].getName(), headers[i].getValue()); - logger.debug("Response Header : {}", - hdr.toString()); - pack.getHeaders().add(hdr); + if (parameter instanceof BKUHeaderHolder) { + BKUHeaderHolder holder = (BKUHeaderHolder) parameter; + Header[] headers = response.getAllHeaders(); + + if (headers != null) { + for (int i = 0; i < headers.length; i++) { + BKUHeader hdr = new BKUHeader(headers[i].getName(), + headers[i].getValue()); + logger.debug("Response Header : {}", hdr.toString()); + holder.getProcessInfo().add(hdr); + } } - } + + BKUHeader hdr = new BKUHeader(ErrorConstants.STATUS_INFO_SIGDEVICE, + SIGNATURE_DEVICE); + logger.debug("Response Header : {}", hdr.toString()); + holder.getProcessInfo().add(hdr); } BufferedReader rd = new BufferedReader(new InputStreamReader( diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/sl/util/ISignatureConnectorSLWrapper.java b/pdf-as-lib/src/main/java/at/gv/egiz/sl/util/ISignatureConnectorSLWrapper.java index 0b6b1fff..96877828 100644 --- a/pdf-as-lib/src/main/java/at/gv/egiz/sl/util/ISignatureConnectorSLWrapper.java +++ b/pdf-as-lib/src/main/java/at/gv/egiz/sl/util/ISignatureConnectorSLWrapper.java @@ -42,6 +42,7 @@ import at.gv.egiz.pdfas.common.utils.StreamUtils; import at.gv.egiz.pdfas.lib.api.IConfigurationConstants; import at.gv.egiz.pdfas.lib.api.sign.SignParameter; import at.gv.egiz.pdfas.lib.api.verify.VerifyResult; +import at.gv.egiz.pdfas.lib.impl.BKUHeaderHolder; import at.gv.egiz.pdfas.lib.impl.status.RequestedSignature; import at.gv.egiz.pdfas.lib.util.SignatureUtils; import at.gv.egiz.sl.schema.CreateCMSSignatureResponseType; @@ -53,8 +54,6 @@ public class ISignatureConnectorSLWrapper implements ISignatureConnector { public static final String SL_USE_BASE64 = ""; - public static final String SIGNATURE_DEVICE = "BKU"; - private static final Logger logger = LoggerFactory .getLogger(ISignatureConnectorSLWrapper.class); @@ -86,7 +85,7 @@ public class ISignatureConnectorSLWrapper implements ISignatureConnector { } } catch (CertificateException e) { throw new PdfAsSignatureException("error.pdf.sig.01", e); - } + } return certificate; } @@ -94,49 +93,62 @@ public class ISignatureConnectorSLWrapper implements ISignatureConnector { RequestedSignature requestedSignature) throws PdfAsException { RequestPackage pack = connector.createCMSRequest(input, byteRange, parameter); - CreateCMSSignatureResponseType response = connector.sendCMSRequest( - pack, parameter); + try { + CreateCMSSignatureResponseType response = connector.sendCMSRequest( + pack, parameter); + + VerifyResult verifyResult; + try { + verifyResult = SignatureUtils.verifySignature( + response.getCMSSignature(), input); + if (SettingsUtils.getBooleanValue(requestedSignature + .getStatus().getSettings(), + IConfigurationConstants.KEEP_INVALID_SIGNATURE, false)) { + Base64 b64 = new Base64(); + requestedSignature + .getStatus() + .getMetaInformations() + .put(ErrorConstants.STATUS_INFO_INVALIDSIG, + b64.encodeToString(response + .getCMSSignature())); + } + } catch (PDFASError e) { + throw new PdfAsErrorCarrier(e); + } - Iterator bkuHeaderIt = pack.getHeaders().iterator(); + if (!StreamUtils.dataCompare(requestedSignature.getCertificate() + .getFingerprintSHA(), ((X509Certificate) verifyResult + .getSignerCertificate()).getFingerprintSHA())) { + throw new PdfAsSignatureException("Certificates missmatch!"); + } - requestedSignature.getStatus().getMetaInformations() - .put(ErrorConstants.STATUS_INFO_SIGDEVICE, SIGNATURE_DEVICE); - while (bkuHeaderIt.hasNext()) { - BKUHeader header = bkuHeaderIt.next(); - if ("Server".equalsIgnoreCase(header.getName())) { - requestedSignature + return response.getCMSSignature(); + } finally { + if (parameter instanceof BKUHeaderHolder) { + BKUHeaderHolder holder = (BKUHeaderHolder) parameter; + + Iterator bkuHeaderIt = holder.getProcessInfo() + .iterator(); + + while (bkuHeaderIt.hasNext()) { + BKUHeader header = bkuHeaderIt.next(); + if ("Server".equalsIgnoreCase(header.getName())) { + requestedSignature + .getStatus() + .getMetaInformations() + .put(ErrorConstants.STATUS_INFO_SIGDEVICEVERSION, + header.getValue()); + } else if (ErrorConstants.STATUS_INFO_SIGDEVICE.equalsIgnoreCase(header.getName())) { + requestedSignature .getStatus() .getMetaInformations() - .put(ErrorConstants.STATUS_INFO_SIGDEVICEVERSION, + .put(ErrorConstants.STATUS_INFO_SIGDEVICE, header.getValue()); - break; - } - } - - VerifyResult verifyResult; - try { - verifyResult = SignatureUtils.verifySignature( - response.getCMSSignature(), input); - if(SettingsUtils.getBooleanValue(requestedSignature.getStatus().getSettings(), - IConfigurationConstants.KEEP_INVALID_SIGNATURE, false)) { - Base64 b64 = new Base64(); - requestedSignature - .getStatus() - .getMetaInformations() - .put(ErrorConstants.STATUS_INFO_INVALIDSIG, - b64.encodeToString(response.getCMSSignature())); + } + } } - } catch (PDFASError e) { - throw new PdfAsErrorCarrier(e); - } - - if (!StreamUtils.dataCompare(requestedSignature.getCertificate() - .getFingerprintSHA(), ((X509Certificate) verifyResult - .getSignerCertificate()).getFingerprintSHA())) { - throw new PdfAsSignatureException("Certificates missmatch!"); } - return response.getCMSSignature(); } } diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/sl/util/RequestPackage.java b/pdf-as-lib/src/main/java/at/gv/egiz/sl/util/RequestPackage.java index f08184d2..c7c778bb 100644 --- a/pdf-as-lib/src/main/java/at/gv/egiz/sl/util/RequestPackage.java +++ b/pdf-as-lib/src/main/java/at/gv/egiz/sl/util/RequestPackage.java @@ -23,17 +23,13 @@ ******************************************************************************/ package at.gv.egiz.sl.util; -import java.util.ArrayList; -import java.util.List; - import at.gv.egiz.sl.schema.CreateCMSSignatureRequestType; public class RequestPackage { private CreateCMSSignatureRequestType requestType; private byte[] signatureData; private int[] byteRange; - private List headers = new ArrayList(); - + public CreateCMSSignatureRequestType getRequestType() { return requestType; } @@ -52,7 +48,4 @@ public class RequestPackage { public void setByteRange(int[] byteRange) { this.byteRange = byteRange; } - public List getHeaders() { - return headers; - } } -- cgit v1.2.3