From 89f53d196e10a1874cd61e3ee42f57dfd77eb856 Mon Sep 17 00:00:00 2001 From: emusic Date: Thu, 18 Jan 2018 17:36:08 +0100 Subject: protecting pdf file # Conflicts: # pdf-as-pdfbox-2/src/main/java/at/gv/egiz/pdfas/lib/impl/signing/pdfbox2/PADESPDFBOXSigner.java --- pdf-as-lib/build.gradle | 3 +++ pdf-as-lib/libs/bcprov-jdk15on-159.jar | Bin 0 -> 4092400 bytes .../src/configuration/cfg/advancedconfig.properties | 6 ++++-- pdf-as-lib/src/configuration/cfg/config.properties | 3 +++ .../egiz/pdfas/lib/api/IConfigurationConstants.java | 12 +++++++++--- .../java/at/gv/egiz/pdfas/lib/api/PdfAsFactory.java | 8 ++++++++ .../lib/impl/configuration/GlobalConfiguration.java | 18 +++++++++++++++++- 7 files changed, 44 insertions(+), 6 deletions(-) create mode 100644 pdf-as-lib/libs/bcprov-jdk15on-159.jar (limited to 'pdf-as-lib') diff --git a/pdf-as-lib/build.gradle b/pdf-as-lib/build.gradle index d2345648..d6e813ac 100644 --- a/pdf-as-lib/build.gradle +++ b/pdf-as-lib/build.gradle @@ -58,6 +58,9 @@ dependencies { compile group: 'org.apache.commons', name: 'commons-lang3', version: '3.3.2' compile group: 'org.apache.httpcomponents', name: 'httpmime', version: '4.3.5' compile group: 'org.apache.httpcomponents', name: 'httpclient', version: '4.3.5' + + compile group: 'org.bouncycastle', name: 'bcprov-jdk15on', version: '1.59' + compile group: 'commons-io', name: 'commons-io', version: '2.4' compile 'org.apache.commons:commons-collections4:4.0' compile group: 'ognl', name: 'ognl', version: '3.0.8' diff --git a/pdf-as-lib/libs/bcprov-jdk15on-159.jar b/pdf-as-lib/libs/bcprov-jdk15on-159.jar new file mode 100644 index 00000000..9049e565 Binary files /dev/null and b/pdf-as-lib/libs/bcprov-jdk15on-159.jar differ diff --git a/pdf-as-lib/src/configuration/cfg/advancedconfig.properties b/pdf-as-lib/src/configuration/cfg/advancedconfig.properties index 5fd8b5cb..726deba8 100644 --- a/pdf-as-lib/src/configuration/cfg/advancedconfig.properties +++ b/pdf-as-lib/src/configuration/cfg/advancedconfig.properties @@ -87,12 +87,10 @@ #default.adobeSignReasonValue=Informationen zur Pr\u00FCfung finden Sie unter http://www.signaturpruefung.gv.at - # Standard Prueflink fuer die Adobe Signaturkennzeichnung (nur relevant falls Adobe Plugin fuer Pruefung verwendet wird) #default.verifyURL=http://www.signaturpruefung.gv.at - # Standard Alternativer Text fuer den Signaturblock (WAI) (globale Einstellung) #default.sigLogoAltText=Abgebildet ist eine Standard-Signaturbildmarke. @@ -108,3 +106,7 @@ default.verifier.01=at.gv.egiz.pdfas.sigs.pades.PAdESVerifier #sigblock.placement.debug.file=/home/user/temp/debugImg.png #runtime.backend=PDFBOX_2_BACKEND +################## +# Protect PDF files from copying and extractiong content +# Set values to be true|false|unchanged + diff --git a/pdf-as-lib/src/configuration/cfg/config.properties b/pdf-as-lib/src/configuration/cfg/config.properties index f9eaeb98..fe2385a8 100644 --- a/pdf-as-lib/src/configuration/cfg/config.properties +++ b/pdf-as-lib/src/configuration/cfg/config.properties @@ -102,3 +102,6 @@ include.01 = profiles/*.properties # Legt das Standard-Signaturprofil fest sig_obj.type.default=SIGNATURBLOCK_SMALL_DE_NOTE +################## +# Protect PDF files from copying and extractiong content +# Set values to be true|false|unchanged diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/api/IConfigurationConstants.java b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/api/IConfigurationConstants.java index f8f71f2f..713948ba 100644 --- a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/api/IConfigurationConstants.java +++ b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/api/IConfigurationConstants.java @@ -108,12 +108,18 @@ public interface IConfigurationConstants { public static final String BG_COLOR_DETECTION = "sigblock.placement.bgcolor.detection.enabled"; public static final String SIG_PLACEMENT_DEBUG_OUTPUT = "sigblock.placement.debug.file"; - - - /** * PADES Constants */ public static final String SIG_PADES_FORCE_FLAG= SIG_OBJECT + SEPERATOR+"PAdESCompatibility"; public static final String SIG_PADES_INTELL_FLAG = SIG_OBJECT + SEPERATOR+"CheckPAdESCompatibility"; + + + /** + * Protect PDF file from copying content and extracting + */ + + public static final String DEFAULT_CONFIG_PROTECT_COPY_PDF = DEFAULT_CONFIG_PROTECT_PDF + SEPERATOR + "accessCopy"; + public static final String DEFAULT_CONFIG_PROTECT_EXTRACT_PDF = DEFAULT_CONFIG_PROTECT_PDF + SEPERATOR + "canModify"; + } diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/api/PdfAsFactory.java b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/api/PdfAsFactory.java index 72d182ed..c3c2b6fd 100644 --- a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/api/PdfAsFactory.java +++ b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/api/PdfAsFactory.java @@ -61,6 +61,11 @@ import at.gv.egiz.pdfas.lib.impl.SignParameterImpl; import at.gv.egiz.pdfas.lib.impl.VerifyParameterImpl; import at.gv.egiz.pdfas.lib.impl.configuration.ConfigValidatorLoader; + +import org.bouncycastle.jce.provider.BouncyCastleProvider; + +import org.bouncycastle.jce.provider.BouncyCastleProvider; + public class PdfAsFactory implements IConfigurationConstants { private static final Logger logger = LoggerFactory @@ -118,6 +123,9 @@ public class PdfAsFactory implements IConfigurationConstants { // TODO: register ECCelerate in second position when TLS issue is // fixed registerProvider(new ECCelerate(), -1); + + registerProvider( new BouncyCastleProvider(), -2); + } else { logger.info("Skipping Security Provider registration!"); } diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/configuration/GlobalConfiguration.java b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/configuration/GlobalConfiguration.java index d04f6878..a40c336d 100644 --- a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/configuration/GlobalConfiguration.java +++ b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/configuration/GlobalConfiguration.java @@ -21,6 +21,7 @@ * The "NOTICE" text file is part of the distribution. Any derivative works * that you distribute must include a readable copy of the "NOTICE" text file. ******************************************************************************/ + package at.gv.egiz.pdfas.lib.impl.configuration; import at.gv.egiz.pdfas.common.settings.ISettings; @@ -46,5 +47,20 @@ public class GlobalConfiguration extends SpecificBaseConfiguration } return null; } - + + public String getDefaultCopyProtection() { + if(this.configuration.hasValue(DEFAULT_CONFIG_PROTECT_COPY_PDF)) { + return this.configuration.getValue(DEFAULT_CONFIG_PROTECT_COPY_PDF); + } + return null; + } + + public String getDefaultExtractProtection() { + if(this.configuration.hasValue(DEFAULT_CONFIG_PROTECT_EXTRACT_PDF)) { + return this.configuration.getValue(DEFAULT_CONFIG_PROTECT_EXTRACT_PDF); + } + return null; + } + + } -- cgit v1.2.3